CVE-2000-0979

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 98se; Windows 95; Windows Me; Windows 98
Vendor: CVE Published:; 19 December 2000

Badges

👾 Exploit Exists🟡 Public PoC

Summary

File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2000-0979
Created by Z6543

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://exchange.xforce.ibmcloud.com/vulnerabilities/5395

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/1780

vdb-entryx_refsource_BID

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

🟡
Public PoC available
Oct 26, 2019
👾
Exploit known to exist
Oct 26, 2019
Vulnerability published
Dec 19, 2000
Vulnerability Reserved
Nov 24, 2000

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)