Lucene search
K

56 matches found

CVE
CVE
added 2000/02/04 5:0 a.m.749 views

CVE-1999-0519

CVE-1999-0519 describes a Windows SMB/NETBIOS issue where a share password is default, null, or missing, enabling NULL session authentication bypass. Public sources (NVD, Red Hat, SUSE, OpenVAS/Nessus entries) consistently describe an authentication bypass risk tied to SMB/NETBIOS NULL sessions. ...

7.5CVSS6.8AI score0.05673EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.462 views

CVE-1999-0511

CVE-1999-0511 covers IP forwarding being enabled on a host that is not a router or firewall. Multiple connected sources confirm this condition and document remediation: disable IP forwarding (e.g., sysctl net.ipv4.ip_forward and related settings) and reboot where applicable. IBM bulletin notes a ...

9.1CVSS6.8AI score0.06908EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.166 views

CVE-1999-0506

CVE-1999-0506 affects Windows NT domain accounts with a default, null, blank, or missing password. The included sources confirm the issue as a weak-password scenario enabling logins when no proper credentials are configured, with related references noting blank administrator passwords and weak cr...

7.2CVSS6.7AI score0.17301EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.155 views

CVE-1999-0505

CVE-1999-0505 affects Windows NT domain accounts where a guessable password enables local access. The NVD entry lists a LOCAL attack vector with LOW complexity, and NULL authentication, yielding complete confidentiality, integrity, and availability impact. Connected Red Hat/NVD records reiterate ...

7.2CVSS6.7AI score0.01794EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.119 views

CVE-1999-0499

CVE-1999-0499 describes exposure of NETBIOS share information in Windows NT by publishing it through SNMP registry keys. Connected sources (Red Hat advisory; Nessus LANMAN disclosures) confirm information disclosure via SNMP OIDs for LanMan services/shares/users, enabling an attacker to learn tar...

7.5CVSS6.5AI score0.047EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.116 views

CVE-1999-0535

CVE-1999-0535 affects Windows NT password policy settings. The connected records consistently describe a vulnerability where the account policy for passwords allows insecure configurations (e.g., inadequate minimum length, inappropriate password age, and lack of uniqueness), leading to potential ...

10CVSS7.6AI score0.05975EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.110 views

CVE-1999-0503

CVE-1999-0503 concerns a Windows NT local user or administrator account with a guessable password. Connected sources corroborate that the issue enables basic local account compromise due to weak credentials (no explicit patch/version details provided in the documents). CVSS metrics in the initial...

7.2CVSS6.5AI score0.01835EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.97 views

CVE-2004-1049

CVE-2004-1049 affects Microsoft Windows LoadImage API (cursor/icon handling). The vulnerability arises from an integer overflow when processing certain image resources (e.g., .ani, .ico, .cur, .bmp), which can lead to heap memory corruption and remote code execution if a user opens a crafted file...

5.1CVSS7.7AI score0.29743EPSS
Web
CVE
CVE
added 1999/09/29 4:0 a.m.96 views

CVE-1999-0256

CVE-1999-0256 describes a stack-based buffer overflow in War FTP Daemon (War-FTPD) 1.65 (and potentially earlier) that affects the PASS command, allowing remote code execution or denial of service. Public materials in connected sources show confirmatory details: exploits/modules (e.g., Metasploit...

7.5CVSS7.1AI score0.7242EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.95 views

CVE-1999-0504

CVE-1999-0504 describes a Windows NT local account with a default, null, blank, or missing password. Public references note exploitation paths via Windows SMB/PSEXEC‑style mechanisms and remote command execution tooling, with related Metasploit modules referencing the CVE when using an administra...

7.5CVSS6.2AI score0.63703EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.89 views

CVE-2002-0018

In Windows NT/Windows 2000, a domain trust relationship can be abused when a trusting domain accepts authorization data (SIDs) from a trusted domain without verifying that the trusted domain is authoritative for all SIDs. The root cause is failure to validate all SIDs in the authorization data su...

10CVSS6.7AI score0.1796EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.88 views

CVE-1999-0874

CVE-1999-0874 maps to a buffer overflow in IIS 4.0’s ISAPI processing of HTR/IDC/STM files (ISM.DLL). Public sources show a remote overflow that can cause denial of service and, in several references, the potential for remote code execution on affected Windows NT systems (MS02-018/Microsoft MS99-...

