CVE-1999-0391
Severity:
Pending analysis
Type:
Unavailable / Other
Publication date:
05/01/1999
Last modified:
17/08/2022
Description
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:microsoft:terminal_server:*:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:3.5.1:sp1:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:3.5.1:sp2:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:3.5.1:sp3:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:3.5.1:sp4:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:3.5.1:sp5:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page