ID |
CVE-2000-1076
|
Summary |
Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 10.0 (as of 19-12-2017 - 02:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
bugtraq | 20001026 [CORE SDI ADVISORY] iPlanet Certificate Management System 4.2 path traversal bug | xf | iplanet-netscape-plaintext-password(5422) |
|
Last major update |
19-12-2017 - 02:29 |
Published |
11-12-2000 - 05:00 |
Last modified |
19-12-2017 - 02:29 |