Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0939


Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0939
Last Modified 10 Sep 2008 03:28:18
Published 09 Feb 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limit the number of times a bad password can be entered, which allows remote attackers to guess passwords via a brute force attack.

Vulnerable Systems


  • Neoteris Instant Virtual Extranet


BUGTRAQ - 20041006 [GoSecure Advisory] Neoteris IVE Vulnerability

XF - juniper-netscreen-password-bruteforce(17629)


SECTRACK - 1011552

OSVDB - 8365

SECUNIA - 12752

Last Updated: 27 May 2016 10:38:49