CVE-1999-0980

Windows NT - Denial of Service via Malformed Resource Enumeration Request

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-1999-0980. PoCs published by .rain.forest.puppy, nas.

AI-analyzed exploit summary The exploit describes a denial-of-service vulnerability in Windows NT 4.0 caused by malformed MSRPC calls to srvsvc.dll, leading to a crash in services.exe. This disrupts named pipe operations and remote administration capabilities.

Description

Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.

Exploits (2)

exploitdb WRITEUP VERIFIED

by .rain.forest.puppy · textdoswindows

https://www.exploit-db.com/exploits/19578

View Code ZIP pw:eip

The exploit describes a denial-of-service vulnerability in Windows NT 4.0 caused by malformed MSRPC calls to srvsvc.dll, leading to a crash in services.exe. This disrupts named pipe operations and remote administration capabilities.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Windows NT 4.0

No auth needed

Prerequisites: Network access to target · Ability to send crafted MSRPC packets

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by nas · pythondoswindows

https://www.exploit-db.com/exploits/19577

View Code ZIP pw:eip

This exploit targets a denial-of-service vulnerability in Windows NT 4.0 by sending malformed MSRPC packets to crash the services.exe process. It leverages a flaw in srvsvc.dll's handling of NULL values in MSRPC calls.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Windows NT 4.0

No auth needed

Prerequisites: Network access to target's SMB port (139)

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory x_refsource_mskb

http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ246045

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-055

Scores

EPSS 0.2321

EPSS Percentile 97.5%

Details

Status published

Products (1)

microsoft/windows_nt 4.0 (4 CPE variants)

Published May 16, 2000

Tracked Since Feb 18, 2026