Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Windows_nt | Microsoft | 4.0 (including) | 4.0 (including) |
| Windows_nt | Microsoft | 4.0-sp1 (including) | 4.0-sp1 (including) |
| Windows_nt | Microsoft | 4.0-sp2 (including) | 4.0-sp2 (including) |
| Windows_nt | Microsoft | 4.0-sp3 (including) | 4.0-sp3 (including) |
| Windows_nt | Microsoft | 4.0-sp4 (including) | 4.0-sp4 (including) |
| Windows_nt | Microsoft | 4.0-sp5 (including) | 4.0-sp5 (including) |
References
- http://www.securityfocus.com/bid/604
- http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=4.1.19990824165629.00abcb40%40192.168.124.1
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-046
- http://www.securityfocus.com/bid/604
- http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=4.1.19990824165629.00abcb40%40192.168.124.1
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-046