Description
Information from SSL-encrypted sessions via PKCS #1.
Product(s):
- C2Net Stonghold Web Server 2.0.1
- C2Net Stonghold Web Server 2.2
- C2Net Stonghold Web Server 2.3
- HP Open Market Secure WebServer 2.1
- Microsoft Exchange Server 5.5
- Microsoft IIS 3.0
- Microsoft IIS 3.0 Japanese
- Microsoft IIS 3.0 Korean
- Microsoft IIS 3.0 Chinese
- Microsoft IIS 4.0
- Microsoft Internet Information Server 4.0 Far East Edition
- Microsoft Internet Information Server 4.0 Alpha
- Microsoft IIS 4.0 Japanese
- Microsoft IIS 4.0 Korean
- Microsoft IIS 4.0 Chinese
- Microsoft Site Server 3.0
- Microsoft site_server 3.0 Commerce Edition
- Netscape Certificate Server 1.0 Patch 1
- Netscape Collabra Server 3.5.2
- Netscape Directory Server 1.3 Patch 5
- Netscape Netscape Directory Server 3.12
- Netscape Directory Server 3.1 Patch 1
- Netscape Netscape Enterprise Server 2.0
- Netscape Enterprise Server 3.0.1b
- Netscape Netscape Enterprise Server 3.5.1
- Netscape FastTrack 3.0.1B
- Netscape Netscape Messaging Server 3.54
- Netscape Netscape Proxy Server 3.5.1
- SSLEAY 0.6.6
- SSLEAY 0.8.1
- SSLEAY 0.9
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-1999-0007, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-1999-0007 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.
References:
- https://capec.mitre.org/data/definitions/20.html
- https://capec.mitre.org/data/definitions/459.html
- https://capec.mitre.org/data/definitions/473.html
- https://capec.mitre.org/data/definitions/475.html
- https://capec.mitre.org/data/definitions/608.html
- https://capec.mitre.org/data/definitions/614.html
- https://capec.mitre.org/data/definitions/97.html
- https://nvd.nist.gov/vuln/detail/CVE-1999-0007