PT-2000-1984 · Netscape · Netscape Certificate Management System+1

Published

2000-12-11

Updated

2017-12-19

CVE-2000-1076

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Netscape (iPlanet) Certificate Management System version 4.2 Netscape (iPlanet) Directory Server version 4.12

Description The issue allows local and possibly remote attackers to gain administrative privileges on the server due to the storage of the administrative password in plaintext.

Recommendations For Netscape (iPlanet) Certificate Management System version 4.2, consider changing the storage mechanism of the administrative password to a more secure method. For Netscape (iPlanet) Directory Server version 4.12, consider changing the storage mechanism of the administrative password to a more secure method. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-1076

Affected Products

Netscape Certificate Management System

Netscape Directory Server

PT-2000-1984 · Netscape · Netscape Certificate Management System+1

CVE-2000-1076

Related Identifiers

Affected Products

References · 3