Lucene search

K
MicrosoftWindows Nt

78 matches found

CVE
CVE
added 2002/03/09 5:0 a.m.479 views

CVE-2000-1200

Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.

5CVSS6.6AI score0.20495EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.148 views

CVE-2002-1561

The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.

5CVSS6.6AI score0.60671EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.121 views

CVE-1999-0016

Land IP denial of service.

5CVSS6.6AI score0.72572EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.116 views

CVE-1999-0077

Predictable TCP sequence numbers allow spoofing.

5CVSS6.4AI score0.15621EPSS
CVE
CVE
added 2003/10/20 4:0 a.m.88 views

CVE-2003-0661

The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information.

5CVSS6.3AI score0.238EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.78 views

CVE-2004-1049

Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."

5.1CVSS7.7AI score0.44287EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.76 views

CVE-1999-0015

Teardrop IP denial of service.

5CVSS6.8AI score0.25851EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.75 views

CVE-2000-0673

The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability.

5CVSS6.7AI score0.17327EPSS
CVE
CVE
added 2002/10/11 4:0 a.m.69 views

CVE-2002-0863

Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."

5CVSS6.5AI score0.09512EPSS
CVE
CVE
added 2006/05/10 2:14 a.m.67 views

CVE-2006-1184

Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range me...

5CVSS6.3AI score0.58234EPSS
CVE
CVE
added 2005/07/11 4:0 a.m.65 views

CVE-2005-2150

Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog.

5CVSS6.7AI score0.41473EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.63 views

CVE-2004-0899

The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vu...

5CVSS6.5AI score0.37272EPSS
CVE
CVE
added 2001/01/09 5:0 a.m.62 views

CVE-2000-1039

Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOT...

5CVSS6.8AI score0.38346EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.61 views

CVE-1999-0140

Denial of service in RAS/PPTP on NT systems.

5CVSS6.6AI score0.07744EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.61 views

CVE-2002-1325

Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."

5CVSS6.4AI score0.05682EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.60 views

CVE-1999-0224

Denial of service in Windows NT messenger service through a long username.

5CVSS7AI score0.28996EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.58 views

CVE-1999-0153

Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.

5CVSS6.8AI score0.2436EPSS
CVE
CVE
added 2000/05/16 4:0 a.m.58 views

CVE-1999-0980

Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.

5CVSS6.6AI score0.24538EPSS
CVE
CVE
added 2003/11/17 5:0 a.m.57 views

CVE-2003-0813

A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a dif...

5.1CVSS6.5AI score0.89814EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.56 views

CVE-2004-1305

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or ...

5CVSS6.5AI score0.77406EPSS
CVE
CVE
added 2002/12/23 5:0 a.m.55 views

CVE-2002-1258

Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error.

5CVSS6.8AI score0.01796EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.54 views

CVE-2000-0328

Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.

5CVSS7.5AI score0.2262EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.53 views

CVE-1999-0444

Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.

5CVSS7.1AI score0.07277EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.53 views

CVE-2001-0663

Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets.

5CVSS6.7AI score0.2305EPSS
CVE
CVE
added 2003/06/09 4:0 a.m.53 views

CVE-2003-0227

The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a c...

5CVSS7.6AI score0.48647EPSS
CVE
CVE
added 2004/06/01 4:0 a.m.53 views

CVE-2003-0807

Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request.

5CVSS6.7AI score0.38004EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.52 views

CVE-2001-0879

Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.

5CVSS7AI score0.10185EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.51 views

CVE-1999-0258

Bonk variation of teardrop IP fragmentation denial of service.

5CVSS6.8AI score0.04875EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.51 views

CVE-1999-1291

TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target.

5CVSS7.5AI score0.08554EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.51 views

CVE-2004-1361

Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.

5CVSS7.9AI score0.19594EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.50 views

CVE-1999-0104

A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.

5CVSS7.4AI score0.03605EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.50 views

CVE-1999-0179

Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share.

5CVSS7.5AI score0.0672EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.50 views

CVE-1999-0225

Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.

5CVSS7.4AI score0.16121EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.50 views

CVE-2000-0331

Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability.

5CVSS7AI score0.11559EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.50 views

CVE-2000-0544

Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length.

5CVSS6.7AI score0.14406EPSS
CVE
CVE
added 2001/09/20 4:0 a.m.50 views

CVE-2001-0509

Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.

5CVSS7.2AI score0.13062EPSS
CVE
CVE
added 2002/08/12 4:0 a.m.50 views

CVE-2002-0421

IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr.

5CVSS6.5AI score0.23698EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.49 views

CVE-1999-0288

The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.

5CVSS6.8AI score0.26564EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.49 views

CVE-1999-1157

Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.

5CVSS7.1AI score0.14786EPSS
CVE
CVE
added 2000/04/18 4:0 a.m.49 views

CVE-2000-0073

Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.

5CVSS7AI score0.16571EPSS
CVE
CVE
added 2003/08/27 4:0 a.m.49 views

CVE-2003-0525

The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string t...

5CVSS6.4AI score0.04454EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.48 views

CVE-1999-0227

Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.

5CVSS7.3AI score0.04618EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.48 views

CVE-1999-0292

Denial of service through Winpopup using large user names.

5CVSS7.4AI score0.04875EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.48 views

CVE-2001-1244

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network tra...

5CVSS7.1AI score0.08688EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.48 views

CVE-2004-1306

Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file.

5.1CVSS8AI score0.50695EPSS
CVE
CVE
added 2006/02/15 11:0 a.m.48 views

CVE-2005-4717

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereferenc...

5CVSS6.8AI score0.10269EPSS
CVE
CVE
added 2006/04/03 10:4 a.m.48 views

CVE-2006-1591

Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file.

5.1CVSS7.8AI score0.28999EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.47 views

CVE-1999-1222

Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup.

5CVSS7AI score0.09844EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.47 views

CVE-2001-0543

Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.

5CVSS7AI score0.08566EPSS
CVE
CVE
added 2005/06/28 4:0 a.m.46 views

CVE-2000-1227

Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.

5CVSS7AI score0.15629EPSS
Total number of security vulnerabilities78