Details of VAR-199904-0039

ID

VAR-199904-0039

CVE

CVE-1999-1323

TITLE

Internet Email Gateways (NAVIEG) navieg.ini and MS Exchange (NAVMSE) ModifyPassword Registry key Norton AntiVirus Encryption error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199904-023

DESCRIPTION

Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE. ini, (2) ModifyPassword registry entry under NAVMSE

Trust: 0.99

sources: NVD: CVE-1999-1323 // VULHUB: VHN-1304

AFFECTED PRODUCTS

vendor:	symantec	model:	norton antivirus	scope:	lte	version:	1.0.1.7	Trust: 1.0
vendor:	symantec	model:	norton antivirus	scope:	lte	version:	1.5	Trust: 1.0
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	1.5	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	1.0.1.7	Trust: 0.6

sources: CNNVD: CNNVD-199904-023 // NVD: CVE-1999-1323

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-1999-1323
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-199904-023
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-1304
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-1999-1323
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-1304
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-1304 // CNNVD: CNNVD-199904-023 // NVD: CVE-1999-1323

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1323

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-199904-023

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199904-023

EXTERNAL IDS

db:	NVD	id:	CVE-1999-1323	Trust: 1.7
db:	CNNVD	id:	CNNVD-199904-023	Trust: 0.7
db:	NTBUGTRAQ	id:	19990409 NAV FOR MS EXCHANGE & INTERNET EMAIL GATEWAYS	Trust: 0.6
db:	BID	id:	84469	Trust: 0.1
db:	VULHUB	id:	VHN-1304	Trust: 0.1

sources: VULHUB: VHN-1304 // CNNVD: CNNVD-199904-023 // NVD: CVE-1999-1323

REFERENCES

url:	http://marc.info/?l=ntbugtraq&m=92370067416739&w=2	Trust: 1.0
url:	http://marc.theaimsgroup.com/?l=ntbugtraq&m=92370067416739&w=2	Trust: 0.6
url:	http://marc.info/?l=ntbugtraq&m=92370067416739&w=2	Trust: 0.1

sources: VULHUB: VHN-1304 // CNNVD: CNNVD-199904-023 // NVD: CVE-1999-1323

SOURCES

db:	VULHUB	id:	VHN-1304
db:	CNNVD	id:	CNNVD-199904-023
db:	NVD	id:	CVE-1999-1323

LAST UPDATE DATE

2024-08-14T14:48:22.595000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-1304	date:	2016-10-18T00:00:00
db:	CNNVD	id:	CNNVD-199904-023	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-1999-1323	date:	2016-10-18T02:02:54.100

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-1304	date:	1999-04-09T00:00:00
db:	CNNVD	id:	CNNVD-199904-023	date:	1999-04-09T00:00:00
db:	NVD	id:	CVE-1999-1323	date:	1999-04-09T04:00:00