| Vulnerability Name: | CVE-1999-1020 (CCN-1364) | ||||||||
| Assigned: | 1998-09-16 | ||||||||
| Published: | 1998-09-16 | ||||||||
| Updated: | 2017-12-19 | ||||||||
| Summary: | The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, 18 Sep 1998 04:18:39 NMRC Advisory - Default NDS Rights Source: MITRE Type: CNA CVE-1999-1020 Source: BUGTRAQ Type: UNKNOWN 19980918 NMRC Advisory - Default NDS Rights Source: CCN Type: Nomad Mobile Research Centre Advisory Default NDS Rights Source: CCN Type: OSVDB ID: 612 Novell NetWare NDS Tree Remote Information Disclosure Source: BID Type: Exploit, Patch, Vendor Advisory 484 Source: CCN Type: BID-484 Netware NDS Default Rights Vulnerability Source: XF Type: UNKNOWN novell-nds(1364) Source: XF Type: UNKNOWN novell-nds(1364) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||