Vulnerabilities > CVE-1999-0391 - Unspecified vulnerability in Microsoft Terminal Server, Windows 2000 and Windows NT

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 1999-01-05

Updated: 2022-08-17

Summary

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Terminal Server *	1
OS	Microsoft Microsoft Windows NT 3.5.1 Microsoft Windows NT 4.0 Microsoft Windows 2000 *	12

References

https://marc.info/?l=bugtraq&m=91552769809542&w=2