Insecure Password Storage in Microsoft Site Server 3.0
CVE-1999-1246

Currently unrated

Key Information:

Vendor: Microsoft
Status: Site Server
Vendor: CVE Published:; 31 December 1999

What is CVE-1999-1246?

The Direct Mailer feature in Microsoft Site Server 3.0 has a critical vulnerability that involves storing user domain names and passwords in plaintext on the TMLBQueue network share. This share is configured with insecure default permissions, which allows remote attackers to gain unauthorized access to these credentials. As a result, attackers can exploit this vulnerability to escalate their privileges within the affected environment, posing a significant risk to data integrity and confidentiality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://support.microsoft.com/support/kb/articles/Q229/9/7...

vendor-advisoryx_refsource_MSKB

https://exchange.xforce.ibmcloud.com/vulnerabilities/2068

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Dec 31, 1999

JSON

Microsoft

What is CVE-1999-1246?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.