10CVSS6.9AI score0.78099EPSS
Web
CVE
CVE
added 1999/09/29 4:0 a.m.79 views

CVE-1999-0612

CVE-1999-0612 affects the finger service. The finger daemon exposes valid user information to any entity on the network, enabling information disclosure. Affected: finger on UNIX-like systems vulnerable in versions older than the patched release (e.g.,

6.4AI score0.6744EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.78 views

CVE-1999-0140

CVE-1999-0140 corresponds to a denial of service in RAS/PPTP on NT systems. The connected security entries indicate a remote DoS vector exploiting PPTP control traffic: an attacker can crash the PPTP server by connecting to TCP/1723 and sending malformed data (garbage) followed by a Ctrl-D. This ...

5CVSS6.6AI score0.13572EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.78 views

CVE-1999-0717

Microsoft Excel 97 is affected by CVE-1999-0717, enabling a remote attacker to disable the virus warning mechanism. Connected documents confirm the product and impact but do not provide root-cause details, affected subcomponents/versions beyond Excel 97, exploitation status, or remediation steps.

2.6CVSS7AI score0.05843EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.76 views

CVE-1999-0285

CVE-1999-0285 affects the Windows NT Resource Kit telnet component. The vulnerability is a denial-of-service that occurs when a connection is opened and then immediately closed, exploited via network access. The Red Hat advisory and NVD entry reiterate that telnet on Windows NT Resource Kit is th...

10CVSS6.9AI score0.06567EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.76 views

CVE-1999-0384

The CVE concerns the Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0). The issue arises because this control can read text from a user’s clipboard when a user accesses documents containing ActiveX content. Impact is limited to disclosure of clipboard data as described i...

4.6CVSS6.8AI score0.01167EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.75 views

CVE-2001-0879

CVE-2001-0879 describes a format-string vulnerability in the C runtime functions used by Microsoft SQL Server 7.0 and 2000. The underlying issue is a format string handling flaw in the C runtime, which can allow an attacker to trigger a denial of service. The available connected documents confirm...

5CVSS7AI score0.08089EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.74 views

CVE-1999-0721

CVE-1999-0721 describes a Denial of Service in Windows NT Local Security Authority (LSA) caused by a malformed LSA request. Affected component is LSA handling within Windows NT; exploitation could crash or disrupt LSA service, impacting system availability. The NVD entry lists a base score of 7.8...

7.8CVSS7AI score0.09365EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.73 views

CVE-1999-0560

CVE-1999-0560 affects Windows NT: a system-critical file or directory with inappropriate permissions. Multiple sources (NVD, Red Hat, CVE lists) describe the vulnerability as a permissions misconfiguration on Windows NT files/directories, leading to high-severity impact (confidentiality, integrit...

10CVSS7AI score0.05926EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.73 views

CVE-1999-0570

PT-1999-1197 documents a vulnerability in Windows NT where the system is not utilizing a password filter utility (e.g., PASSFILT.DLL). The root cause stated is absence of a password filter, which could affect password handling security. The PT-1999-1197 page does not specify affected Windows NT v...

10CVSS7.2AI score0.05975EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.71 views

CVE-1999-0153

CVE-1999-0153 corresponds to a Windows 95/NT vulnerability (WinNuke) where sending a NetBIOS OOB data packet to the affected host can cause a denial of service. The vulnerability is described across multiple sources (CVE records, Red Hat advisory, NVD/Nessus notes) as an out-of-band data DoS cond...

5CVSS6.8AI score0.22783EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.69 views

CVE-1999-0372

The CVE concerns the BackOffice Server installer leaking credentials: account names and passwords are written to a setup file (reboot.ini) and not deleted after installation. This exposes partial confidentiality risk on local execution, per the CVSS metrics (Low base score, Local attack vector, n...

2.1CVSS7AI score0.04549EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.68 views

CVE-1999-0444

CVE-1999-0444 : Multiple sources (including PT-1999-1127) confirm a denial-of-service through spoofed ARP packets on Windows. The vulnerability enables remote attackers to trigger a splash/message box per ARP packet or flood log files, causing instability. The available connected documents do not...

