CVE-1999-0519

A NETBIOS/SMB share password is the default, null, or missing.

CVE-1999-0511

IP forwarding is enabled on a machine which is not a router or firewall.

CVE-1999-0505

A Windows NT domain user or administrator account has a guessable password.

CVE-1999-0506

A Windows NT domain user or administrator account has a default, null, blank, or missing password.

CVE-1999-0535

A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.

CVE-1999-0499

NETBIOS share information may be published through SNMP registry keys in NT.

CVE-2004-1049

Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."

CVE-1999-0503

A Windows NT local user or administrator account has a guessable password.

CVE-1999-0504

A Windows NT local user or administrator account has a default, null, blank, or missing password.

CVE-1999-0256

Buffer overflow in War FTP allows remote execution of commands.

CVE-2002-0018

In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by inj...

CVE-1999-0874

Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.

CVE-1999-0140

Denial of service in RAS/PPTP on NT systems.

CVE-1999-0570

Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.

CVE-1999-0717

A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.

CVE-1999-0560

A system-critical Windows NT file or directory has inappropriate permissions.

CVE-1999-0153

Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.

CVE-1999-0612

A version of finger is running that exposes valid user information to any entity on the network.

CVE-1999-0384

The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.

CVE-1999-0721

Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.

CVE-1999-0372

The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.

CVE-1999-0444

Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.

CVE-1999-0546

The Windows NT guest account is enabled.

CVE-1999-0726

An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.

CVE-2001-0879

Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.

CVE-1999-0258

Bonk variation of teardrop IP fragmentation denial of service.

CVE-1999-0700

Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.

CVE-1999-0074

Listening TCP ports are sequentially allocated, allowing spoofing attacks.

CVE-1999-1365

Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program ...

CVE-1999-1157

Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.

CVE-1999-0715

Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.

CVE-1999-0716

Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.

CVE-1999-0285

Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.

CVE-1999-1317

Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the ?? object folder using a different case letter (upper or lower) to point to a different device.

CVE-1999-0562

The registry in Windows NT can be accessed remotely by users who are not administrators.

CVE-1999-0723

The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.

CVE-1999-1455

RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.

CVE-1999-0579

A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.

CVE-2001-0016

NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.

CVE-1999-0249

Windows NT RSHSVC program allows remote users to execute arbitrary commands.

CVE-1999-0275

Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.

CVE-1999-0575

A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.

CVE-1999-1254

Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.

CVE-2007-1912

Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.

CVE-1999-0577

A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.

CVE-1999-0755

Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.

CVE-2001-0003

Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulner...

CVE-1999-0572

.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.

CVE-1999-0578

A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.

CVE-1999-0815

Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries.