| Vulnerability Name: | CVE-2000-0651 (CCN-5186) | ||||||||
| Assigned: | 2000-07-07 | ||||||||
| Published: | 2000-07-07 | ||||||||
| Updated: | 2017-10-10 | ||||||||
| Summary: | The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024 of the victim's machine. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Fri Jul 07 2000 - 11:12:09 CDT Novell Border Manger - Anyone can pose as an authenticated user Source: MITRE Type: CNA CVE-2000-0651 Source: CCN Type: OSVDB ID: 1448 Novell BorderManager User Impersonation Source: BID Type: Exploit, Patch, Vendor Advisory 1440 Source: CCN Type: BID-1440 Novell BorderManager User Impersonation Vulnerability Source: BUGTRAQ Type: UNKNOWN 20000707 Novell Border Manger - Anyone can pose as an authenticated user Source: XF Type: UNKNOWN novell-bordermanager-verification(5186) Source: XF Type: UNKNOWN novell-bordermanager-verification(5186) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||