Lucene search

[email protected]CVE-2002-0994

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0994

2002-10-0404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sunpci ii

vnc

weak authentication

remote attack

password theft

information security

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.3%

JSON

SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.

CPENameOperatorVersion
sun:sun_pci_ii_driversun sun pci ii drivereq2.3

CPE	Name	Operator	Version
sun:sun_pci_ii_driver	sun sun pci ii driver	eq	2.3

References

archives.neohapsis.com/archives/vulnwatch/2002-q3/0003.html

www.iss.net/security_center/static/9476.php

www.securityfocus.com/bid/5146

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.3%

JSON