CVE-2000-0328

CVSS 2.0 Score 5 of 10 (medium)

Confidentiality partial
Integrity none
Availability none

Details

Published Aug 24, 1999
Updated: Nov 20, 2024

Summary

CVE-2000-0328 is a vulnerability affecting Windows NT 4.0 operating system. This issue arises due to the predictable generation of random TCP initial sequence numbers (ISN) by the system. An attacker can exploit this weakness to carry out TCP spoofing and session hijacking attacks, potentially gaining unauthorized access to user sessions or intercepting sensitive data. The vulnerability poses a significant risk to network security and necessitates appropriate mitigations, such as updating to a secure version of the operating system or implementing strong encryption for sensitive data transmission.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows NT

Affected Vendors

  • Microsoft