| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A Windows NT administrator account has the default name of Administrator. |
| A system does not present an appropriate legal message or warning to a user who is accessing it. |
| A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. |
| A version of finger is running that exposes valid user information to any entity on the network. |
| Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. |
| A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. |
| Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. |
| Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. |
| Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. |
| An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. |
| Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. |
| NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. |
| Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. |
| DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. |
| Denial of service in various Windows systems via malformed, fragmented IGMP packets. |
| The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs. |
| Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request. |
| The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories. |
| Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability. |
