46 matches found
CVE-1999-0519
CVE-1999-0519 describes a Windows SMB/NETBIOS issue where a share password is default, null, or missing, enabling NULL session authentication bypass. Public sources (NVD, Red Hat, SUSE, OpenVAS/Nessus entries) consistently describe an authentication bypass risk tied to SMB/NETBIOS NULL sessions. ...
CVE-1999-0016
CVE-1999-0016 describes a land IP denial-of-service condition: a TCP packet with SYN set and identical source/destination addresses and ports can exhaust the target’s CPU. Connected records confirm the same issue reappears in later advisories (e.g., CVE-2005-0688) and is observed in Windows XP SP...
CVE-1999-1593
The connected documents confirm CVE-1999-1593 affects the Windows Internet Naming Service (WINS) and enables remote attackers to cause denial of service or credential theft by a crafted 1Ch registration that redirects the domain controller to a malicious server. The impact is described as complet...
CVE-1999-0590
Technical details are not publicly available in the provided documents for CVE-1999-0590; no affected products, versions, impact, or remediation are specified. Monitor for updates from the connected sources.
CVE-2002-0053
Technical details about CVE-2002-0053 are not publicly available in the provided connected documents. Monitor for updates.
CVE-1999-0256
CVE-1999-0256 describes a stack-based buffer overflow in War FTP Daemon (War-FTPD) 1.65 (and potentially earlier) that affects the PASS command, allowing remote code execution or denial of service. Public materials in connected sources show confirmatory details: exploits/modules (e.g., Metasploit...
CVE-1999-0015
CVE-1999-0015 is a Teardrop IP fragmentation denial-of-service vulnerability. The connected sources describe a flaw in IP fragment reassembly that can crash or disrupt a remote server, enabling a DoS condition without authentication. The nessus entry explicitly notes the attack payload (“teardrop...
CVE-2002-1257
The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...
CVE-2000-1039
CVE-2000-1039 (Naptha) describes DoS in various TCP/IP stacks and network apps where remote attackers flood a target with TCP connection attempts and complete the TCP handshake without maintaining state, exhausting resources and causing partial availability impact. Connected documents confirm the...
CVE-1999-0918
CVE-1999-0918 affects various Windows systems and is described as a denial of service caused by malformed, fragmented IGMP packets. The connected documents consistently state that sending malformed IGMP fragments can crash the remote host, resulting in an availability impact. The root cause is de...
CVE-2002-1325
CVE-2002-1325 affects Microsoft Virtual Machine (VM) versions up to build 5.0.3805. A Java applet that accesses the user.dir system property can disclose the local user’s username to a remote attacker, via a crafted page or email. CERT notes the vulnerability could leak the user’s system path and...
CVE-2000-0305
CVE-2000-0305 describes a remote DoS in Windows 95/98/2000/NT4/Terminal Server caused by sending large numbers of identical fragmented IP packets (the jolt2/IP Fragment Reassembly issue). The vulnerability arises from IP fragment processing and has been associated with Microsoft hotfix MS00-029 (...
CVE-1999-0717
Microsoft Excel 97 is affected by CVE-1999-0717, enabling a remote attacker to disable the virus warning mechanism. Connected documents confirm the product and impact but do not provide root-cause details, affected subcomponents/versions beyond Excel 97, exploitation status, or remediation steps.
CVE-2002-1260
The CVE-2002-1260 vulnerability affects Microsoft Virtual Machine (VM) 5.0.3805 and earlier, where the JDBC APIs can be exploited by an untrusted Java applet to bypass security checks and access database contents. This is a remote, network‑vector issue that allows partial confidentiality/integrit...
CVE-1999-0153
CVE-1999-0153 corresponds to a Windows 95/NT vulnerability (WinNuke) where sending a NetBIOS OOB data packet to the affected host can cause a denial of service. The vulnerability is described across multiple sources (CVE records, Red Hat advisory, NVD/Nessus notes) as an out-of-band data DoS cond...
