CVSS: 5.0EPSS: 8%CPEs: 2EXPL: 1CVE-2000-0347 – Microsoft Windows 95/98 - NetBIOS NULL Name
https://notcve.org/view.php?id=CVE-2000-0347
Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name. • https://www.exploit-db.com/exploits/19889 http://marc.info/?l=ntbugtraq&m=95737580922397&w=2 http://www.securityfocus.com/bid/1163 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2000-1218
https://notcve.org/view.php?id=CVE-2000-1218
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. • http://www.kb.cert.org/vuls/id/458659 https://exchange.xforce.ibmcloud.com/vulnerabilities/4280 • CWE-346: Origin Validation Error •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1CVE-2000-0168 – Microsoft Windows Server 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service
https://notcve.org/view.php?id=CVE-2000-0168
Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. • https://www.exploit-db.com/exploits/19799 http://www.securityfocus.com/bid/1043 http://www.securityfocus.com/templates/advisory.html?id=2126 http://www.securityfocus.com/templates/archive.pike?list=1&msg=NCBBKFKDOLAGKIAPMILPCENECCAA.labs%40ussrback.com •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 2CVE-2000-0155 – Microsoft Windows 95/98/NT 4.0 - 'autorun.inf' Code Execution
https://notcve.org/view.php?id=CVE-2000-0155
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive. • https://www.exploit-db.com/exploits/19754 http://www.securityfocus.com/bid/993 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000701bf79cd%24fdb5a620%244c4342a6%40mightye.org • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 1CVE-2000-0129 – Cat Soft Serv-U FTP Server 2.5/a/b (Windows 95/98/2000/NT 4.0) - Shortcut
https://notcve.org/view.php?id=CVE-2000-0129
Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. • https://www.exploit-db.com/exploits/19743 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0129 •