Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2002-03-09T05:00:00
Updated: 2024-08-01T17:02:53.797Z
Reserved: 2001-08-31T00:00:00
Link: CVE-1999-1246
Vulnrichment
No data.
NVD
Status : Modified
Published: 1999-12-31T05:00:00.000
Modified: 2024-11-20T23:30:39.633
Link: CVE-1999-1246
Redhat
No data.