Microsoft Windows NT version 4.0 contains an issue that could allow an unauthenticated, remote attacker to crash the Server service, resulting in a denial of service (DoS) condition.
The issue is due to insufficient handling of malformed NetShareEnum requests. An unauthenticated, remote attacker can exploit this issue by sending a specifically crafted NetShareEnum request packet to the affected system, crashing the Windows NT Server service. As a result of exploitation, logons, logouts, remote system access (including function/procedure calls), and resource sharing services will no longer be available.
Exploit code is available.
Microsoft confirmed this vulnerability in MS99-055.