CVE-1999-0909

Published: Sep 20, 1999Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.

Affected (10)

Products: Microsoft: Terminal Server, Windows 95, Windows 98se, Windows Nt

4 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Terminal Server	All versions

Configuration B

9 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 95	Version 0a
Microsoft Windows 95	Version 0b
Microsoft Windows 98se	All versions
Microsoft Windows Nt	Version 4.0
Microsoft Windows Nt	Version 4.0 sp1
Microsoft Windows Nt	Version 4.0 sp2
Microsoft Windows Nt	Version 4.0 sp3
Microsoft Windows Nt	Version 4.0 sp4
Microsoft Windows Nt	Version 4.0 sp5

Related CWEs

CWE-264

References (6)

http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ238453

Source: cve@mitre.org

http://www.securityfocus.com/bid/646

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-038

Source: cve@mitre.org

http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ238453

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/646

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-038

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.