CVE-2000-0308

Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
ftp://ftp.sco.com/SSE/security_bulletins/SB-99.08a	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:netscape:proxy_server:2.5:::::::*
	cpe:2.3:a:netscape:fasttrack_server:2.0:::::::*
	cpe:2.3:a:netscape:enterprise_server:2.0:::::::*
	cpe:2.3:a:netscape:fasttrack_server:2.01:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:sco:unixware:7.0:::::::*
	cpe:2.3:o:sco:unixware::::::::

Information

Published : 2001-03-11 21:00

Updated : 2008-09-05 13:20

NVD link : CVE-2000-0308

Mitre link : CVE-2000-0308

JSON object : View

CWE

NVD-CWE-Other

Products Affected

sco

unixware

netscape

enterprise_server
proxy_server
fasttrack_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "ftp://ftp.sco.com/SSE/security_bulletins/SB-99.08a", "name": "SB-99.08", "tags": ["Patch", "Vendor Advisory"], "refsource": "SCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2000-0308", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2001-03-12T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:netscape:proxy_server:2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:netscape:fasttrack_server:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:netscape:enterprise_server:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:netscape:fasttrack_server:2.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sco:unixware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.1.3"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-05T20:20Z"}

10.0 /10