Lucene search

MitreCVE-2000-0087

HistoryJun 25, 2002 - 4:00 a.m.

CVE-2000-0087

2002-06-2504:00:00

mitre

web.nvd.nist.gov

netscape communicator

nsnotify

imap

ssl

cve-2000-0087

username exposure

password exposure

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.006

Percentile

77.8%

JSON

Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.

Affected configurations

Nvd

Node

netscapecommunicatorMatch4.7

netscapenavigator

VendorProductVersionCPE
netscapecommunicator4.7cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*
netscapenavigator*cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netscape	communicator	4.7	cpe:2.3:a:netscape:communicator:4.7:::::::*
netscape	navigator	*	cpe:2.3:a:netscape:navigator::::::::

References

marc.info/?l=bugtraq&m=94790377622943&w=2

www.iss.net/security_center/static/4385.php

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.006

Percentile

77.8%

JSON

Related for CVE-2000-0087