CVE-2000-0347

Windows 95 and Windows 98 - Denial of Service via NetBIOS Session Request Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0347. PoCs published by rain forest puppy.

AI-analyzed exploit summary This exploit targets a vulnerability in Windows 95/98 by sending a malformed NetBIOS session packet with a NULL source host name, causing system instability or crashes. It crafts a session request and follows up with a malicious payload to trigger the issue.

Description

Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rain forest puppy · cremotewindows

https://www.exploit-db.com/exploits/19889

View Code ZIP pw:eip

This exploit targets a vulnerability in Windows 95/98 by sending a malformed NetBIOS session packet with a NULL source host name, causing system instability or crashes. It crafts a session request and follows up with a malicious payload to trigger the issue.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Windows 95/98

No auth needed

Prerequisites: Target IP address · Target NetBIOS name

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List mailing-list x_refsource_ntbugtraq

http://marc.info/?l=ntbugtraq&m=95737580922397&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1163

Scores

EPSS 0.1760

EPSS Percentile 96.8%

Details

Status published

Products (2)

microsoft/windows_95

microsoft/windows_98

Published May 02, 2000

Tracked Since Feb 18, 2026