Vulnerabilities > CVE-2000-0979 - Unspecified vulnerability in Microsoft products

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

microsoft

exploit available

NVD

Published: 2000-12-19

Updated: 2018-10-12

Summary

File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 95 * Microsoft Windows 98 * Microsoft Windows 98Se * Microsoft Windows ME *	4

Exploit-Db

description	Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability (1). CVE-2000-0979. Remote exploit for windows platform
id	EDB-ID:20283
last seen	2016-02-02
modified	2000-10-10
published	2000-10-10
reporter	stickler
source	https://www.exploit-db.com/download/20283/
title	Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability 1

description	Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability (2). CVE-2000-0979. Remote exploit for windows platform
id	EDB-ID:20284
last seen	2016-02-02
modified	2000-10-10
published	2000-10-10
reporter	Gabriel Maggiotti
source	https://www.exploit-db.com/download/20284/
title	Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability 2

Oval

accepted

2005-10-19T05:47:00.000-04:00

class

vulnerability

contributors

name Tiffany Bergeron
organization The MITRE Corporation
name Christine Walzer
organization The MITRE Corporation

description

family

windows

oval:org.mitre.oval:def:996

status

accepted

submitted

2004-05-18T12:00:00.000-04:00

title

Microsoft Share Level Password Vulnerability

version

Summary

Vulnerable Configurations

Exploit-Db

Oval

References