CVSS: 6.4EPSS: 3%CPEs: 4EXPL: 4CVE-2000-0979 – Microsoft Windows 9x/ME - Share Level Password Bypass
https://notcve.org/view.php?id=CVE-2000-0979
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability. • https://www.exploit-db.com/exploits/20283 https://www.exploit-db.com/exploits/20284 https://github.com/Z6543/CVE-2000-0979 http://marc.info/?l=bugtraq&m=97147777618139&w=2 http://www.securityfocus.com/bid/1780 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072 https://exchange.xforce.ibmcloud.com/vulnerabilities/5395 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996 •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1CVE-2000-0980
https://notcve.org/view.php?id=CVE-2000-0980
NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network. • http://www.securityfocus.com/bid/1781 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-073 https://exchange.xforce.ibmcloud.com/vulnerabilities/5357 •
CVSS: 5.0EPSS: 1%CPEs: 5EXPL: 1CVE-2000-1039
https://notcve.org/view.php?id=CVE-2000-1039
Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE. • http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0105.html http://razor.bindview.com/publish/advisories/adv_NAPTHA.html http://www.cert.org/advisories/CA-2000-21.html http://www.securityfocus.com/bid/2022 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-091 •
CVSS: 2.6EPSS: 0%CPEs: 3EXPL: 0CVE-2000-1003
https://notcve.org/view.php?id=CVE-2000-1003
NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash. • http://www.securityfocus.com/archive/1/139511 http://www.securityfocus.com/bid/1794 https://exchange.xforce.ibmcloud.com/vulnerabilities/5370 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2000-0742
https://notcve.org/view.php?id=CVE-2000-0742
The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability. • http://www.securityfocus.com/bid/1544 http://www.securityfocus.com/templates/archive.pike?list=1&mid=63120 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-054 https://exchange.xforce.ibmcloud.com/vulnerabilities/5079 •