National Cyber-Alert System
Vulnerability Summary: CVE-2000-0087
Orirignal release date: 2000-01-12
Source: US-CERT/NIST

Overview

    Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.

Impact

    CVSS Severity: 3.3 (Low)
    Range: remote
    Authentication: design
    Impact Type: conf

Reference to Advisories, Solutions, and Tools

Vulnerable Software and Vendor

    Navigator (Netscape)
    Communicator (Netscape)

Technical Details

CVE Standard Vulnerability Entry: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0087