Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1164

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2000-1164
Last Modified 05 Sep 2008 04:22:48
Published 09 Jan 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2000-1164

Summary

WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.

Vulnerable Systems

Application

  • Att Winvnc 3.3.3

  • Att Winvnc 3.3.3r7


References

BID - 1961

BUGTRAQ - 20001118 WinVNC 3.3.x

XF - winvnc-modify-registry(5545)


Last Updated: 27 May 2016 10:36:03