CVE-1999-1020
First published: Fri Sep 18 1998(Updated: )
The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Novell NetWare FTP Server | =4.11-sp5b | |
| Novell NetWare FTP Server | =4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-1999-1020?
CVE-1999-1020 is considered a high severity vulnerability due to its ability to expose sensitive user information.
How do I fix CVE-1999-1020?
To mitigate CVE-1999-1020, you should configure access controls to restrict unauthenticated access on Novell Netware.
What systems are affected by CVE-1999-1020?
CVE-1999-1020 affects Novell NetWare versions 4.1 and 4.11 with Service Pack 5b.
What can attackers do with CVE-1999-1020?
Attackers exploiting CVE-1999-1020 can access sensitive information such as user and group details.
Is CVE-1999-1020 still relevant today?
While CVE-1999-1020 pertains to legacy software, its underlying principles of access control are still significant in modern systems.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/references
- agent/description
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/nvd-index
- vendor/novell
- canonical/novell netware ftp server
- version/novell netware ftp server/4.11-sp5b
- version/novell netware ftp server/4.1