Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2000-0412

Published: 01/05/1999 Updated: 10/09/2008
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote malicious users to read arbitrary files from the client by specifying the full pathname for the file.

Vulnerable Product Search on Vulmon Subscribe to Product

napster knapster napster

Exploits

Exploit DB: John Donoghue Knapster 0.9/1.3.8 - File Access
source: wwwsecurityfocuscom/bid/1186/info Various open source clones of the Napster software package have a vulnerability by which users may view files on a machine running a vulnerable Napster clone client The file access is limited to files accessible by the user running the client The official commercial version of Napster does not c ...

References

NVD-CWE-Otherhttp://archives.neohapsis.com/archives/bugtraq/2000-05/0124.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-05/0127.htmlftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:18-gnapster.advhttp://www.securityfocus.com/bid/1186https://nvd.nist.govhttps://www.exploit-db.com/exploits/19905/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380CVE-2024-1694local file inclusionCVE-2024-5645CVE-2024-24919XSSCVE-2024-36774CVE-2024-21306SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook