CVE-1999-0288

Microsoft Windows NT 4.0 - Denial of Service via Invalid UDP Frames to Port 137

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0288. PoCs published by Carl Byington.

AI-analyzed exploit summary This is a writeup describing a Denial of Service (DoS) vulnerability in Windows NT systems where a Win95 host can register a duplicate hostname with a WINS server, causing the victim NT host to fail to start its workstation and server services upon reboot.

Description

The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Carl Byington · textdoswindows
https://www.exploit-db.com/exploits/19238

This is a writeup describing a Denial of Service (DoS) vulnerability in Windows NT systems where a Win95 host can register a duplicate hostname with a WINS server, causing the victim NT host to fail to start its workstation and server services upon reboot.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Windows NT (all versions)
No auth needed
Prerequisites: Access to a Win95 host · Knowledge of the victim NT hostname · WINS server presence
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Various Sources x_refsource_misc
http://safenetworks.com/Windows/wins.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/1233

Scores

EPSS 0.2133
EPSS Percentile 97.3%

Details

Status published
Products (1)
microsoft/windows_nt 4.0 (4 CPE variants)
Published Aug 01, 1998
Tracked Since Feb 18, 2026