Description
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25.
Product(s):
- Microsoft Windows 4.0 sp2
- Microsoft Windows NT 4.0 Service Pack 2 Embedded Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Embedded Edition x86
- Microsoft Windows NT 4.0 Service Pack 2 Enterprise Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Enterprise Edition x86
- Microsoft Windows NT 4.0 Service Pack 2 Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 2 Terminal Server Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Terminal Server Edition x86
- Microsoft Windows NT 4.0 Service Pack 2 Workstation Edition x64
- Microsoft Windows NT 4.0 Service Pack 2 Workstation Edition x86
- Microsoft Windows 4.0 sp2 embedded
- Microsoft Windows 4.0 sp2 enterprise
- Microsoft Windows 4.0 sp2 server
- Microsoft Windows NT Terminal Server 4.0 SP2
- Microsoft Windows 4.0 sp2 workstation
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-1999-1387, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-1999-1387 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.