| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. |
| Predictable TCP sequence numbers allow spoofing. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. |
| Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. |
| Windows NT RSHSVC program allows remote users to execute arbitrary commands. |
| Bonk variation of teardrop IP fragmentation denial of service. |
| Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made. |
| In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. |
| Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. |
| The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. |
| The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. |
| A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin. |
| A Windows NT local user or administrator account has a guessable password. |
| A Windows NT local user or administrator account has a default, null, blank, or missing password. |
| A NETBIOS/SMB share password is the default, null, or missing. |
| A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. |
