Lucene search

[email protected]CVE-2000-1076

HistoryDec 11, 2000 - 5:00 a.m.

CVE-2000-1076

2000-12-1105:00:00

[email protected]

web.nvd.nist.gov

netscape

cms 4.2

directory server 4.12

plaintext

password

security breach

administrative privileges

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.0%

JSON

Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.

Affected configurations

NVD

Node

netscapedirectory_serverMatch4.12

suniplanet_certificate_management_systemMatch4.2

CPENameOperatorVersion
netscape:directory_servernetscape directory servereq4.12
sun:iplanet_certificate_management_systemsun iplanet certificate management systemeq4.2

CPE	Name	Operator	Version
netscape:directory_server	netscape directory server	eq	4.12
sun:iplanet_certificate_management_system	sun iplanet certificate management system	eq	4.2

References

archives.neohapsis.com/archives/bugtraq/2000-10/0383.html

exchange.xforce.ibmcloud.com/vulnerabilities/5422

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.0%

JSON

Related for CVE-2000-1076

nvd1 cvelist1