Vulnerability Description
Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samba | Samba | 2.0.7 |
References
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.htmlExploitPatchVendor Advisory
- http://www.securityfocus.com/bid/1873ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5442
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.htmlExploitPatchVendor Advisory
- http://www.securityfocus.com/bid/1873ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5442
FAQ
What is CVE-2000-0937?
CVE-2000-0937 is a vulnerability with a CVSS score of 7.5 (HIGH). Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force passwor...
How severe is CVE-2000-0937?
CVE-2000-0937 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0937?
Check the references section above for vendor advisories and patch information. Affected products include: Samba Samba.