| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of. |
| A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. |
| The Windows NT guest account is enabled. |
| An SSH server allows authentication through the .rhosts file. |
| A superfluous NFS server is running, but it is not importing or exporting any file systems. |
| HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests. |
| A Unix account with a name other than "root" has UID 0, i.e. root privileges. |
| A system-critical Unix file or directory has inappropriate permissions. |
| A system-critical Windows NT file or directory has inappropriate permissions. |
| IIS has the #exec function enabled for Server Side Include (SSI) files. |
| The registry in Windows NT can be accessed remotely by users who are not administrators. |
| An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled. |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. |
| A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file. |
| Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. |
| .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. |
| A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking. |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. |
| The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. |
| There is a one-way or two-way trust relationship between Windows NT domains. |
