CVE-1999-1246 - CVE Details

Description

Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

microsoft - site_server

Affected Versions:

References

http://support.microsoft.com/support/kb/articles/Q229/9/72.asp
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/2068
http://support.microsoft.com/support/kb/articles/Q229/9/72.asp
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/2068