Vulnerabilities > Microsoft > Medium
|1997-12-16||CVE-1999-0104||A later variation on the Teardrop IP denial of service attack, a.k.a.|| 5.0 |
|1997-12-16||CVE-1999-0015||Teardrop IP denial of service.|| 5.0 |
|1997-12-01||CVE-1999-0016||Land IP denial of service.|| 5.0 |
|1997-10-01||CVE-1999-0294|| Unspecified vulnerability in Microsoft Wins |
All records in a WINS database can be deleted through SNMP for a denial of service.
| 5.0 |
|1997-09-01||CVE-1999-0191|| Unspecified vulnerability in Microsoft Internet Information Server 3.0 |
IIS newdsn.exe CGI script allows remote users to overwrite files.
| 6.4 |
|1997-07-25||CVE-1999-1217|| Unspecified vulnerability in Microsoft Windows NT |
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.
| 4.6 |
|1997-07-10||CVE-1999-1463|| Unspecified vulnerability in Microsoft Windows NT 3.5.1/4.0 |
Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session.
| 5.0 |
|1997-07-01||CVE-1999-0153||Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.|| 5.0 |
|1997-07-01||CVE-1999-0074||Listening TCP ports are sequentially allocated, allowing spoofing attacks.|| 6.4 |
|1997-06-10||CVE-1999-0275|| Unspecified vulnerability in Microsoft Windows NT |
Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.
| 5.0 |