Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0087

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0087
Last Modified 10 Sep 2008 03:02:53
Published 12 Jan 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0087

Summary

Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.

Vulnerable Systems

Application

  • Netscape Communicator 4.7

  • Netscape Navigator


References

XF - netscape-mail-notify-plaintext(4385)

BUGTRAQ - 20000113 Misleading sense of security in Netscape


Last Updated: 27 May 2016 10:35:32