CVE-1999-0994
SYSKEY in Windows NT pre-December 1999 had a flaw that reuses part of an RC4 keystream to encrypt the SAM database. This enables dictionary attacks against SAM passwords if an attacker obtains a copy of the SAM database. Microsoft addressed this in December 1999 (MS99-056). The CERT advisory reit...