Microsoft ≫ Windows Nt

Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.

The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.

Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.

Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.

The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.

In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.

Windows NT 4.0 beta allows users to read and delete shares.

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.

Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.