ID

VAR-199809-0010


CVE

CVE-1999-0897


TITLE

apple's  iChat Server  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-1998-000020

DESCRIPTION

iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. apple's iChat Server Exists in unspecified vulnerabilities.None. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks

Trust: 1.98

sources: NVD: CVE-1999-0897 // JVNDB: JVNDB-1998-000020 // BID: 88410 // VULHUB: VHN-878

AFFECTED PRODUCTS

vendor:applemodel:ichat serverscope:eqversion:3.0

Trust: 1.6

vendor:アップルmodel:ichat serverscope:eqversion: -

Trust: 0.8

vendor:アップルmodel:ichat serverscope:eqversion:3.0

Trust: 0.8

sources: JVNDB: JVNDB-1998-000020 // CNNVD: CNNVD-199809-010 // NVD: CVE-1999-0897

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-0897
value: MEDIUM

Trust: 1.0

NVD: CVE-1999-0897
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-199809-010
value: MEDIUM

Trust: 0.6

VULHUB: VHN-878
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-1999-0897
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-878
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-878 // JVNDB: JVNDB-1998-000020 // CNNVD: CNNVD-199809-010 // NVD: CVE-1999-0897

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-1998-000020 // NVD: CVE-1999-0897

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199809-010

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199809-010

PATCH

title:bug in iChat 3.0 (maybe others)url:https://marc.info/?l=bugtraq&m=90538488231977&w=2

Trust: 0.8

sources: JVNDB: JVNDB-1998-000020

EXTERNAL IDS

db:NVDid:CVE-1999-0897

Trust: 3.6

db:JVNDBid:JVNDB-1998-000020

Trust: 0.8

db:CNNVDid:CNNVD-199809-010

Trust: 0.7

db:BUGTRAQid:19980908 BUG IN ICHAT 3.0 (MAYBE OTHERS)

Trust: 0.6

db:BIDid:88410

Trust: 0.4

db:VULHUBid:VHN-878

Trust: 0.1

sources: VULHUB: VHN-878 // BID: 88410 // JVNDB: JVNDB-1998-000020 // CNNVD: CNNVD-199809-010 // NVD: CVE-1999-0897

REFERENCES

url:http://marc.info/?l=bugtraq&m=90538488231977&w=2

Trust: 2.1

url:http://marc.theaimsgroup.com/?l=bugtraq&m=90538488231977&w=2

Trust: 0.9

url:https://nvd.nist.gov/vuln/detail/cve-1999-0897

Trust: 0.8

url: -

Trust: 0.1

sources: VULHUB: VHN-878 // BID: 88410 // JVNDB: JVNDB-1998-000020 // CNNVD: CNNVD-199809-010 // NVD: CVE-1999-0897

CREDITS

Unknown

Trust: 0.3

sources: BID: 88410

SOURCES

db:VULHUBid:VHN-878
db:BIDid:88410
db:JVNDBid:JVNDB-1998-000020
db:CNNVDid:CNNVD-199809-010
db:NVDid:CVE-1999-0897

LAST UPDATE DATE

2024-11-22T23:12:13.201000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-878date:2016-10-18T00:00:00
db:BIDid:88410date:1998-09-09T00:00:00
db:JVNDBid:JVNDB-1998-000020date:2024-05-13T02:39:00
db:CNNVDid:CNNVD-199809-010date:2005-09-12T00:00:00
db:NVDid:CVE-1999-0897date:2024-11-20T23:29:47.867

SOURCES RELEASE DATE

db:VULHUBid:VHN-878date:1998-09-09T00:00:00
db:BIDid:88410date:1998-09-09T00:00:00
db:JVNDBid:JVNDB-1998-000020date:2024-05-13T00:00:00
db:CNNVDid:CNNVD-199809-010date:1998-09-09T00:00:00
db:NVDid:CVE-1999-0897date:1998-09-09T04:00:00