Vulnerability Details : CVE-1999-0506
Public exploit exists!
A Windows NT domain user or administrator account has a default, null, blank, or missing password.
Exploit prediction scoring system (EPSS) score for CVE-1999-0506
Probability of exploitation activity in the next 30 days: 0.08%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 35 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-1999-0506
-
SMB Login Check Scanner
First seen: 2020-04-26auxiliary/scanner/smb/smb_loginThis module will test a SMB login on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access. Authors: - tebo <tebo@a -
MSSQL Login Utility
First seen: 2020-04-26auxiliary/scanner/mssql/mssql_loginThis module simply queries the MSSQL instance for a specific user/pass (default is sa with blank). Authors: - MC <mc@metasploit.com> -
VNC Authentication Scanner
First seen: 2020-04-26auxiliary/scanner/vnc/vnc_loginThis module will test a VNC server on a range of machines and report successful logins. Currently it supports RFB protocol version 3.3, 3.7, 3.8 and 4.001 using the VNC challenge response authentication method. Authors: - carstein <carstein.sec@gmail.com>
CVSS scores for CVE-1999-0506
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-1999-0506
Products affected by CVE-1999-0506
- cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*