Windows Internet Naming Service Vulnerability in Microsoft Products
CVE-1999-1593

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2000; Windows 95; Windows 98
Vendor: CVE Published:; 15 January 2009

Summary

The Windows Internet Naming Service (WINS) is susceptible to manipulation by remote attackers who can exploit a 1Ch registration to redirect domain controller settings to a malicious server, thereby compromising network connectivity and potentially stealing credentials. This vulnerability may present limited impact when older Windows clients, such as Windows 95/98, are in use or if the primary domain controller becomes unreachable.

References

http://archives.neohapsis.com/archives/ntbugtraq/1998-199...

mailing-listx_refsource_NTBUGTRAQ

http://seclists.org/bugtraq/2001/Jan/0271.html

mailing-listx_refsource_BUGTRAQ

https://www2.sans.org/reading_room/whitepapers/win2k/185.php

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 15, 2009