Page 33 of 317 results (0.006 seconds)

CVSS: 5.0EPSS: 89%CPEs: 1EXPL: 0

RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause a denial of service (loss of RPC services) via a malformed request. • http://www.ciac.org/ciac/bulletins/l-142.shtml http://www.securityfocus.com/bid/3313 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-048 https://exchange.xforce.ibmcloud.com/vulnerabilities/7105 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts. • http://www.securityfocus.com/bid/3183 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-043 https://exchange.xforce.ibmcloud.com/vulnerabilities/6977 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A334 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses. • http://support.microsoft.com/default.aspx?scid=KB%3Ben-us%3Bq241352 http://www.kb.cert.org/vuls/id/109475 http://www.securityfocus.com/bid/6791 https://exchange.xforce.ibmcloud.com/vulnerabilities/3675 • CWE-346: Origin Validation Error •

CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 1

Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. • http://www.securityfocus.com/archive/1/44430 http://www.securityfocus.com/bid/959 https://exchange.xforce.ibmcloud.com/vulnerabilities/4015 •

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0

Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-041 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A82 • CWE-20: Improper Input Validation •