Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0412

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2000-0412
Last Modified 10 Sep 2008 03:04:36
Published 01 May 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0412

Summary

The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file.

Vulnerable Systems

Application

  • Knapster Napster


References

BID - 1186

BUGTRAQ - 20000510 Gnapster Vulnerability Compromises User-readable Files

BUGTRAQ - 20000510 KNapster Vulnerability Compromises User-readable Files

FREEBSD - FreeBSD-SA-00:18


Last Updated: 27 May 2016 10:35:42