5CVSS7.1AI score0.16237EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.67 views

CVE-1999-0546

CVE-1999-0546 concerns Windows NT where the built-in guest account is enabled. According to connected sources, this enables a local attacker (vector: local) with low complexity to access the system, with partial impact on confidentiality, integrity, and availability (CVSS v2 base: 4.6). The issue...

4.6CVSS6.8AI score0.01666EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.66 views

CVE-1999-0074

CVE-1999-0074 describes a flaw where listening TCP ports are assigned sequentially, enabling spoofing. The connected documents do not specify affected products, versions, or root cause details beyond this mechanism. Exploitation status, impact scope, and fixes are not provided; some entries reite...

6.4CVSS7.4AI score0.084EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.66 views

CVE-1999-1365

Technical details for CVE-1999-1365 are not publicly available in the provided documents. No vendor/product/version specifics or exploitation information are included here. Monitor for updates.

7.2CVSS7AI score0.01937EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.65 views

CVE-1999-0258

CVE-1999-0258 is a Bonk variation of a teardrop IP fragmentation denial of service. Documents describe a remote network-exploitable DoS caused by a flaw in the TCP/IP fragmentation handling. No concrete affected products, versions, or fixes are explicitly stated in the provided sources; remediati...

5CVSS6.8AI score0.05922EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.63 views

CVE-1999-0700

CVE-1999-0700 describes a buffer overflow in Microsoft Phone Dialer (dialer.exe) triggered by a malformed dialer.ini entry. The NVD entry assigns a local attack vector, high complexity, and no authentication, with impact described as complete on confidentiality, integrity, and availability. Red H...

6.2CVSS7.1AI score0.04762EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.63 views

CVE-1999-0716

CVE-1999-0716 is a historical vulnerability described across multiple sources as a buffer overflow in Windows NT 4.0’s help file utility triggered by a malformed help file. The Red Hat advisory and CVE entries confirm the issue but do not provide concrete exploit details beyond the basic descript...

4.6CVSS7.2AI score0.05499EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.62 views

CVE-1999-0715

CVE-1999-0715 is a buffer-overflow vulnerability in the Microsoft Windows Remote Access Service (RAS) API/Client that can allow a local attacker to execute arbitrary code with LocalSystem privileges by creating a crafted RAS phonebook entry. Microsoft MS99-016 provides a patch to address the issu...

4.6CVSS7.3AI score0.05525EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.62 views

CVE-1999-0726

CVE-1999-0726 affects Windows NT with a DoS via executing a program that uses a malformed file image header. Connected sources reiterate the attack is a denial of service caused by malformed file image headers, but do not provide specific vulnerable components, affected product versions, or expli...

7.8CVSS6.9AI score0.09365EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.61 views

CVE-1999-0579

CVE-1999-0579 affects Windows NT where the registry audit policy does not log an event for successes or failures when non-critical registry keys are accessed. The root cause is a missing log for non-critical keys, resulting in an auditing gap. Documents from Red Hat, CVE databases, and PT-Policy ...

10CVSS7.1AI score0.06131EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.60 views

CVE-1999-0275

CVE-1999-0275 denotes a DoS in Windows NT DNS servers caused by flooding UDP/port 53 with an excessive number of characters in requests. Affected component: Windows NT DNS service; root cause: character-saturated requests overwhelm the DNS server, leading to service disruption. Documented impact:...

5CVSS6.8AI score0.05922EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.60 views

CVE-1999-0562

Technical details on CVE-1999-0562 are not publicly provided in the connected documents. The sources reiterate that the Windows NT registry can be accessed remotely by non-administrators. Monitor for updates for concrete impact, affected versions, and remediation.

7.5CVSS7.3AI score0.11003EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.59 views

CVE-1999-0575

CVE-1999-0575 concerns Windows NT where the user audit policy fails to log events for a wide range of activities (Logon/Logoff, File/Object Access, User Rights, Group Management, Security Policy Changes, Restart, Shutdown, System, Process Tracking). The Red Hat entry confirms this behavior withou...

7.5CVSS7.5AI score0.05243EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.59 views

CVE-1999-1254

Technical details (affected software, vulnerability specifics, and remediation) are not publicly provided in the connected documents. Monitor for updates.

