CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 1CVE-1999-0372 – Hancom Office 2007 - 'Reboot.ini' Clear-Text Passwords
https://notcve.org/view.php?id=CVE-1999-0372
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. • https://www.exploit-db.com/exploits/19192 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ217004 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-005 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-1999-0366
https://notcve.org/view.php?id=CVE-1999-0366
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ214840 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-004 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0119
https://notcve.org/view.php?id=CVE-1999-0119
Windows NT 4.0 beta allows users to read and delete shares. • https://exchange.xforce.ibmcloud.com/vulnerabilities/11 •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-1999-0391
https://notcve.org/view.php?id=CVE-1999-0391
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. • https://marc.info/?l=bugtraq&m=91552769809542&w=2 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1291
https://notcve.org/view.php?id=CVE-1999-1291
TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. • http://www.securityfocus.com/archive/1/10789 https://exchange.xforce.ibmcloud.com/vulnerabilities/1383 •