Vulnerabilities > CVE-2000-0087 - Unspecified vulnerability in Netscape Communicator and Navigator

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

netscape

NVD

Published: 2000-01-12

Updated: 2016-10-18

Summary

Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.

Vulnerable Configurations

Part	Description	Count
Application	Netscape Netscape Communicator 4.7 Netscape Navigator *	2

References

http://marc.info/?l=bugtraq&m=94790377622943&w=2
http://www.iss.net/security_center/static/4385.php