Lucene search

[email protected]CVE-1999-0909

HistoryJan 04, 2000 - 5:00 a.m.

CVE-1999-0909

2000-01-0405:00:00

CWE-264

[email protected]

web.nvd.nist.gov

windows system

ip source routing

multihomed windows

spoofed route pointer

vulnerability.

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.3%

JSON

Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the “Spoofed Route Pointer” vulnerability.

Affected configurations

NVD

Node

microsoftterminal_server

Node

microsoftwindows_95Match0a

microsoftwindows_95Match0b

microsoftwindows_98se

microsoftwindows_ntMatch4.0

microsoftwindows_ntMatch4.0sp1

microsoftwindows_ntMatch4.0sp2

microsoftwindows_ntMatch4.0sp3

microsoftwindows_ntMatch4.0sp4

microsoftwindows_ntMatch4.0sp5

CPENameOperatorVersion
microsoft:terminal_servermicrosoft terminal servereq*

CPE	Name	Operator	Version
microsoft:terminal_server	microsoft terminal server	eq	*

References

support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ238453

www.securityfocus.com/bid/646

docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-038

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.3%

JSON

Related for CVE-1999-0909

cvelist1 nvd1