Lucene search

MitreCVE-2000-0651

HistoryOct 13, 2000 - 4:00 a.m.

CVE-2000-0651

2000-10-1304:00:00

mitre

web.nvd.nist.gov

novell

bordermanager

clienttrust

authentication

impersonation

user

security

cve-2000-0651

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.005

Percentile

75.6%

JSON

The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024 of the victim’s machine.

Affected configurations

Nvd

Node

novellbordermanagerMatch3.0

novellbordermanagerMatch3.5

VendorProductVersionCPE
novellbordermanager3.0cpe:2.3:a:novell:bordermanager:3.0:*:*:*:*:*:*:*
novellbordermanager3.5cpe:2.3:a:novell:bordermanager:3.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
novell	bordermanager	3.0	cpe:2.3:a:novell:bordermanager:3.0:::::::*
novell	bordermanager	3.5	cpe:2.3:a:novell:bordermanager:3.5:::::::*

References

www.securityfocus.com/bid/1440

www.securityfocus.com/templates/archive.pike?list=1&msg=06256915.00591E18.00%40uprrsmtp2.notes.up.com

exchange.xforce.ibmcloud.com/vulnerabilities/5186

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.005

Percentile

75.6%

JSON

Related for CVE-2000-0651