VYPR

Windows Nt

by Microsoft

CVEs (279)

  • CVE-1999-0590Jun 1, 2000
    risk 0.00cvss epss 0.06

    A system does not present an appropriate legal message or warning to a user who is accessing it.

  • CVE-2000-0259Apr 12, 2000
    risk 0.00cvss epss 0.01

    The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users.

  • CVE-1999-0701Apr 11, 2000
    risk 0.00cvss epss 0.02

    After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.

  • CVE-2000-0197Feb 14, 2000
    risk 0.00cvss epss 0.02

    The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file.

  • CVE-2000-0089Feb 4, 2000
    risk 0.00cvss epss 0.02

    The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability.

  • CVE-1999-0595Jan 20, 2000
    risk 0.00cvss epss 0.02

    A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.

  • CVE-2000-0070Jan 12, 2000
    risk 0.00cvss epss 0.02

    NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."

  • CVE-1999-1455Dec 31, 1999
    risk 0.00cvss epss 0.04

    RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.

  • CVE-1999-1317Dec 31, 1999
    risk 0.00cvss epss 0.02

    Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.

  • CVE-1999-1222Dec 31, 1999
    risk 0.00cvss epss 0.05

    Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup.

  • CVE-1999-1363Dec 31, 1999
    risk 0.00cvss epss 0.01

    Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.

  • CVE-1999-1358Dec 31, 1999
    risk 0.00cvss epss 0.01

    When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by…

  • CVE-1999-1364Dec 31, 1999
    risk 0.00cvss epss 0.01

    Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.

  • CVE-1999-1362Dec 31, 1999
    risk 0.00cvss epss 0.01

    Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.

  • CVE-1999-1359Dec 31, 1999
    risk 0.00cvss epss 0.04

    When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.

  • CVE-1999-1294Dec 31, 1999
    risk 0.00cvss epss 0.02

    Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission.

  • CVE-1999-1360Dec 31, 1999
    risk 0.00cvss epss 0.01

    Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.

  • CVE-1999-1316Dec 31, 1999
    risk 0.00cvss epss 0.04

    Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess.

  • CVE-1999-1452Dec 31, 1999
    risk 0.00cvss epss 0.06

    GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.

  • CVE-1999-0824Nov 30, 1999
    risk 0.00cvss epss 0.01

    A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.