Vulnerability Name:

CVE-1999-0898 (CCN-3457)

Assigned:1999-11-04
Published:1999-11-04
Updated:2018-10-12
Summary:Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-1999-0898

Source: MITRE
Type: CNA
CVE-1999-0899

Source: MSKB
Type: UNKNOWN
Q243649

Source: CCN
Type: eEye Digital Security Team Alert AD19991104
Printer (spooler) Service Vulnerabilities

Source: CCN
Type: Microsoft Security Bulletin MS01-041
Malformed RPC Request Can Cause Service Failure

Source: CCN
Type: Microsoft Security Bulletin MS02-001
Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data

Source: CCN
Type: Microsoft Security Bulletin MS02-018
Cumulative Patch for Internet Information Services (Q319733)

Source: CCN
Type: Microsoft Security Bulletin MS99-047
Patch Available for "Malformed Spooler Request" Vulnerability

Source: CCN
Type: OSVDB ID: 1134
Microsoft Windows NT Print Spooler Malformed Request Overflow

Source: CCN
Type: OSVDB ID: 1135
Microsoft Windows NT Print Spooler Service (spoolss.exe) AddPrintProvider() Function Alternate Print Provider Arbitrary Command Execution

Source: BID
Type: UNKNOWN
768

Source: CCN
Type: BID-768
NT Spoolss.exe Buffer Overflow Vulnerabilities

Source: CCN
Type: BID-769
NT Spoolss.exe DLL Insertion Vulnerability

Source: MS
Type: UNKNOWN
MS99-047

Source: XF
Type: UNKNOWN
nt-printer-spooler-bo(3457)

Source: CCN
Type: Microsoft Knowledge Base Article 243649
Unchecked Print Spooler Buffer May Expose System Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    microsoft windows nt 4.0
    microsoft windows nt 4.0 sp1
    microsoft windows nt 4.0 sp2
    microsoft windows nt 4.0 sp3
    microsoft windows nt 4.0 sp4
    microsoft windows nt 4.0 sp5
    microsoft windows nt 4.0 sp6
    microsoft windows nt 4.0