CVE-2000-0384

NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://216.188.41.136/
http://www.l0pht.com/advisories/ipivot7180.html	Patch Vendor Advisory
http://www.lopht.com/advisories/ipivot7110.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/1182	Patch Vendor Advisory
http://www.securityfocus.com/bid/1183	Patch Vendor Advisory
http://216.188.41.136/
http://www.l0pht.com/advisories/ipivot7180.html	Patch Vendor Advisory
http://www.lopht.com/advisories/ipivot7110.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/1182	Patch Vendor Advisory
http://www.securityfocus.com/bid/1183	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:intel:netstructure_7110::::::::
	cpe:2.3:h:intel:netstructure_7180::::::::

History

20 Nov 2024, 23:32

Type	Values Removed	Values Added
References	~~() http://216.188.41.136/ -~~	() http://216.188.41.136/ -
References	~~() http://www.l0pht.com/advisories/ipivot7180.html - Patch, Vendor Advisory~~	() http://www.l0pht.com/advisories/ipivot7180.html - Patch, Vendor Advisory
References	~~() http://www.lopht.com/advisories/ipivot7110.html - Patch, Vendor Advisory~~	() http://www.lopht.com/advisories/ipivot7110.html - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/1182 - Patch, Vendor Advisory~~	() http://www.securityfocus.com/bid/1182 - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/1183 - Patch, Vendor Advisory~~	() http://www.securityfocus.com/bid/1183 - Patch, Vendor Advisory

Information

Published : 2000-05-08 04:00

Updated : 2024-11-20 23:32

NVD link : CVE-2000-0384

Mitre link : CVE-2000-0384

CVE.ORG link : CVE-2000-0384

JSON object : View

Products Affected

intel

netstructure_7180
netstructure_7110

CWE

NVD-CWE-Other

{"id": "CVE-2000-0384", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2000-05-08T04:00:00.000", "references": [{"url": "http://216.188.41.136/", "source": "cve@mitre.org"}, {"url": "http://www.l0pht.com/advisories/ipivot7180.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.lopht.com/advisories/ipivot7110.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/1182", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/1183", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://216.188.41.136/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.l0pht.com/advisories/ipivot7180.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.lopht.com/advisories/ipivot7110.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/1182", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/1183", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access."}], "lastModified": "2024-11-20T23:32:22.897", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:netstructure_7110:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "141BF9B0-29DC-42DC-A53E-96818BE1450F"}, {"criteria": "cpe:2.3:h:intel:netstructure_7180:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FEE7633-BA33-4D8B-B6B4-B914707666AB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}