National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:microsoft:windows_nt:4.0:sp5:workstation
There are 180 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2001-0509

Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.

Published: September 20, 2001; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2001-0543

Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.

Published: September 20, 2001; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2000-1200

Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.

Published: August 31, 2001; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2001-1122

Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.

Published: August 03, 2001; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2001-1288

Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe.

Published: July 27, 2001; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2001-0341

Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.

Published: July 21, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-1244

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.

Published: July 07, 2001; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2001-0238

Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.

Published: July 02, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0373

The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.

Published: June 18, 2001; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2001-0016

NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2001-0017

Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2001-0045

The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities.

Published: February 16, 2001; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2001-0046

The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.

Published: February 16, 2001; 12:00:00 AM -05:00
V2: 4.6 MEDIUM
CVE-2001-0047

The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities.

Published: February 16, 2001; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2001-0006

The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability.

Published: February 12, 2001; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2000-1039

Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE.

Published: January 09, 2001; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2000-1089

Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.

Published: January 09, 2001; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2000-1227

Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.

Published: December 31, 2000; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2000-0885

Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates.

Published: December 19, 2000; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-1999-1579

The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions of Windows NT 4.0 and Windows NT Server 4.0 before SP6 allows remote attackers to cause a denial of service (resource consumption) by creating a large number of arbitrary files on the target machine.

Published: December 14, 2000; 12:00:00 AM -05:00
V2: 5.0 MEDIUM