Lucene search

[email protected]CVE-2000-1164

HistoryJan 09, 2001 - 5:00 a.m.

CVE-2000-1164

2001-01-0905:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

winvnc

registry key

special access

information security

cve-2000-1164

6.4 Medium

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

56.7%

JSON

WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.

CPENameOperatorVersion
att:winvncatt winvnceq3.3.3r7
att:winvncatt winvnceq3.3.3

CPE	Name	Operator	Version
att:winvnc	att winvnc	eq	3.3.3r7
att:winvnc	att winvnc	eq	3.3.3

References

archives.neohapsis.com/archives/bugtraq/2000-11/0253.html

www.securityfocus.com/bid/1961

exchange.xforce.ibmcloud.com/vulnerabilities/5545

6.4 Medium

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

56.7%

JSON

Related for CVE-2000-1164

nessus1 cert1