| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. |
| Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size. |
| Denial of service in Windows NT messenger service through a long username. |
| Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. |
| NETBIOS share information may be published through SNMP registry keys in NT. |
| Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. |
| A system does not present an appropriate legal message or warning to a user who is accessing it. |
| A NETBIOS/SMB share password is the default, null, or missing. |
| A Windows NT administrator account has the default name of Administrator. |
| A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. |
| "Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications. |
| Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link. |
| Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request. |
| Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. |
| Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. |
| The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. |
| Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability. |
| Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability. |
