Page 46 of 317 results (0.014 seconds)

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0

Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs. • http://marc.info/?l=bugtraq&m=90763508011966&w=2 http://marc.info/?l=ntbugtraq&m=90760603030452&w=2 http://support.microsoft.com/support/kb/articles/Q179/1/57.asp http://www.iss.net/security_center/static/1399.php •

CVSS: 7.5EPSS: 94%CPEs: 4EXPL: 0

Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. • http://support.microsoft.com/support/kb/articles/Q195/7/33.asp http://www.iss.net/security_center/static/523.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-017 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0

Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request." • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ248185 http://www.securityfocus.com/bid/875 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-057 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0

Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ248183 http://www.securityfocus.com/bid/873 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-056 • CWE-255: Credentials Management Errors •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 1

The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. • https://www.exploit-db.com/exploits/19673 http://www.securityfocus.com/bid/868 •