CVE-2000-0538 - Vulnerability Details - OpenCVE

ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Allaire	Coldfusion Server

Configuration 1 [-]

OR	cpe:2.3:a:allaire:coldfusion_server:2.0:::::::*
	cpe:2.3:a:allaire:coldfusion_server:3.0:::::::*
	cpe:2.3:a:allaire:coldfusion_server:3.01:::::::*
	cpe:2.3:a:allaire:coldfusion_server:3.1:::::::*
	cpe:2.3:a:allaire:coldfusion_server:3.11:::::::*
	cpe:2.3:a:allaire:coldfusion_server:3.12:::::::*
	cpe:2.3:a:allaire:coldfusion_server:4.0:::::::*
	cpe:2.3:a:allaire:coldfusion_server:4.0.1:::::::*
	cpe:2.3:a:allaire:coldfusion_server:4.5:::::::*
	cpe:2.3:a:allaire:coldfusion_server:4.5.1:::::::*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=96045469627806&w=2
http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full
http://www.osvdb.org/3399
http://www.securityfocus.com/bid/1314
https://exchange.xforce.ibmcloud.com/vulnerabilities/4611

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2000-10-13T04:00:00

Updated: 2024-08-08T05:21:31.209Z

Reserved: 2000-07-11T00:00:00

Link: CVE-2000-0538

Vulnrichment

No data.

NVD

Status : Modified

Published: 2000-06-07T04:00:00.000

Modified: 2024-11-20T23:32:43.890

Link: CVE-2000-0538

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-06-07T00:00:00", "descriptions": [{"lang": "en", "value": "ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20000607 New Allaire ColdFusion DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=96045469627806&w=2"}, {"name": "coldfusion-parse-dos(4611)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4611"}, {"name": "3399", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/3399"}, {"name": "ASB00-14", "tags": ["vendor-advisory", "x_refsource_ALLAIRE"], "url": "http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full"}, {"name": "1314", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1314"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0538", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20000607 New Allaire ColdFusion DoS", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=96045469627806&w=2"}, {"name": "coldfusion-parse-dos(4611)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4611"}, {"name": "3399", "refsource": "OSVDB", "url": "http://www.osvdb.org/3399"}, {"name": "ASB00-14", "refsource": "ALLAIRE", "url": "http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full"}, {"name": "1314", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1314"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T05:21:31.209Z"}, "title": "CVE Program Container", "references": [{"name": "20000607 New Allaire ColdFusion DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=96045469627806&w=2"}, {"name": "coldfusion-parse-dos(4611)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4611"}, {"name": "3399", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/3399"}, {"name": "ASB00-14", "tags": ["vendor-advisory", "x_refsource_ALLAIRE", "x_transferred"], "url": "http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full"}, {"name": "1314", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/1314"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0538", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-07-11T00:00:00", "dateUpdated": "2024-08-08T05:21:31.209Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:allaire:coldfusion_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE00F45E-C410-4268-B0EC-18B4043E6631", "vulnerable": true}, {"criteria": "cpe:2.3:a:allaire:coldfusion_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BB5B124-A5C2-4B24-8091-FF9863D17BF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:allaire:coldfusion_server:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "A32F27D3-0ECD-49BB-B32F-2F531DE6836D", "vulnerable": true}, {"criteria": "cpe:2.3:a:allaire:coldfusion_server:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "DC21856A-F57F-4C34-8276-5880B57A2DD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:allaire:coldfusion_server:3.11:*:*:*:*:*:*:*", "matchCriteriaId": "9646F809-1016-49AD-B60A-481CDB7D5ECF", "vulnerable": true}, {"criteria": "cpe:2.3:a:allaire:coldfusion_server:3.12:*:*:*:*:*:*:*", "matchCriteriaId": "926AAAD1-68C5-4816-B387-8B1BB4E9E1C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:allaire:coldfusion_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C334CA02-D4EC-40D0-B75F-AFBC0F3903E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:allaire:coldfusion_server:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3630623B-468C-4E71-9C57-EFF83E5EFA4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:allaire:coldfusion_server:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "292DA1C8-5B98-4552-B51B-B0C3F230321F", "vulnerable": true}, {"criteria": "cpe:2.3:a:allaire:coldfusion_server:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FA98847-8A14-409C-86E8-C7652E5ECF0C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password."}], "id": "CVE-2000-0538", "lastModified": "2024-11-20T23:32:43.890", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2000-06-07T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=96045469627806&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/3399"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/1314"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4611"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=96045469627806&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/3399"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/1314"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4611"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}