Vulnerability Name: | CVE-1999-0995 |
Assigned: | 1999-12-16 |
Published: | 1999-12-16 |
Updated: | 2018-10-12 |
Summary: | Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."
|
CVSS v3 Severity: | 7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): High |
|
CVSS v2 Severity: | 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Complete | 7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Complete |
|
Vulnerability Type: | CWE-20
|
References: | Source: MITRE Type: CNA CVE-1999-0995
Source: MSKB Type: UNKNOWN Q248185
Source: BID Type: UNKNOWN 875
Source: MS Type: UNKNOWN MS99-057
|
Vulnerable Configuration: | Configuration 1: cpe:/o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*OR cpe:/o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*OR cpe:/o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*OR cpe:/o:microsoft:windows_nt:4.0:sp1:*:*:enterprise:*:x86:*
Denotes that component is vulnerable |
BACK |