Lucene search

MitreCVE-2000-0492

HistoryJul 12, 2000 - 4:00 a.m.

CVE-2000-0492

2000-07-1204:00:00

mitre

web.nvd.nist.gov

cve-2000-0492

passwd 1.2

weak encryption

password decryption

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.003

Percentile

69.4%

JSON

PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords.

Affected configurations

Nvd

Node

passwdpasswdMatch1.2

VendorProductVersionCPE
passwdpasswd1.2cpe:2.3:a:passwd:passwd:1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
passwd	passwd	1.2	cpe:2.3:a:passwd:passwd:1.2:::::::*

References

archives.neohapsis.com/archives/bugtraq/2000-05/0450.html

www.securityfocus.com/bid/1300

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.003

Percentile

69.4%

JSON

Related for CVE-2000-0492