Lucene search

[email protected]CVE-2002-1769

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1769

2002-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-1769

microsoft site server 3.0

ldap_anonymous

default password

remote attackers

security vulnerability

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.081 Low

EPSS

Percentile

94.2%

JSON

Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the “Log on locally” privilege.

CPENameOperatorVersion
microsoft:site_servermicrosoft site servereq3.0
microsoft:site_server_commercemicrosoft site server commerceeq3.0

CPE	Name	Operator	Version
microsoft:site_server	microsoft site server	eq	3.0
microsoft:site_server_commerce	microsoft site server commerce	eq	3.0

References

archives.neohapsis.com/archives/vulnwatch/2002-q1/0033.html

online.securityfocus.com/advisories/3843

support.microsoft.com/default.aspx?scid=kb%3Ben-us%3BQ248840

www.securityfocus.com/bid/3998

exchange.xforce.ibmcloud.com/vulnerabilities/8048

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.081 Low

EPSS

Percentile

94.2%

JSON

Related for CVE-2002-1769

nessus1