Описание
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.
Ссылки
- Broken LinkPatchVendor Advisory
- Broken Link
- PatchVendor Advisory
- Broken LinkPatchVendor Advisory
- Broken Link
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:microsoft:windows_nt:4.0:-:*:*:enterprise:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:-:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:-:*:*:terminal_server:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:-:*:*:workstation:*:*:*
EPSS
Процентиль: 96%
0.3003
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-772
Связанные уязвимости
CVSS3: 7.5
github
около 3 лет назад
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.
EPSS
Процентиль: 96%
0.3003
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-772