5CVSS7AI score0.13344EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.58 views

CVE-1999-0249

The CVE-1999-0249 entry concerns Windows NT RSHSVC, where the RSHSVC program may allow remote users to execute arbitrary commands. The connected documents confirm the affected component (RSHSVC) and the impact (arbitrary command execution), but do not provide additional technical details such as ...

7.2CVSS8.1AI score0.07196EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.58 views

CVE-1999-0723

The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial-of-service when all worker threads are waiting for user input. Connected records confirm CSRSS as the vulnerable component and describe the impact as availability-related DoS, CVSS v2 base score 7.1. No concrete d...

7.1CVSS6.9AI score0.08084EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.57 views

CVE-1999-0581

CVE-1999-0581 concerns improper permissions on the HKEY_CLASSES_ROOT key in Windows NT. The connected documents consistently describe the root cause as inappropriate, system‑critical permissions on this registry hive, affecting Windows NT systems. The materials do not specify exact vulnerable pro...

10CVSS7AI score0.06748EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.57 views

CVE-1999-0755

CVE-1999-0755 affects Windows NT RRAS and RAS clients, where a user's password can be cached even if the user did not choose "Save password." The connected Red Hat, CVE, NVD, and CVE List entries describe the same issue but do not provide deeper root-cause details, exploit status, or remediation/...

5CVSS7.2AI score0.16192EPSS
CVE
CVE
added 2007/04/10 11:0 p.m.56 views

CVE-2007-1912

CVE-2007-1912 relates to a heap-based buffer overflow in Microsoft Windows’ Help system (WinHelp) triggered by specially crafted .HLP files. The connected advisory CPAI-2007-254 describes a boundary/heap overflow in handling HLP files that could allow a remote attacker to inject and execute arbit...

6.8CVSS7AI score0.13935EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.55 views

CVE-1999-0572

CVE-1999-0572 concerns the association of .reg files with the Windows NT registry editor (regedit). The root cause is that registering .reg files with regedit can enable Trojan Horse-style attacks by tricking users into running or importing a malformed registry script. The documents consistently ...

9.3CVSS7.3AI score0.05198EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.55 views

CVE-1999-0577

The CVE-1999-0577 issue affects Windows NT with the file audit policy failing to log events for non-critical files/directories. Affected component: Windows NT file audit policy (logging of success/failure). Root cause: audit policy does not log certain accesses, per multiple sources (NVD/Red Hat/...

10CVSS7.1AI score0.06131EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.55 views

CVE-2001-0003

The CVE-2001-0003 entry concerns Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me. The issue is that WEC does not correctly process Internet Explorer security settings for NTLM authentication, which can allow an attacker to obtain NTLM credentials and potentially o...

5CVSS7AI score0.08099EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.54 views

CVE-1999-0578

CVE-1999-0578 affects Windows NT; multiple connected sources confirm the issue is that the registry auditing policy does not log events for security-critical registry keys (both success and failure). Documented scope: Windows NT OS with registry audit policy lacking event logging for cryptographi...

4.6CVSS7.1AI score0.01548EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.54 views

CVE-1999-0593

Windows NT permits shutdown without authentication due to the Winlogon ShutdownWithoutLogon default setting. Affected: Windows NT; component: Winlogon registry entry ShutdownWithoutLogon. Root cause: default configuration. Impact: local shutdown without login (availability). No exploit details or...

4.9CVSS6.6AI score0.02251EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.54 views

CVE-1999-1358

Technical details about CVE-1999-1358 are not publicly provided in the supplied documents. Monitor for updates.

4.6CVSS6.8AI score0.0141EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.52 views

CVE-1999-0549

The CVE-1999-0549 entry pertains to Windows NT, where the system automatically logs in an administrator upon reboot. Affected software: Windows NT. Vulnerability: administrative login occurs without user authentication at boot. Root cause and exact exploit vector are not detailed in the provided ...

7.2CVSS7AI score0.01805EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.52 views

CVE-1999-1359

The CVE-1999-1359 entry concerns Windows NT where, when the Ntconfig.pol file is used on a server with a name longer than 13 characters, policies for global groups are not properly enforced. This could allow bypass of restrictions intended by those policies (as described in multiple sources). Aff...

7.5CVSS7AI score0.03934EPSS
Total number of security vulnerabilities56