CVE-2000-0168
CVE-2000-0168 affects the Microsoft Windows 9x family. The vulnerability arises when a pathname contains MS-DOS device names (e.g., CON\CON, AUX, etc.), which can cause a denial of service (system freeze/reboot) when accessed via certain services. OpenVAS-derived entries describe exploitation pat...
CVE-2002-1258
CVE-2002-1258 affects Microsoft Virtual Machine (VM) up to build 5.0.3805, as used in Internet Explorer and other applications. The vulnerability allows remote attackers to read files via a Java applet whose CODEBASE parameter in the APPLET tag is spoofed, likely due to a parsing error. Documents...
CVE-1999-0444
CVE-1999-0444 : Multiple sources (including PT-1999-1127) confirm a denial-of-service through spoofed ARP packets on Windows. The vulnerability enables remote attackers to trigger a splash/message box per ARP packet or flood log files, causing instability. The available connected documents do not...
CVE-1999-0909
CVE-1999-0909 affects multihomed Windows systems. The vulnerability allows a remote attacker to bypass IP source routing restrictions by sending a malformed IP options packet, named the “Spoofed Route Pointer.” The connected Red Hat and CVE listings reference the same description. No explicit pro...
CVE-1999-0104
Technical details about CVE-1999-0104 are not publicly provided in the supplied documents; affected products, impact specifics, and remediation are not disclosed. Monitor for updates.
CVE-1999-0179
Publicly available documents provided do not include detailed technical information (affected products/versions, root cause, exploit details) for CVE-1999-0179. Monitor connected sources (Red Hat, CVE, EUVD, NVD) for updates and clarifications.
CVE-2000-0129
The vulnerability CVE-2000-0129 affects the Serv-U FTP server. A buffer overflow in SHGetPathFromIDList can be triggered by a LIST command on a malformed .lnk file, leading to a denial of service. Exploitation details are not provided in the documents. PT-2000-1115 notes affected versions are not...
CVE-1999-0258
CVE-1999-0258 is a Bonk variation of a teardrop IP fragmentation denial of service. Documents describe a remote network-exploitable DoS caused by a flaw in the TCP/IP fragmentation handling. No concrete affected products, versions, or fixes are explicitly stated in the provided sources; remediati...
CVE-1999-1201
CVE-1999-1201 affects Windows 95/98 when multiple TCP/IP stacks are bound to the same MAC address. The condition allows a remote attacker to trigger traffic amplification by sending a particular ICMP echo, causing all stacks to reply to the same ping (TCP Chorusing). The vulnerability is document...
CVE-2001-0238
The CVE-2001-0238 entry concerns Microsoft Data Access Component Internet Publishing Provider (ID 8.103.2519.0 and earlier). The available connected documents describe that remote attackers can bypass Security Zone restrictions through WebDAV requests. The root cause details are not explicitly st...
CVE-1999-0749
The CVE-1999-0749 entry describes a buffer overflow in the Microsoft Telnet client for Windows 95/98 triggered by a malformed Telnet argument. The vulnerability concerns the Telnet client component (Windows 95/98) and is due to improper handling of a Telnet argument, leading to memory corruption....
CVE-1999-1291
The CVE-1999-1291 entry concerns the TCP/IP stack in Microsoft Windows 95 and Windows NT 4.0 (potentially others). The vulnerability allows an remote attacker to reset a target’s TCP connections by forcing a reset (RST) in a crafted packet flow (e.g., via a PSH ACK or similar), using the resultin...
CVE-2000-1079
Affected software/hardware: Microsoft Windows 95, 98, NT, and 2000. Vulnerability: Interaction between the CIFS Browser Protocol and NetBIOS allows remote modification of dynamic NetBIOS name cache entries via a spoofed Browse Frame Request carried in a unicast or UDP broadcast datagram. Impact: ...
CVE-1999-0875
Technical details (affected products/versions, exploitation, or mitigations) for CVE-1999-0875 are not provided in the supplied documents. Monitor for updates and additional disclosures.
CVE-2000-0155
CVE-2000-0155 affects Windows NT Autorun: the system executes the autorun.inf file on non-removable media, allowing a local attacker to specify an alternate program to run when other users access a drive. The provided documents describe the vulnerability in terms of its existence and impact (loca...
