Lucene search

[email protected]CVE-2003-1475

HistoryOct 24, 2007 - 11:00 p.m.

CVE-2003-1475

2007-10-2423:00:00

CWE-287

[email protected]

web.nvd.nist.gov

netbus

remote access

cve-2003-1475

security vulnerability

authentication bypass

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.5%

JSON

Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only prompts the first connection for authentication, which allows remote attackers to gain access.

Affected configurations

NVD

Node

netbusnetbusMatch1.5

netbusnetbusMatch1.6

netbusnetbusMatch1.7

CPENameOperatorVersion
netbus:netbusnetbuseq1.5
netbus:netbusnetbuseq1.6
netbus:netbusnetbuseq1.7

CPE	Name	Operator	Version
netbus:netbus	netbus	eq	1.5
netbus:netbus	netbus	eq	1.6
netbus:netbus	netbus	eq	1.7

References

securityreason.com/securityalert/3289

www.securityfocus.com/archive/1/320980

www.securityfocus.com/bid/7538

exchange.xforce.ibmcloud.com/vulnerabilities/11982

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.5%

JSON

Related for CVE-2003-1475

cvelist1 nessus1 nvd1