CVE-2000-0384

NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://216.188.41.136/
http://www.l0pht.com/advisories/ipivot7180.html	Patch Vendor Advisory
http://www.lopht.com/advisories/ipivot7110.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/1182	Patch Vendor Advisory
http://www.securityfocus.com/bid/1183	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:intel:netstructure_7110::::::::
	cpe:2.3:h:intel:netstructure_7180::::::::

History

No history.

Information

Published : 2000-05-08 04:00

Updated : 2008-09-05 20:20

NVD link : CVE-2000-0384

Mitre link : CVE-2000-0384

CVE.ORG link : CVE-2000-0384

JSON object : View

Products Affected

intel

netstructure_7110
netstructure_7180

CWE

NVD-CWE-Other

{"id": "CVE-2000-0384", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2000-05-08T04:00:00.000", "references": [{"url": "http://216.188.41.136/", "source": "cve@mitre.org"}, {"url": "http://www.l0pht.com/advisories/ipivot7180.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.lopht.com/advisories/ipivot7110.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/1182", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/1183", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access."}], "lastModified": "2008-09-05T20:20:52.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:netstructure_7110:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "141BF9B0-29DC-42DC-A53E-96818BE1450F"}, {"criteria": "cpe:2.3:h:intel:netstructure_7180:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FEE7633-BA33-4D8B-B6B4-B914707666AB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

10.0 /10