Windows Nt
by Microsoft
CVEs (279)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0017 | 0.01 | — | 0.17 | Mar 12, 2001 | Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability. | |||
| CVE-2001-0045 | 0.01 | — | 0.08 | Feb 16, 2001 | The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities. | |||
| CVE-2001-0003 | 0.01 | — | 0.08 | Feb 12, 2001 | Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM… | |||
| CVE-2000-1149 | 0.01 | — | 0.16 | Jan 9, 2001 | Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to execute arbitrary commands via a long username, aka the "Terminal Server Login Buffer Overflow" vulnerability. | |||
| CVE-2000-1227 | 0.01 | — | 0.13 | Dec 31, 2000 | Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back. | |||
| CVE-2000-0885 | 0.01 | — | 0.13 | Dec 19, 2000 | Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing"… | |||
| CVE-2000-1079 | 0.01 | — | 0.18 | Aug 29, 2000 | Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram. | |||
| CVE-2000-0544 | 0.01 | — | 0.17 | Jun 5, 2000 | Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length. | |||
| CVE-2000-0403 | 0.01 | — | 0.18 | May 25, 2000 | The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability. | |||
| CVE-2000-0404 | 0.01 | — | 0.20 | May 25, 2000 | The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | |||
| CVE-2000-0331 | 0.01 | — | 0.08 | Apr 20, 2000 | Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability. | |||
| CVE-1999-0815 | 0.01 | — | 0.18 | Dec 31, 1999 | Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. | |||
| CVE-1999-1157 | 0.01 | — | 0.13 | Dec 31, 1999 | Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface. | |||
| CVE-1999-1132 | 0.01 | — | 0.18 | Dec 31, 1999 | Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs. | |||
| CVE-1999-0994 | 0.01 | — | 0.07 | Dec 16, 1999 | Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. | |||
| CVE-1999-0898 | 0.01 | — | 0.07 | Nov 4, 1999 | Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request. | |||
| CVE-1999-1234 | 0.01 | — | 0.13 | Oct 26, 1999 | LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. | |||
| CVE-1999-0909 | 0.01 | — | 0.12 | Sep 20, 1999 | Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. | |||
| CVE-1999-0721 | 0.01 | — | 0.09 | Jul 20, 1999 | Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. | |||
| CVE-1999-0726 | 0.01 | — | 0.09 | Jun 30, 1999 | An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. |
- CVE-2001-0017Mar 12, 2001risk 0.01cvss —epss 0.17
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability.
- CVE-2001-0045Feb 16, 2001risk 0.01cvss —epss 0.08
The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities.
- CVE-2001-0003Feb 12, 2001risk 0.01cvss —epss 0.08
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM…
- CVE-2000-1149Jan 9, 2001risk 0.01cvss —epss 0.16
Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to execute arbitrary commands via a long username, aka the "Terminal Server Login Buffer Overflow" vulnerability.
- CVE-2000-1227Dec 31, 2000risk 0.01cvss —epss 0.13
Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.
- CVE-2000-0885Dec 19, 2000risk 0.01cvss —epss 0.13
Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing"…
- CVE-2000-1079Aug 29, 2000risk 0.01cvss —epss 0.18
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
- CVE-2000-0544Jun 5, 2000risk 0.01cvss —epss 0.17
Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length.
- CVE-2000-0403May 25, 2000risk 0.01cvss —epss 0.18
The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability.
- CVE-2000-0404May 25, 2000risk 0.01cvss —epss 0.20
The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability.
- CVE-2000-0331Apr 20, 2000risk 0.01cvss —epss 0.08
Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability.
- CVE-1999-0815Dec 31, 1999risk 0.01cvss —epss 0.18
Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries.
- CVE-1999-1157Dec 31, 1999risk 0.01cvss —epss 0.13
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.
- CVE-1999-1132Dec 31, 1999risk 0.01cvss —epss 0.18
Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs.
- CVE-1999-0994Dec 16, 1999risk 0.01cvss —epss 0.07
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords.
- CVE-1999-0898Nov 4, 1999risk 0.01cvss —epss 0.07
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.
- CVE-1999-1234Oct 26, 1999risk 0.01cvss —epss 0.13
LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo.
- CVE-1999-0909Sep 20, 1999risk 0.01cvss —epss 0.12
Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.
- CVE-1999-0721Jul 20, 1999risk 0.01cvss —epss 0.09
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
- CVE-1999-0726Jun 30, 1999risk 0.01cvss —epss 0.09
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
Page 9 of 14