Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-1999-1322 | First vendor Publication | 1998-11-12 |
Vendor | Cve | Last vendor Modification | 2021-04-09 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 4.6 | Attack Range | Local |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1322 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10084 | Multiple Exchange Modules exchverify.log Login Credential Disclosure Innoculan AV for Exchange and ArcServe Backup for Exchange contain a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords or the number of characters in the password by accessing the exchverify.log file which is created by the installation of these modules, which may lead to a loss of integrity. |
Sources (Detail)
Source | Url |
---|---|
NTBUGTRAQ | http://marc.info/?l=ntbugtraq&m=91096758513985&w=2 http://marc.info/?l=ntbugtraq&m=91133714919229&w=2 |
Alert History
Date | Informations |
---|---|
2021-05-04 12:01:02 |
|
2021-04-22 01:01:15 |
|
2021-04-09 21:23:14 |
|
2021-04-08 00:22:46 |
|
2020-05-23 00:14:16 |
|
2016-10-18 12:00:48 |
|
2013-05-11 11:58:16 |
|