CVE-1999-1020
Novell Netware 4.1/4.11 - SP5B NDS Default Rights
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 1998-09-18 CVE Published
- 1999-04-09 First Exploit
- 2001-08-31 CVE Reserved
- 2023-03-07 EPSS Updated
- 2024-08-01 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=90613355902262&w=2 | Mailing List | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/1364 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/19365 | 1999-04-09 | |
| http://www.securityfocus.com/bid/484 | 2024-08-01 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Novell Search vendor "Novell" | Netware Search vendor "Novell" for product "Netware" | 4.1 Search vendor "Novell" for product "Netware" and version "4.1" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Netware Search vendor "Novell" for product "Netware" | 4.11 Search vendor "Novell" for product "Netware" and version "4.11" | sp5b |
Affected
| ||||||