Lucene search

[email protected]CVE-2000-0979

HistoryDec 19, 2000 - 5:00 a.m.

CVE-2000-0979

2000-12-1905:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0979

windows 95

windows 98

windows me

share level password

remote attack

7.7 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.039 Low

EPSS

Percentile

91.9%

JSON

File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the “Share Level Password” vulnerability.

CPENameOperatorVersion
microsoft:windows_98semicrosoft windows 98seeq*
microsoft:windows_95microsoft windows 95eq*
microsoft:windows_memicrosoft windows meeq*
microsoft:windows_98microsoft windows 98eq*

CPE	Name	Operator	Version
microsoft:windows_98se	microsoft windows 98se	eq	*
microsoft:windows_95	microsoft windows 95	eq	*
microsoft:windows_me	microsoft windows me	eq	*
microsoft:windows_98	microsoft windows 98	eq	*

References

marc.info/?l=bugtraq&m=97147777618139&w=2

www.securityfocus.com/bid/1780

docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072

exchange.xforce.ibmcloud.com/vulnerabilities/5395

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996

7.7 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.039 Low

EPSS

Percentile

91.9%

JSON