Microsoft: >> Windows Nt >> 3.5 Security Vulnerabilities
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.
CVSS Score
10.0
EPSS Score
0.336
Published
2002-03-08
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
CVSS Score
5.0
EPSS Score
0.102
Published
2001-12-20
Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.
CVSS Score
7.2
EPSS Score
0.006
Published
2001-05-03
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
CVSS Score
7.2
EPSS Score
0.014
Published
2001-03-12
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability.
CVSS Score
5.0
EPSS Score
0.191
Published
2001-03-12
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
CVSS Score
5.0
EPSS Score
0.161
Published
2001-02-12
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.
CVSS Score
5.0
EPSS Score
0.148
Published
1999-12-31
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.
CVSS Score
4.6
EPSS Score
0.004
Published
1999-12-31
When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.
CVSS Score
7.5
EPSS Score
0.089
Published
1999-12-31
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
CVSS Score
2.1
EPSS Score
0.002
Published
1999-12-31