Vulnerabilities > CVE-1999-1455 - Unspecified vulnerability in Microsoft Windows NT

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 1999-12-31

Updated: 2017-10-10

Summary

RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows NT - Microsoft Windows NT 3.0.1 Microsoft Windows NT 3.1 Microsoft Windows NT 3.5 Microsoft Windows NT 3.5.1 Microsoft Windows NT 3.51 Microsoft Windows NT 4.0	147

References

http://support.microsoft.com/support/kb/articles/q158/3/20.asp
https://exchange.xforce.ibmcloud.com/vulnerabilities/7422