Replay Attack Vulnerability in SMB Authentication for Windows 95 and 98
CVE-1999-0391

Currently unrated

Key Information:

Vendor: Microsoft
Status: Terminal Server
Vendor: CVE Published:; 5 January 1999

Summary

The SMB (Server Message Block) authentication mechanism in Windows 95 and Windows 98 can be exploited due to a cryptographic weakness. An attacker can potentially reuse the cryptographic challenge during authentication, facilitating a replay attack. By doing so, the attacker can impersonate legitimate users and gain unauthorized access to shared resources, thereby compromising the security of the system.

References

https://marc.info/?l=bugtraq&m=91552769809542&w=2

x_refsource_MISC

Timeline

Vulnerability Reserved
Jun 7, 1999
Vulnerability published
Jan 5, 1999