CVE-2000-0937
First published: Tue Dec 19 2000(Updated: )
Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samba | =2.0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-0937?
CVE-2000-0937 is considered a medium severity vulnerability due to its potential for allowing brute force password guessing attacks.
How do I fix CVE-2000-0937?
To fix CVE-2000-0937, upgrade to a later version of Samba that includes logging for failed login attempts.
What is the impact of CVE-2000-0937?
The impact of CVE-2000-0937 is that it allows attackers to guess passwords without being logged, increasing the likelihood of successful unauthorized access.
Is CVE-2000-0937 exploitable remotely?
Yes, CVE-2000-0937 is exploitable remotely, allowing attackers to conduct brute force attacks over the network.
Which version of Samba is affected by CVE-2000-0937?
CVE-2000-0937 specifically affects Samba version 2.0.7.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/samba
- canonical/samba
- version/samba/2.0.7