CVE-2000-0651

3 documents3 sources

Severity

7.5HIGH

EPSS

0.5%

top 33.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Bordermanager

Timeline

PublishedJul 7

Latest updateApr 30

Description

The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024 of the victim's machine.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDnovell/bordermanager3.0, 3.5+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-wf72-vr87-m228: The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to↗2022-04-30

▶

CVEList

CVE-2000-0651: The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to↗2000-10-13

▶