Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0979

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2000-0979
Last Modified 05 Sep 2008 04:22:20
Published 19 Dec 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0979

Summary

File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.

Vulnerable Systems

Operating System

  • Microsoft Windows 95

  • Microsoft Windows 98

  • Microsoft Windows 98se

  • Microsoft Windows Me


References

XF - win9x-share-level-password

BID - 1780

MS - MS00-072

BUGTRAQ - 20001012 NSFOCUS SA2000-05: Microsoft Windows 9x NETBIOS password


Last Updated: 27 May 2016 10:35:58