exploitDog

CVE-1999-1246

Опубликовано: 31 дек. 1999

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.

Ссылки

http://support.microsoft.com/support/kb/articles/Q229/9/72.asp
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/2068
http://support.microsoft.com/support/kb/articles/Q229/9/72.asp
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/2068

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:site_server:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00915

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-99cm-v3cq-wf9j

github

больше 3 лет назад

Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.

EPSS

Процентиль: 75%

0.00915

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other