Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0087


Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0087
Last Modified 10 Sep 2008 03:02:53
Published 12 Jan 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.

Vulnerable Systems


  • Netscape Communicator 4.7

  • Netscape Navigator


XF - netscape-mail-notify-plaintext(4385)

BUGTRAQ - 20000113 Misleading sense of security in Netscape

Last Updated: 27 May 2016 10:35:32