Lucene search

[email protected]CVE-1999-0856

HistoryDec 01, 1999 - 5:00 a.m.

CVE-1999-0856

1999-12-0105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

slackware 7.0

remote attackers

user identification

encryption error

cve-1999-0856

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

59.9%

JSON

login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.

CPENameOperatorVersion
slackware:slackware_linuxslackware slackware linuxeq7.0

CPE	Name	Operator	Version
slackware:slackware_linux	slackware slackware linux	eq	7.0

References

marc.info/?l=bugtraq&m=94416739411280&w=2

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

59.9%

JSON