This vulnerability could only be exploited if TCP port 139 was open on the target machine. In a less likely case, the system could hang, and remain unresponsive until it was rebooted. In the most likely case, the flood would temporarily prevent any networking resources on an affected computer from responding to client requests as soon as the packets stopped arriving, the machine would resume normal operation. By sending a flood of specially malformed TCP/IP packets to a victim's machine a malicious user could cause either of two effects. There is a denial of service vulnerability that affects Windows NT 4.0 Windows 95, 98, 98 Second Edition and Windows Me.
Vulnerability Identifier: CAN-2000-1039 General Information Technical details Note: Windows 2000 is not affected by this vulnerability. Windows 95, 98, 98 Second Edition, and Windows Me The vulnerability could allow a malicious user to temporarily prevent an affected machine from providing any networking services or cause it to stop responding entirely.
Microsoft has released a patch that eliminates a security vulnerability in Microsoft® Windows NT 4.0 and a recommended workaround for Windows 95, 98, 98 Second Edition, and Windows Me. Security Bulletin Microsoft Security Bulletin MS00-091 - Important Patch Available for 'Incomplete TCP/IP Packet' Vulnerability