Vulnerability Name:
CVE-1999-0269 (CCN-1810)
Assigned:
1998-08-01
Published:
1998-08-01
Updated:
2022-08-17
Summary:
Netscape Enterprise servers may list files through the PageServices query.
CVSS v3 Severity:
5.3 Medium
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
Low
Integrity (I):
None
Availibility (A):
None
CVSS v2 Severity:
5.0 Medium
(CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
)
4.3 Medium
(Temporal CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
None
Availibility (A):
None
5.0 Medium
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
)
4.3 Medium
(CCN Temporal CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
None
Availibility (A):
None
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Obtain Information
References:
Source: CCN
Type: BugTraq Mailing List, Sun, 16 Aug 1998 18:38:41 -0700
Fw: [NTSEC] Netscape Server Security Hole
Source: MITRE
Type: CNA
CVE-1999-0269
Source: CCN
Type: OSVDB ID: 119
Netscape Server ?PageServices Request Forced Directory Listing
Source: CCN
Type: BID-7621
Netscape Enterprise Server PageServices Information Disclosure Vulnerability
Source: CCN
Type: Sun Microsystems Web site
Internet & E-Commerce Downloads
Source: XF
Type: UNKNOWN
netscape-server-pageservices(1810)
Source: MISC
Type: UNKNOWN
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0269
Vulnerable Configuration:
Configuration 1
:
cpe:/a:netscape:enterprise_server:*:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:netscape:enterprise_server:*:*:*:*:*:*:*:*
AND
cpe:/o:ibm:aix:*:*:*:*:*:*:*:*
OR
cpe:/o:windriver:bsdos:*:*:*:*:*:*:*:*
OR
cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:*:*:*:*:*:*:*:*
OR
cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*
OR
cpe:/o:sun:solaris:*:*:*:*:*:*:*:*
OR
cpe:/o:ibm:os2:*:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows_95:*:*:*:*:*:*:*:*
OR
cpe:/a:data_general:dg_ux:*:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows_98:*:*:*:*:*:*:*:*
OR
cpe:/a:novell:netware:*:*:*:*:*:*:*:*
OR
cpe:/o:sco:unix:*:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:*
OR
cpe:/o:cisco:ios:*:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:*:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows:xp:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os:*:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows:2003_server:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
netscape
enterprise server *
netscape
enterprise server *
ibm
aix *
windriver
bsdos *
hp
hp-ux *
sgi
irix *
linux
linux kernel *
sun
solaris *
ibm
os2 *
microsoft
windows 95 *
data_general
dg ux *
microsoft
windows nt 4.0
microsoft
windows 98 *
novell
netware *
sco
unix *
microsoft
windows 98se *
microsoft
windows 2000 *
cisco
ios *
microsoft
windows me *
compaq
tru64 *
microsoft
windows xp
apple
mac os *
microsoft
windows 2003_server