Description
The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork.
Product(s):
- Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0 Embedded Edition x64
- Microsoft Windows NT 4.0 Embedded Edition x86
- Microsoft Windows NT 4.0 Enterprise Edition x64
- Microsoft Windows NT 4.0 Enterprise Edition x86
- Microsoft Windows NT 4.0 Server Edition x64
- Microsoft Windows NT 4.0 Server Edition x86
- Microsoft Windows NT 4.0 Terminal Server Edition x64
- Microsoft Windows NT 4.0 Terminal Server Edition x86
- Microsoft Windows NT 4.0 Workstation Edition x64
- Microsoft Windows NT 4.0 Workstation Edition x86
- Microsoft Windows 4.0 gold
- Microsoft Windows 4.0 gold embedded
- Microsoft Windows 4.0 gold enterprise
- Microsoft Windows 4.0 gold server
- Microsoft Windows NT 4.0 Terminal Server Edition (Initial release)
- Microsoft Windows 4.0 gold workstation
- Microsoft Windows 4.0 sp1
- Microsoft Windows NT 4.0 Service Pack 1 Embedded Edition x64
- Microsoft Windows NT 4.0 Service Pack 1 Embedded Edition x86
- Microsoft Windows NT 4.0 Service Pack 1 Enterprise Edition x64
- Microsoft Windows NT 4.0 Service Pack 1 Enterprise Edition x86
- Microsoft Windows NT 4.0 Service Pack 1 Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 1 Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 1 Terminal Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 1 Terminal Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 1 Workstation Edition x64
- Microsoft Windows NT 4.0 Service Pack 1 Workstation Edition x86
- Microsoft Windows 4.0 sp1 embedded
- Microsoft Windows 4.0 sp1 enterprise
- Microsoft Windows 4.0 sp1 server
- Microsoft Windows NT Terminal Server 4.0 SP1
- Microsoft Windows 4.0 sp1 workstation
- Microsoft Windows 4.0 sp2
- Microsoft Windows NT 4.0 Service Pack 2 Embedded Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Embedded Edition x86
- Microsoft Windows NT 4.0 Service Pack 2 Enterprise Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Enterprise Edition x86
- Microsoft Windows NT 4.0 Service Pack 2 Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 2 Terminal Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Terminal Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 2 Workstation Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Workstation Edition x86
- Microsoft Windows 4.0 sp2 embedded
- Microsoft Windows 4.0 sp2 enterprise
- Microsoft Windows 4.0 sp2 server
- Microsoft Windows NT Terminal Server 4.0 SP2
- Microsoft Windows 4.0 sp2 workstation
- Microsoft Windows 4.0 sp3
- Microsoft Windows NT 4.0 Service Pack 3 Embedded Edition x64
- Microsoft Windows NT 4.0 Service Pack 3 Embedded Edition x86
- Microsoft Windows NT 4.0 Service Pack 3 Enterprise Edition x64
- Microsoft Windows NT 4.0 Service Pack 3 Enterprise Edition x86
- Microsoft Windows NT 4.0 Service Pack 3 Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 3 Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 3 Terminal Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 3 Terminal Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 3 Workstation Edition x64
- Microsoft Windows NT 4.0 Service Pack 3 Workstation Edition x86
- Microsoft Windows 4.0 sp3 embedded
- Microsoft Windows 4.0 sp3 enterprise
- Microsoft Windows 4.0 sp3 server
- Microsoft Windows NT Terminal Server 4.0 SP3
- Microsoft Windows 4.0 sp3 workstation
- Microsoft Windows 4.0 sp4
- Microsoft Windows NT 4.0 Service Pack 4 Embedded Edition x64
- Microsoft Windows NT 4.0 Service Pack 4 Embedded Edition x86
- Microsoft Windows NT 4.0 Service Pack 4 Enterprise Edition x64
- Microsoft Windows NT 4.0 Service Pack 4 Enterprise Edition x86
- Microsoft Windows NT 4.0 Service Pack 4 Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 4 Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 4 Terminal Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 4 Terminal Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 4 Workstation Edition x64
- Microsoft Windows NT 4.0 Service Pack 4 Workstation Edition x86
- Microsoft Windows 4.0 sp4 embedded
- Microsoft Windows 4.0 sp4 enterprise
- Microsoft Windows 4.0 sp4 server
- Microsoft Windows NT Terminal Server 4.0 SP4
- Microsoft Windows 4.0 sp4 workstation
- Microsoft Windows 4.0 sp5
- Microsoft Windows NT 4.0 Service Pack 5 Embedded Edition x64
- Microsoft Windows NT 4.0 Service Pack 5 Embedded Edition x86
- Microsoft Windows NT 4.0 Service Pack 5 Enterprise Edition x64
- Microsoft Windows NT 4.0 Service Pack 5 Enterprise Edition x86
- Microsoft Windows NT 4.0 Service Pack 5 Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 5 Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 5 Terminal Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 5 Terminal Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 5 Workstation Edition x64
- Microsoft Windows NT 4.0 Service Pack 5 Workstation Edition x86
- Microsoft Windows 4.0 sp5 embedded
- Microsoft Windows 4.0 sp5 enterprise
- Microsoft Windows 4.0 sp5 server
- Microsoft Windows NT Terminal Server 4.0 SP5
- Microsoft Windows 4.0 sp5 workstation
- Microsoft Windows 4.0 sp6
- Microsoft Windows NT 4.0 Service Pack 6 Embedded Edition x64
- Microsoft Windows NT 4.0 Service Pack 6 Embedded Edition x86
- +35 additional
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-1999-0969, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-1999-0969 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.