Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.Referenceshttp://www.securityfocus.com/bid/3144https://exchange.xforce.ibmcloud.com/vulnerabilities/6943http://www.securityfocus.com/archive/1/201722
