Vulnerability Description
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netscape | Communicator | 4.7 |
| Netscape | Navigator | All versions |
References
- http://marc.info/?l=bugtraq&m=94790377622943&w=2
- http://www.iss.net/security_center/static/4385.php
- http://marc.info/?l=bugtraq&m=94790377622943&w=2
- http://www.iss.net/security_center/static/4385.php
FAQ
What is CVE-2000-0087?
CVE-2000-0087 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacke...
How severe is CVE-2000-0087?
CVE-2000-0087 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0087?
Check the references section above for vendor advisories and patch information. Affected products include: Netscape Communicator, Netscape Navigator.