The 2010 Pwnie Nominee For Best Server-Side Bug

Windows SMB NTLM Authentication Weak Nonce (CVE-2010-0231)

Credit: Hernan Ochoa

Hernan Ochoa uncovered an ancient vulnerability that affected all versions of Windows from NT4 all the way up to Windows Server 2008. The vulnerability was caused by insuffucient randomness in the challenges generated by the SMB server and could be used to access the server without the need for any credentials.