CVE-1999-0391

Published: Jan 5, 1999Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

Affected (13)

Products: Microsoft: Terminal Server, Windows 2000, Windows Nt

3 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Terminal Server	All versions

Configuration B

12 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows Nt	Version 3.5.1 sp1
Microsoft Windows Nt	Version 3.5.1 sp2
Microsoft Windows Nt	Version 3.5.1 sp3
Microsoft Windows Nt	Version 3.5.1 sp4
Microsoft Windows Nt	Version 3.5.1 sp5
Microsoft Windows Nt	Version 4.0
Microsoft Windows Nt	Version 4.0 sp1
Microsoft Windows Nt	Version 4.0 sp2
Microsoft Windows Nt	Version 4.0 sp3
Microsoft Windows Nt	Version 4.0 sp4
Microsoft Windows Nt	Version 4.0 sp5

References (2)

https://marc.info/?l=bugtraq&m=91552769809542&w=2

Source: cve@mitre.org

https://marc.info/?l=bugtraq&m=91552769809542&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.