The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote malicious users to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows xp - |
||
microsoft windows 2000 - |
||
microsoft windows server 2003 - |