PT-2000-1076 · Netscape · Netscape Communicator

Published

2000-01-12

Updated

2016-10-18

CVE-2000-0087

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Netscape Communicator (affected versions not specified)

Description The issue concerns the Netscape Mail Notification (nsnotify) utility in Netscape Communicator, which uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection. This allows a remote attacker to sniff usernames and passwords in plaintext.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0087

Affected Products

Netscape Communicator

PT-2000-1076 · Netscape · Netscape Communicator

CVE-2000-0087

Related Identifiers

Affected Products

References · 3