CVE-1999-0391

Published Jan 5, 1999

Last updated 2 years ago

Overview

Description: The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:terminal_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40242161-D5AD-4314-AB95-E61292C49DF2"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF8BECF6-3C33-4D8C-B54E-A0D2F3295E81"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "828B4519-24D8-45A7-8448-D5FF6C83A2C3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F495AF7A-CC31-4045-BACC-902950C80ABF"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68DFA54C-3DB9-4A94-A446-CF28671FE4F6"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55A2AC4C-6B85-4B60-BFE1-C9588C5973B0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BDCBCB8-DAA3-465F-ADDE-9143B8251989"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B86E0671-ED68-4549-B3AC-FD8BD79B0860"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB76E7EC-C396-4537-9065-4E815DA7097C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CD026E2-B073-40A6-AD4A-8C76B9169B01"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBFB3E49-3FB5-4947-856D-727CBFFBA543"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References