Microsoft: >> Windows Nt >> 4.0 Security Vulnerabilities
The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability.
CVSS Score
4.6
EPSS Score
0.008
Published
2000-07-25
A Windows NT administrator account has the default name of Administrator.
CVSS Score
2.1
EPSS Score
0.008
Published
2000-07-01
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
CVSS Score
5.0
EPSS Score
0.121
Published
2000-06-08
Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length.
CVSS Score
5.0
EPSS Score
0.144
Published
2000-06-05
A system does not present an appropriate legal message or warning to a user who is accessing it.
CVSS Score
10.0
EPSS Score
0.103
Published
2000-06-01
The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability.
CVSS Score
5.0
EPSS Score
0.132
Published
2000-05-25
The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability.
CVSS Score
5.0
EPSS Score
0.132
Published
2000-05-25
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.
CVSS Score
7.8
EPSS Score
0.307
Published
2000-05-19
Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.
CVSS Score
5.0
EPSS Score
0.245
Published
2000-05-16
Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability.
CVSS Score
5.0
EPSS Score
0.116
Published
2000-04-20