CVE-2000-0384

NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.lopht.com/advisories/ipivot7110.html	Patch Vendor Advisory
http://www.l0pht.com/advisories/ipivot7180.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/1182	Patch Vendor Advisory
http://www.securityfocus.com/bid/1183	Patch Vendor Advisory
http://216.188.41.136/

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:intel:netstructure_7110::::::::
	cpe:2.3:h:intel:netstructure_7180::::::::

Information

Published : 2000-05-07 21:00

Updated : 2008-09-05 13:20

NVD link : CVE-2000-0384

Mitre link : CVE-2000-0384

JSON object : View

CWE

NVD-CWE-Other

Products Affected

intel

netstructure_7180
netstructure_7110

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.lopht.com/advisories/ipivot7110.html", "name": "20000508 NetStructure 7180 remote backdoor vulnerability", "tags": ["Patch", "Vendor Advisory"], "refsource": "L0PHT"}, {"url": "http://www.l0pht.com/advisories/ipivot7180.html", "name": "20000508 NetStructure 7110 console backdoor", "tags": ["Patch", "Vendor Advisory"], "refsource": "L0PHT"}, {"url": "http://www.securityfocus.com/bid/1182", "name": "1182", "tags": ["Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.securityfocus.com/bid/1183", "name": "1183", "tags": ["Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://216.188.41.136/", "name": "http://216.188.41.136/", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2000-0384", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2000-05-08T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:intel:netstructure_7110:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:intel:netstructure_7180:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-05T20:20Z"}

10.0 /10