Lucene search

[email protected]CVE-2000-0979

HistoryJan 22, 2001 - 5:00 a.m.

CVE-2000-0979

2001-01-2205:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0979

windows 95

windows 98

windows me

share level password

remote attack

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.3 High

AI Score

Confidence

Low

0.039 Low

EPSS

Percentile

92.0%

JSON

File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the “Share Level Password” vulnerability.

Affected configurations

NVD

Node

microsoftwindows_95

microsoftwindows_98gold

microsoftwindows_98se

microsoftwindows_me

CPENameOperatorVersion
microsoft:windows_95microsoft windows 95eq*
microsoft:windows_98microsoft windows 98eq*
microsoft:windows_98semicrosoft windows 98seeq*
microsoft:windows_memicrosoft windows meeq*

CPE	Name	Operator	Version
microsoft:windows_95	microsoft windows 95	eq	*
microsoft:windows_98	microsoft windows 98	eq	*
microsoft:windows_98se	microsoft windows 98se	eq	*
microsoft:windows_me	microsoft windows me	eq	*

References

marc.info/?l=bugtraq&m=97147777618139&w=2

www.securityfocus.com/bid/1780

docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072

exchange.xforce.ibmcloud.com/vulnerabilities/5395

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.3 High

AI Score

Confidence

Low

0.039 Low

EPSS

Percentile

92.0%

JSON

Related for CVE-2000-0979

cvelist1 nvd1