Page 5 of 57 results (0.003 seconds)

CVSS: 6.4EPSS: 3%CPEs: 4EXPL: 4

File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability. • https://www.exploit-db.com/exploits/20283 https://www.exploit-db.com/exploits/20284 https://github.com/Z6543/CVE-2000-0979 http://marc.info/?l=bugtraq&m=97147777618139&w=2 http://www.securityfocus.com/bid/1780 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072 https://exchange.xforce.ibmcloud.com/vulnerabilities/5395 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996 •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1

NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network. • http://www.securityfocus.com/bid/1781 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-073 https://exchange.xforce.ibmcloud.com/vulnerabilities/5357 •

CVSS: 5.0EPSS: 1%CPEs: 5EXPL: 1

Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE. • http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0105.html http://razor.bindview.com/publish/advisories/adv_NAPTHA.html http://www.cert.org/advisories/CA-2000-21.html http://www.securityfocus.com/bid/2022 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-091 •

CVSS: 2.6EPSS: 0%CPEs: 3EXPL: 0

NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash. • http://www.securityfocus.com/archive/1/139511 http://www.securityfocus.com/bid/1794 https://exchange.xforce.ibmcloud.com/vulnerabilities/5370 •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability. • http://www.securityfocus.com/bid/1544 http://www.securityfocus.com/templates/archive.pike?list=1&mid=63120 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-054 https://exchange.xforce.ibmcloud.com/vulnerabilities/5079 •