CVE-1999-1593

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://seclists.org/bugtraq/2001/Jan/0271.html", "name": "20010118 Re: Invalid WINS entries", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://seclists.org/bugtraq/2001/Jan/0264.html", "name": "20010117 Invalid WINS entries", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://seclists.org/bugtraq/2001/Jan/0289.html", "name": "20010118 Re: Invalid WINS entries", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "https://www2.sans.org/reading_room/whitepapers/win2k/185.php", "name": "https://www2.sans.org/reading_room/whitepapers/win2k/185.php", "tags": ["Broken Link", "Exploit"], "refsource": "MISC"}, {"url": "http://seclists.org/bugtraq/2001/Jan/0274.html", "name": "20010117 Re: Invalid WINS entries", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://seclists.org/bugtraq/2001/Jan/0269.html", "name": "20010117 Re: Invalid WINS entries", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/bid/2221", "name": "2221", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://seclists.org/bugtraq/2001/Jan/0298.html", "name": "20010119 Re: Invalid WINS entries", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00371.html", "name": "19990302 NT Domain DoS and Security Exploit with SAMBA Server", "tags": ["Broken Link", "Third Party Advisory"], "refsource": "NTBUGTRAQ"}, {"url": "http://seclists.org/bugtraq/2001/Jan/0276.html", "name": "20010117 Re: Invalid WINS entries", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-59"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-1999-1593", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2009-01-15T01:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_95:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2020-01-10T20:07Z"}