Vulnerabilities > CVE-2000-0979 - Unspecified vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 4 |
Exploit-Db
description Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability (1). CVE-2000-0979. Remote exploit for windows platform id EDB-ID:20283 last seen 2016-02-02 modified 2000-10-10 published 2000-10-10 reporter stickler source https://www.exploit-db.com/download/20283/ title Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability 1 description Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability (2). CVE-2000-0979. Remote exploit for windows platform id EDB-ID:20284 last seen 2016-02-02 modified 2000-10-10 published 2000-10-10 reporter Gabriel Maggiotti source https://www.exploit-db.com/download/20284/ title Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability 2
Oval
accepted | 2005-10-19T05:47:00.000-04:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
description | File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability. | ||||||||
family | windows | ||||||||
id | oval:org.mitre.oval:def:996 | ||||||||
status | accepted | ||||||||
submitted | 2004-05-18T12:00:00.000-04:00 | ||||||||
title | Microsoft Share Level Password Vulnerability | ||||||||
version | 65 |
References
- http://marc.info/?l=bugtraq&m=97147777618139&w=2
- http://www.securityfocus.com/bid/1780
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5395
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996