CVE-2000-0979
CVE-2000-0979 affects Windows 95/98/Me File and Print Sharing. The service does not properly enforce file-share passwords, allowing a remote attacker to bypass access controls by sending a 1‑byte password that matches the first character of the real password. The documented impact is partial conf...
CVE-2000-0330
CVE-2000-0330 affects the networking software in Windows 95 and Windows 98. The vulnerability allows remote attackers to execute commands via a long file name string (the “File Access URL” issue). The CVSS data indicates a network-access, high-severity impact with complete confidentiality, integr...
CVE-2000-0347
CVE-2000-0347 affects Windows 95/98. The vulnerability is a denial-of-service triggered by sending a NetBIOS session request with a NULL source name to the remote host. The resulting impact is remote crash/DoS as described by multiple sources. No remediation details are provided in the supplied d...
CVE-2000-0742
The CVE-2000-0742 entry concerns the IPX protocol implementation in Microsoft Windows 95 and Windows 98. The vulnerability allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address (the “Malformed IPX Ping Packet” issue). Th...
CVE-2000-1003
CVE-2000-1003 (Windows 95/98 NETBIOS client) : The NETBIOS client in Windows 95 and Windows 98 is affected. A remote attacker over a network can cause a denial of service by altering a file sharing service to return an unknown driver type, which crashes the client. Root cause described as the fil...
CVE-1999-0387
CVE-1999-0387 affects Windows 95/98 where a legacy credential caching mechanism can be exploited to read plaintext network passwords. The Red Hat and CVE records reflect the same description: a local/system-level weakness in the credential cache that may expose confidential credentials. Documents...
CVE-1999-1254
Technical details (affected software, vulnerability specifics, and remediation) are not publicly provided in the connected documents. Monitor for updates.
CVE-2000-0612
CVE-2000-0612 affects Windows 95 and Windows 98 ; spoofed ARP packets allow remote attackers to overwrite static ARP cache entries. The connected records confirm the impact but do not include a provided patch or concrete mitigation details in the supplied documents.
CVE-2005-2388
CVE-2005-2388 describes a buffer overflow in a USB driver used on Microsoft Windows that could allow an attacker to execute arbitrary code. The provided documents do not specify the affected product name, exact driver version, or root cause details beyond the general buffer overflow. Exploit info...
CVE-1999-1104
CVE-1999-1104 affects Windows 95 password caching: the .pwl file is encrypted with weak protection, enabling a local attacker to decrypt cached passwords and potentially gain privileges. The available documents do not specify remediation or fixes; exploitation details are not provided.
CVE-1999-0518
Technical details about CVE-1999-0518 are not publicly available in the provided documents. Monitor for updates from connected sources for affected products, versions, impact, and remediation information.
CVE-2000-0404
The CVE-2000-0404 issue affects the CIFS Computer Browser service and allows remote denial of service by sending a ResetBrowser frame to the Master Browser ("ResetBrowser Frame" vulnerability). Connected sources confirm the vulnerability impact is a network-denial of service and describe two rela...
CVE-1999-0975
The CVE-1999-0975 entry describes a local privilege escalation in the Windows Help system: by editing a table of contents metafile (.CNT) and altering the topic action, a local user could cause commands to execute when the .hlp file is opened. The remediation/affected product details beyond this ...
CVE-2000-0980
This CVE concerns the NMPI listener component of Microsoft NWLink. The affected element is the NMPI (Name Management Protocol on IPX) listener in NWLink, which fails to properly filter packets originating from a broadcast address. Under this flaw, remote attackers can trigger a broadcast storm an...
CVE-1999-1105
CVE-1999-1105 affects Windows 95 when Remote Administration and File Sharing for NetWare Networks is enabled. The vulnerability arises because a share (C$) is created upon remote administrator login, enabling a remote attacker to read arbitrary files by mapping the network drive. The available so...
CVE-2002-1692
The CVE-2002-1692 entry describes a buffer overflow in the Windows 95 backup utility. A long filename extension placed in a folder to be backed up can allow an attacker to execute arbitrary code. The vulnerability affects the backup component of Windows 95; the root cause is improper handling of ...