VYPR

Windows NT 4.0

by Microsoft

CVEs (47)

  • CVE-2000-1218CriApr 14, 2000
    risk 0.64cvss 9.8epss 0.06

    The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.

  • CVE-2001-1452HigAug 31, 2001
    risk 0.50cvss 7.5epss 0.09

    By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses.

  • CVE-2001-0006HigFeb 12, 2001
    risk 0.49cvss 7.1epss 0.03

    The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex"…

  • CVE-2002-0725MedSep 5, 2002
    risk 0.36cvss 5.5epss 0.01

    NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.

  • CVE-2003-0352Aug 18, 2003
    risk 0.11cvss epss 0.99

    Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.

  • CVE-2003-0719Jun 1, 2004
    risk 0.10cvss epss 0.83

    Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute…

  • CVE-2003-0109Mar 31, 2003
    risk 0.10cvss epss 0.86

    Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

  • CVE-2006-0988Mar 3, 2006
    risk 0.07cvss epss 0.55

    The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers…

  • CVE-2000-0305May 19, 2000
    risk 0.07cvss epss 0.44

    Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.

  • CVE-2002-1561Apr 2, 2003
    risk 0.06cvss epss 0.43

    The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.

  • CVE-2006-3880Jul 27, 2006
    risk 0.05cvss epss 0.28

    Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Small Business Server 2003 allow remote attackers to cause a denial of service (IP stack hang) via a continuous stream of packets on TCP port 135 that have incorrect TCP header checksums and random numbers in…

  • CVE-2002-1183Dec 11, 2002
    risk 0.05cvss epss 0.19

    Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862).

  • CVE-2000-0377Jun 8, 2000
    risk 0.05cvss epss 0.19

    The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.

  • CVE-1999-0288Aug 1, 1998
    risk 0.05cvss epss 0.21

    The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.

  • CVE-2003-1407Dec 31, 2003
    risk 0.03cvss epss 0.03

    Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.

  • CVE-1999-0899Nov 4, 1999
    risk 0.03cvss epss 0.03

    The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.

  • CVE-1999-0716May 17, 1999
    risk 0.03cvss epss 0.06

    Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.

  • CVE-2005-2150Jul 11, 2005
    risk 0.02cvss epss 0.19

    Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog.

  • CVE-2004-0569Nov 3, 2004
    risk 0.02cvss epss 0.19

    The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values.

  • CVE-2004-0118Jun 1, 2004
    risk 0.02cvss epss 0.22

    The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.

Page 1 of 3