CPE, which stands for Common Platform Enumeration, is a standardized scheme for naming hardware, software, and operating systems. CPE provides a structured naming scheme to uniquely identify and classify information technology systems, platforms, and packages based on certain attributes such as vendor, product name, version, update, edition, and language.
CWE, or Common Weakness Enumeration, is a comprehensive list and categorization of software weaknesses and vulnerabilities. It serves as a common language for describing software security weaknesses in architecture, design, code, or implementation that can lead to vulnerabilities.
CAPEC, which stands for Common Attack Pattern Enumeration and Classification, is a comprehensive, publicly available resource that documents common patterns of attack employed by adversaries in cyber attacks. This knowledge base aims to understand and articulate common vulnerabilities and the methods attackers use to exploit them.
Services & Price
Help & Info
Search : CVE id, CWE id, CAPEC id, vendor or keywords in CVE
The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.
CVE Informations
Metrics
Metrics
Score
Severity
CVSS Vector
Source
V2
5
AV:N/AC:L/Au:N/C:N/I:N/A:P
nvd@nist.gov
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
Date
EPSS V0
EPSS V1
EPSS V2 (> 2022-02-04)
EPSS V3 (> 2025-03-07)
EPSS V4 (> 2025-03-17)
2022-02-06
–
–
26.56%
–
–
2022-04-03
–
–
26.56%
–
–
2023-03-12
–
–
–
31.57%
–
2023-11-12
–
–
–
31.57%
–
2024-02-11
–
–
–
8.35%
–
2024-06-02
–
–
–
8.35%
–
2024-08-25
–
–
–
8.35%
–
2024-12-22
–
–
–
8.35%
–
2025-02-23
–
–
–
8.35%
–
2025-01-19
–
–
–
8.35%
–
2025-02-23
–
–
–
8.35%
–
2025-03-18
–
–
–
–
21.8%
2025-03-30
–
–
–
–
26.56%
2025-03-30
–
–
–
–
26.56,%
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Publication date : 1999-06-03 22h00 +00:00 Author : Carl Byington EDB Verified : Yes
source: https://www.securityfocus.com/bid/298/info
NT Workstations and Servers must have unique hostnames if they reside on the same network. Should an NT host attempt to use an existing hostname, the second server (with the new duplicate name) will fail to start its workstation and server services. (Once the name has been changed to a unique value and has been rebooted, the host will operate normally).
Should an NT host claim the hostname of a "victim" NT host while that host is turned off, the "victim" host will be subject to a Denial of Service-like attack because the workstation and server services will fail to start. NT hosts are usually prevented from taking duplicate names within one domain they must register their existence with an NT Domain Controller when initially joining the domain. (This registration process must be performed by someone with administrator privileges.)
A situation has been noted wherein a Win95 host may register the victim hostname (with a WINS server) by setting the Win95 workgroup name equal to the victim's hostname. The next time the victim host is rebooted, it will fail to start the workstation and server services as the WINS server will report that the hostname is claimed by the Win95 host.
Set the Win95 workgroup name equal to the hostname for the victim NT host. If the WINS server registers this hostname, and the victim NT host is rebooted, it will fail to start its workstation and server services.