| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password. |
| Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. |
| Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. |
| Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters. |
| LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. |
| The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL. |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. |
| A system does not present an appropriate legal message or warning to a user who is accessing it. |
| DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. |
| Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. |
| Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." |
| A NETBIOS/SMB share password is guessable. |
| Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. |
| The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork. |
| Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters. |
| Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name. |
| Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." |
| A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. |
| In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. |
