Intelligence Center » Browse All Vulnerabilities » CVE-1999-1246
Overview |
|
Vulnerability Score | ![]() |
CVE Id | CVE-1999-1246 |
Last Modified | 05 Sep 2008 04:19:04 |
Published | 31 Dec 1999 12:00:00 |
Confidentiality Impact | ![]() |
Integrity Impact | ![]() |
Availability Impact | ![]() |
Access Vector | NETWORK |
Access Complexity | LOW |
Authentication | NONE |

CVE-1999-1246
Summary
Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.
Vulnerable Systems
Application
Microsoft Site Server 3.0
References
XF - siteserver-directmail-passwords(2068)
MSKB - Q229972
Last Updated: 27 May 2016 10:35:20