Lucene search

[email protected]CVE-1999-1049

HistoryFeb 21, 1999 - 5:00 a.m.

CVE-1999-1049

1999-02-2105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

arcserve nt

weak encryption

xor

remote attackers

port 6050

sniff

decrypt

password

cve-1999-1049

nvd.

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.3%

JSON

ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password.

CPENameOperatorVersion
broadcom:arcserve_backupbroadcom arcserve backuple6.5

CPE	Name	Operator	Version
broadcom:arcserve_backup	broadcom arcserve backup	le	6.5

References

marc.info/?l=bugtraq&m=91972006211238&w=2

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.3%

JSON

Related for CVE-1999-1049

cvelist1