Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0517

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0517
Last Modified 05 Sep 2008 04:21:12
Published 26 May 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0517

Summary

Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.

Vulnerable Systems

Application

  • Netscape Communicator 4.0

  • Netscape Communicator 4.5

  • Netscape Communicator 4.51

  • Netscape Communicator 4.6

  • Netscape Communicator 4.61

  • Netscape Communicator 4.7

  • Netscape Communicator 4.72

  • Netscape Communicator 4.73


References

CERT - CA-2000-08

XF - netscape-ssl-certificate

BID - 1260


Last Updated: 27 May 2016 10:35:44