Microsoft: >> Windows Nt >> 4.0 Security Vulnerabilities
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.
CVSS Score
4.6
EPSS Score
0.004
Published
1997-07-25
Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session.
CVSS Score
5.0
EPSS Score
0.04
Published
1997-07-10
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
CVSS Score
6.4
EPSS Score
0.059
Published
1997-07-01
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
CVSS Score
5.0
EPSS Score
0.244
Published
1997-07-01
Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.
CVSS Score
5.0
EPSS Score
0.049
Published
1997-06-10
Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.
CVSS Score
5.0
EPSS Score
0.046
Published
1997-06-01
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25.
CVSS Score
5.0
EPSS Score
0.098
Published
1997-04-02
Denial of service through Winpopup using large user names.
CVSS Score
5.0
EPSS Score
0.049
Published
1997-04-01
A version of finger is running that exposes valid user information to any entity on the network.
EPSS Score
0.221
Published
1997-03-01
Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT.
CVSS Score
5.0
EPSS Score
0.046
Published
1997-02-07