Microsoft » Windows 98se : Security Vulnerabilities, CVEs, Published In 2001
The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke.
Max CVSS
5.0
EPSS Score
3.87%
Published
2001-07-30
Updated
2017-10-10
Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system.
Max CVSS
5.0
EPSS Score
97.23%
Published
2001-12-20
Updated
2018-10-12
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
Max CVSS
7.5
EPSS Score
96.84%
Published
2001-12-20
Updated
2018-10-12
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request.
Max CVSS
5.0
EPSS Score
3.29%
Published
2001-12-06
Updated
2018-10-12
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.
Max CVSS
7.5
EPSS Score
1.30%
Published
2001-07-02
Updated
2018-10-12
Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE.
Max CVSS
5.0
EPSS Score
1.21%
Published
2001-01-09
Updated
2018-10-12
6 vulnerabilities found