Lucene search

Ubuntu.comUB:CVE-2005-2395

HistoryJul 27, 2005 - 12:00 a.m.

CVE-2005-2395

2005-07-2700:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

80.8%

JSON

Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the
strongest authentication scheme available as required by RFC2617, which
might cause credentials to be sent in plaintext even if an encrypted
channel is available.

References

launchpad.net/bugs/cve/CVE-2005-2395

nvd.nist.gov/vuln/detail/CVE-2005-2395

security-tracker.debian.org/tracker/CVE-2005-2395

www.cve.org/CVERecord?id=CVE-2005-2395

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

80.8%

JSON

Related for UB:CVE-2005-2395