National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:microsoft:windows_nt:4.0:sp2:~~embedded~~x86~
There are 260 matching records.
Displaying matches 221 through 240.
Vuln ID Summary CVSS Severity
CVE-1999-0505

A Windows NT domain user or administrator account has a guessable password.

Published: October 01, 1998; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0506

A Windows NT domain user or administrator account has a default, null, blank, or missing password.

Published: October 01, 1998; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0546

The Windows NT guest account is enabled.

Published: October 01, 1998; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-1999-0969

The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork.

Published: September 29, 1998; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-0288

The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.

Published: August 01, 1998; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-0344

NT users can gain debug-level access on a system process using the Sechole exploit.

Published: August 01, 1998; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0278

In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.

Published: June 01, 1998; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-1361

Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages.

Published: May 09, 1998; 12:00:00 AM -04:00
    V2: 6.4 MEDIUM
CVE-1999-0225

Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.

Published: February 14, 1998; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0258

Bonk variation of teardrop IP fragmentation denial of service.

Published: February 13, 1998; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0256

Buffer overflow in War FTP allows remote execution of commands.

Published: February 01, 1998; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-1999-1581

Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded.

Published: December 23, 1997; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0015

Teardrop IP denial of service.

Published: December 16, 1997; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0104

A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.

Published: December 16, 1997; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0016

Land IP denial of service.

Published: December 01, 1997; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1217

The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.

Published: July 25, 1997; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-1999-0074

Listening TCP ports are sequentially allocated, allowing spoofing attacks.

Published: July 01, 1997; 12:00:00 AM -04:00
    V2: 6.4 MEDIUM
CVE-1999-0153

Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.

Published: July 01, 1997; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-0275

Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.

Published: June 10, 1997; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-0227

Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.

Published: June 01, 1997; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM