Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2000-0979

Published: 19/12/2000 Updated: 12/10/2018
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 650
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Subscribe to Microsoft

Vulnerability Summary

File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote malicious users to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 98se

microsoft windows me

microsoft windows 95

microsoft windows 98

Exploits

Exploit DB: Microsoft Windows 9x/ME - Share Level Password Bypass (2)
source: wwwsecurityfocuscom/bid/1780/info Share level password protection for the File and Print Sharing service in Windows 95/98/ME can be bypassed Share level access provides peer to peer networking capabilities in the Windows 9x/ME environment It depends on password protection in order to grant or deny access to resources Due to ...
Exploit DB: Microsoft Windows 9x/ME - Share Level Password Bypass (1)
source: wwwsecurityfocuscom/bid/1780/info Share level password protection for the File and Print Sharing service in Windows 95/98/ME can be bypassed Share level access provides peer to peer networking capabilities in the Windows 9x/ME environment It depends on password protection in order to grant or deny access to resources Due to a ...

Github Repositories

https://github.com/Z6543/CVE-2000-0979

CVE-2000-0979

CVE-2000-0979 CVE-2000-0979rb is the standalone tool to exploit CVE-2000-0979 against Windows 95 SMB service msf_2000_0979rb is the Metasploit module You can copy this to ⁨metasploit-framework⁩ ▸ ⁨modules⁩ ▸ ⁨auxiliary⁩ ▸ scanner⁩ ▸ ⁨smb⁩ More documentation coming soon! Original advisory NSFOCUS Security Advisory(SA2000-05) Topic: Microsoft Wind

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/1780http://marc.info/?l=bugtraq&m=97147777618139&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996https://exchange.xforce.ibmcloud.com/vulnerabilities/5395https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072https://nvd.nist.govhttps://github.com/Z6543/CVE-2000-0979https://www.exploit-db.com/exploits/20284/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook