Vulnerability Name:

CVE-1999-0749 (CCN-3129)

Assigned:1999-08-16
Published:1999-08-16
Updated:2018-10-12
Summary:Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Sun, 15 Aug 1999 15:02:26 PDT
telnet.exe heap overflow - remotely exploitable

Source: CCN
Type: BugTraq Mailing List, Tue, 17 Aug 1999 18:02:34 -0700
Re: telnet.exe heap overflow - remotely exploitable

Source: MITRE
Type: CNA
CVE-1999-0749

Source: CCN
Type: Microsoft Security Bulletin MS99-033
Patch Available for 'Malformed Telnet Argument' Vulnerability

Source: CCN
Type: OSVDB ID: 1046
Microsoft Windows telnet.exe Argument Overflow

Source: BID
Type: UNKNOWN
586

Source: CCN
Type: BID-586
Microsoft Windows 9x IE5/Telnet Heap Overflow Vulnerability

Source: MS
Type: UNKNOWN
MS99-033

Source: XF
Type: UNKNOWN
win-ie5-telnet-heap-overflow(3129)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_95:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98:*:gold:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows_95:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    microsoft windows 95 *
    microsoft windows 98 * gold
    microsoft windows 95 *
    microsoft windows nt 4.0
    microsoft windows 98 *
    microsoft windows 98se *
    microsoft windows 2000 *