CVE-1999-1020 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

source: https://www.securityfocus.com/bid/484/info Non-authenticated clients have access to CX.EXE and NLIST.EXE in the SYS:LOGIN directory of a Netware 4.x server. The default root access is set to Read. Therefore, by using various switch options in CX.EXE and NLIST.EXE, anyone connecting to the server can gain access to NDS tree information such as account names, group names and membership, tree layout etc. By attaching to different servers and switching contexts an intruder could gain an understanding of the NDS structure for the entire network. The following commands can be issued by a client connected to a NetWare 4.x or IntranetWare server, revealing most if not all user account names, in addition to most of if not the entire tree layout. CX /T /A /R - list all readable user and container object names in tree, and can give a rather accurate layout of the containers and basic contents NLIST USER /D - list info regarding user names in current context NLIST GROUPS /D - list groups and group membership in current context NLIST SERVER /D - list server names and OS versions, and if attached reveal if accounting is installed or not NLIST /OT=* /DYN /D - list all readable objects, including dynamic objects, names of NDS trees, etc