CVE-2000-0979 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

source: https://www.securityfocus.com/bid/1780/info Share level password protection for the File and Print Sharing service in Windows 95/98/ME can be bypassed. Share level access provides peer to peer networking capabilities in the Windows 9x/ME environment. It depends on password protection in order to grant or deny access to resources. Due to a flaw in the implementation of File and Print Sharing security, a remote intruder could access share level protected resources without entering a complete password by programatically modifying the data length of the password. The flaw is due to the NetBIOS implementation in the password verification scheme share level access utilizes. The password length is compared to the length of data sent during the password verification process. If the password was programatically set to be 1 byte, then only the first byte would be verified. If a remote attacker was able to correctly guess the value of the first byte of the password on the target machine, access would be granted to the share level protected resource. Windows 9x remote administration is also affected by this vulnerability because it uses the same authentication scheme. Successful exploitation of this vulnerability could lead to the retrieval, modification, addition, and deletion of files residing on a file or print share. https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/20283.zip

source: https://www.securityfocus.com/bid/1780/info Share level password protection for the File and Print Sharing service in Windows 95/98/ME can be bypassed. Share level access provides peer to peer networking capabilities in the Windows 9x/ME environment. It depends on password protection in order to grant or deny access to resources. Due to a flaw in the implementation of File and Print Sharing security, a remote intruder could access share level protected resources without entering a complete password by programatically modifying the data length of the password. The flaw is due to the NetBIOS implementation in the password verification scheme share level access utilizes. The password length is compared to the length of data sent during the password verification process. If the password was programatically set to be 1 byte, then only the first byte would be verified. If a remote attacker was able to correctly guess the value of the first byte of the password on the target machine, access would be granted to the share level protected resource. Windows 9x remote administration is also affected by this vulnerability because it uses the same authentication scheme. Successful exploitation of this vulnerability could lead to the retrieval, modification, addition, and deletion of files residing on a file or print share. https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/20284.tar.gz