Intelligence Center » Browse All Vulnerabilities » CVE-1999-1246
Overview |
|
| Vulnerability Score |  7.5 |
| CVE Id | CVE-1999-1246 |
| Last Modified | 05 Sep 2008 04:19:04 |
| Published | 31 Dec 1999 12:00:00 |
| Confidentiality Impact |  PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact | PARTIAL |
| Access Vector | NETWORK |
| Access Complexity | LOW |
| Authentication | NONE |
CVE-1999-1246
Summary
Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.
Vulnerable Systems
Application
Microsoft Site Server 3.0
References
XF - siteserver-directmail-passwords(2068)
MSKB - Q229972
IT Risk Posture:
Free Risk Assessment Tools
Application Scanner
Find vulnerabilities on your network.
Device Scanner
Find vulnerabilities on your network.
Patch Scanner
Find vulnerabilities on your network.
Last Updated: 27 May 2016 10:35:20
