CVE-2000-0308

Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
ftp://ftp.sco.com/SSE/security_bulletins/SB-99.08a	Patch Vendor Advisory
ftp://ftp.sco.com/SSE/security_bulletins/SB-99.08a	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:netscape:enterprise_server:2.0:::::::*
	cpe:2.3:a:netscape:fasttrack_server:2.0:::::::*
	cpe:2.3:a:netscape:fasttrack_server:2.01:::::::*
	cpe:2.3:a:netscape:proxy_server:2.5:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:sco:unixware::::::::
	cpe:2.3:o:sco:unixware:7.0:::::::*

History

20 Nov 2024, 23:32

Type	Values Removed	Values Added
References	~~() ftp://ftp.sco.com/SSE/security_bulletins/SB-99.08a - Patch, Vendor Advisory~~	() ftp://ftp.sco.com/SSE/security_bulletins/SB-99.08a - Patch, Vendor Advisory

Information

Published : 2001-03-12 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2000-0308

Mitre link : CVE-2000-0308

CVE.ORG link : CVE-2000-0308

JSON object : View

Products Affected

netscape

proxy_server
enterprise_server
fasttrack_server

sco

unixware

CWE

NVD-CWE-Other

{"id": "CVE-2000-0308", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2001-03-12T05:00:00.000", "references": [{"url": "ftp://ftp.sco.com/SSE/security_bulletins/SB-99.08a", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "ftp://ftp.sco.com/SSE/security_bulletins/SB-99.08a", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netscape:enterprise_server:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E5E0298-99D9-476D-A7DF-36C6207482DB"}, {"criteria": "cpe:2.3:a:netscape:fasttrack_server:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3480EB1B-425F-403E-A6CD-ADB32DCC00CB"}, {"criteria": "cpe:2.3:a:netscape:fasttrack_server:2.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F156CEA-E3F2-4F2E-8065-FC606DD58F87"}, {"criteria": "cpe:2.3:a:netscape:proxy_server:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DC46D54-22AD-4AF4-B0C4-27CAAC3674D0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sco:unixware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B64BFE2D-88F0-4046-9D0C-96D215AD935E", "versionEndIncluding": "2.1.3"}, {"criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}