Search criteria
5 vulnerabilities by tumbleweed
CVE-2006-4727 (GCVE-0-2006-4727)
Vulnerability from cvelistv5 – Published: 2008-05-09 17:00 – Updated: 2024-08-07 19:23
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in Tumbleweed EMF Administration Module 6.2.2 Build 4123, and possibly other versions before 6.3.2, allows remote attackers to inject arbitrary web script or HTML via the (1) lineId and (2) sort parameters.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://osvdb.org/ref/28/28722-tumbleweed-emf.txt"
},
{
"name": "tumbleweed-emf-statusview-xss(42392)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42392"
},
{
"name": "28722",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28722"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in Tumbleweed EMF Administration Module 6.2.2 Build 4123, and possibly other versions before 6.3.2, allows remote attackers to inject arbitrary web script or HTML via the (1) lineId and (2) sort parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://osvdb.org/ref/28/28722-tumbleweed-emf.txt"
},
{
"name": "tumbleweed-emf-statusview-xss(42392)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42392"
},
{
"name": "28722",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28722"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4727",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in Tumbleweed EMF Administration Module 6.2.2 Build 4123, and possibly other versions before 6.3.2, allows remote attackers to inject arbitrary web script or HTML via the (1) lineId and (2) sort parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://osvdb.org/ref/28/28722-tumbleweed-emf.txt",
"refsource": "MISC",
"url": "http://osvdb.org/ref/28/28722-tumbleweed-emf.txt"
},
{
"name": "tumbleweed-emf-statusview-xss(42392)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42392"
},
{
"name": "28722",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28722"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4727",
"datePublished": "2008-05-09T17:00:00",
"dateReserved": "2006-09-12T00:00:00",
"dateUpdated": "2024-08-07T19:23:41.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1724 (GCVE-0-2008-1724)
Vulnerability from cvelistv5 – Published: 2008-04-11 19:00 – Updated: 2024-08-07 08:32
VLAI?
Summary
Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary code via a long remoteFile parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080407 Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490536/100/0/threaded"
},
{
"name": "29717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29717"
},
{
"name": "3806",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3806"
},
{
"name": "securetransport-filetransfer-activex-bo(41692)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41692"
},
{
"name": "ADV-2008-1165",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1165/references"
},
{
"name": "5398",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5398"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.aushack.com/200708-tumbleweed.txt"
},
{
"name": "28662",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28662"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary code via a long remoteFile parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080407 Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490536/100/0/threaded"
},
{
"name": "29717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29717"
},
{
"name": "3806",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3806"
},
{
"name": "securetransport-filetransfer-activex-bo(41692)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41692"
},
{
"name": "ADV-2008-1165",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1165/references"
},
{
"name": "5398",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5398"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.aushack.com/200708-tumbleweed.txt"
},
{
"name": "28662",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28662"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1724",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary code via a long remoteFile parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080407 Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490536/100/0/threaded"
},
{
"name": "29717",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29717"
},
{
"name": "3806",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3806"
},
{
"name": "securetransport-filetransfer-activex-bo(41692)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41692"
},
{
"name": "ADV-2008-1165",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1165/references"
},
{
"name": "5398",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5398"
},
{
"name": "http://www.aushack.com/200708-tumbleweed.txt",
"refsource": "MISC",
"url": "http://www.aushack.com/200708-tumbleweed.txt"
},
{
"name": "28662",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28662"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1724",
"datePublished": "2008-04-11T19:00:00",
"dateReserved": "2008-04-11T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3901 (GCVE-0-2006-3901)
Vulnerability from cvelistv5 – Published: 2006-07-27 10:00 – Updated: 2024-08-07 18:48
VLAI?
Summary
Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the "temporary pathname" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060725 Hustle -- Tumbleweed Email Firewall Remote Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441497/100/0/threaded"
},
{
"name": "21194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21194"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.hustlelabs.com/advisories/04072006_tweed.pdf"
},
{
"name": "27495",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27495"
},
{
"name": "20060724 Hustle -- Tumbleweed Email Firewall Remote",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115378437918939\u0026w=2"
},
{
"name": "19146",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19146"
},
{
"name": "ADV-2006-2970",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2970"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the \"temporary pathname\" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060725 Hustle -- Tumbleweed Email Firewall Remote Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441497/100/0/threaded"
},
{
"name": "21194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21194"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.hustlelabs.com/advisories/04072006_tweed.pdf"
},
{
"name": "27495",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27495"
},
{
"name": "20060724 Hustle -- Tumbleweed Email Firewall Remote",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115378437918939\u0026w=2"
},
{
"name": "19146",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19146"
},
{
"name": "ADV-2006-2970",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2970"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the \"temporary pathname\" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060725 Hustle -- Tumbleweed Email Firewall Remote Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441497/100/0/threaded"
},
{
"name": "21194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21194"
},
{
"name": "http://www.hustlelabs.com/advisories/04072006_tweed.pdf",
"refsource": "MISC",
"url": "http://www.hustlelabs.com/advisories/04072006_tweed.pdf"
},
{
"name": "27495",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27495"
},
{
"name": "20060724 Hustle -- Tumbleweed Email Firewall Remote",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=115378437918939\u0026w=2"
},
{
"name": "19146",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19146"
},
{
"name": "ADV-2006-2970",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2970"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3901",
"datePublished": "2006-07-27T10:00:00",
"dateReserved": "2006-07-26T00:00:00",
"dateUpdated": "2024-08-07T18:48:39.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0487 (GCVE-0-2006-0487)
Vulnerability from cvelistv5 – Published: 2006-02-01 02:00 – Updated: 2024-08-07 16:34
VLAI?
Summary
Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under "extremely heavy loads" and (2) cause an "increased number of missed spam" during "spam outbreaks."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:14.844Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060121 Tumbleweed EMF 6.x Processing Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422591/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under \"extremely heavy loads\" and (2) cause an \"increased number of missed spam\" during \"spam outbreaks.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060121 Tumbleweed EMF 6.x Processing Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422591/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0487",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under \"extremely heavy loads\" and (2) cause an \"increased number of missed spam\" during \"spam outbreaks.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060121 Tumbleweed EMF 6.x Processing Issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422591/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0487",
"datePublished": "2006-02-01T02:00:00",
"dateReserved": "2006-01-31T00:00:00",
"dateUpdated": "2024-08-07T16:34:14.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0772 (GCVE-0-2000-0772)
Vulnerability from cvelistv5 – Published: 2000-09-21 04:00 – Updated: 2024-08-08 05:28
VLAI?
Summary
The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account "sa" with no password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm"
},
{
"name": "tumbleweed-mms-blank-password(5072)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5072"
},
{
"name": "1562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1562"
},
{
"name": "20000810 Tumbleweed Worldsecure (MMS) BLANK \u0027sa\u0027 account password vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account \"sa\" with no password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm"
},
{
"name": "tumbleweed-mms-blank-password(5072)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5072"
},
{
"name": "1562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1562"
},
{
"name": "20000810 Tumbleweed Worldsecure (MMS) BLANK \u0027sa\u0027 account password vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0772",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account \"sa\" with no password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm",
"refsource": "CONFIRM",
"url": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm"
},
{
"name": "tumbleweed-mms-blank-password(5072)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5072"
},
{
"name": "1562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1562"
},
{
"name": "20000810 Tumbleweed Worldsecure (MMS) BLANK \u0027sa\u0027 account password vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0772",
"datePublished": "2000-09-21T04:00:00",
"dateReserved": "2000-09-19T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}