Microsoft Windows Nt vulnerabilities

CVE-1999-0376 [MEDIUM] CVE-1999-0376: Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to refe Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.

CVE-1999-0366 [HIGH] CWE-287 CVE-1999-0366: In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank pa In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.

CVE-1999-0119 [CRITICAL] CVE-1999-0119: Windows NT 4.0 beta allows users to read and delete shares. Windows NT 4.0 beta allows users to read and delete shares.

CVE-1999-0391 [HIGH] CVE-1999-0391: The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowi The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

CVE-1999-1291 [MEDIUM] CVE-1999-1291: TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote at TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target.

CVE-1999-0969 [MEDIUM] CVE-1999-0969: The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malf The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork.

CVE-1999-0344 [HIGH] CWE-264 CVE-1999-0344: NT users can gain debug-level access on a system process using the Sechole exploit. NT users can gain debug-level access on a system process using the Sechole exploit.

CVE-1999-0288 [MEDIUM] CVE-1999-0288: The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.

CVE-1999-0278 [MEDIUM] CVE-1999-0278: In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.

CVE-1999-1361 [MEDIUM] CVE-1999-1361: Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to caus Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages.

CVE-1999-0225 [MEDIUM] CVE-1999-0225: Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon reques Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.

CVE-1999-1581 [MEDIUM] CVE-1999-1581: Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded.

CVE-1999-0104 [MEDIUM] CVE-1999-0104: A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.

CVE-1999-1463 [MEDIUM] CVE-1999-1463: Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session.

CVE-1999-0227 [MEDIUM] CWE-264 CVE-1999-0227: Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service. Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.

CVE-1999-1387 [MEDIUM] CVE-1999-1387: Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malfor Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25.

CVE-1999-0292 [MEDIUM] CVE-1999-0292: Denial of service through Winpopup using large user names. Denial of service through Winpopup using large user names.

CVE-1999-0228 [MEDIUM] CVE-1999-0228: Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT.

CVE-1999-0496 [HIGH] CWE-264 CVE-1999-0496: A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regard A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.

CVE-1999-0274 [MEDIUM] CVE-1999-0274: Denial of service in Windows NT DNS servers through malicious packet which contains a response to a Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made.