Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0412


Vulnerability Score 7.5 7.5
CVE Id CVE-2000-0412
Last Modified 10 Sep 2008 03:04:36
Published 01 May 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file.

Vulnerable Systems


  • Knapster Napster


BID - 1186

BUGTRAQ - 20000510 Gnapster Vulnerability Compromises User-readable Files

BUGTRAQ - 20000510 KNapster Vulnerability Compromises User-readable Files

FREEBSD - FreeBSD-SA-00:18

Last Updated: 27 May 2016 10:35:42