Lucene search

[email protected]CVE-1999-1369

HistoryApr 14, 1999 - 4:00 a.m.

CVE-1999-1369

1999-04-1404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

information security

cve-1999-1369

realserver

password storage

privilege escalation

7.5 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

34.6%

JSON

Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges.

CPENameOperatorVersion
realnetworks:realserverrealnetworks realservereq6.0.3.353

CPE	Name	Operator	Version
realnetworks:realserver	realnetworks realserver	eq	6.0.3.353

References

marc.info/?l=bugtraq&m=92411181619110&w=2

7.5 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

34.6%

JSON