See Recorded Future’s Threat Intelligence Solutions in Action

See our Threat Intelligence Solutions in Action

Reduce risk and mitigate cyber attacks, no matter your IT & security stack, maturity journey, or industry

Book a free demo

View Solutions to Reduce Risk

See Recorded Future’s Intelligence in Action

Reduce operational risk through timely, precise, and actionable intelligence.

Book a free demo

Intelligence Cloud Overview

View Services & Support Overview

View Research Overview

CVE-1999-0153

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Jul 1, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-0153 is a denial-of-service vulnerability affecting Windows 95 and NT operating systems. An attacker can exploit this vulnerability by sending specially crafted NetBIOS packets to a target system's port 135 or 137, causing a buffer overflow and crashing the NetBIOS subsystem. This results in a denial-of-service condition, making the system unresponsive and inaccessible to users until it is restarted. The vulnerability, also known as WinNuke, posed a significant threat to Windows networks in the late 1990s and early 2000s. Microsoft released patches to address the issue, and it is no longer considered an active threat. However, it serves as a reminder of the importance of maintaining up-to-date software and implementing appropriate security measures to protect against denial-of-service attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows 95

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

Back to Vulnerability Database