{"api_version":"1","generated_at":"2026-04-23T05:23:16+00:00","cve":"CVE-2000-0642","urls":{"html":"https://cve.report/CVE-2000-0642","api":"https://cve.report/api/cve/CVE-2000-0642.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2000-0642","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2000-0642"},"summary":{"title":"CVE-2000-0642","description":"The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page.","state":"PUBLISHED","assigner":"mitre","published_at":"2000-07-12 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://www.securityfocus.com/bid/1497","name":"http://www.securityfocus.com/bid/1497","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"],"title":"WEBactive HTTP Server Default Log Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671%40Rage.Resentment.org","name":"http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671%40Rage.Resentment.org","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Bugtraq","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/5184","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/5184","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671@Rage.Resentment.org","name":"BUGTRAQ:20000711 Lame DoS in WEBactive win65/NT server","refsource":"MITRE","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2000-0642","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2000-0642","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2000","cve_id":"642","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"itafrica","cpe5":"webactive","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T05:28:40.549Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"webactive-active-log(5184)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/5184"},{"name":"1497","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/1497"},{"name":"20000711 Lame DoS in WEBactive win65/NT server","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671%40Rage.Resentment.org"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2000-07-11T00:00:00.000Z","descriptions":[{"lang":"en","value":"The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2005-11-02T10:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"webactive-active-log(5184)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/5184"},{"name":"1497","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/1497"},{"name":"20000711 Lame DoS in WEBactive win65/NT server","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671%40Rage.Resentment.org"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2000-0642","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"webactive-active-log(5184)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/5184"},{"name":"1497","refsource":"BID","url":"http://www.securityfocus.com/bid/1497"},{"name":"20000711 Lame DoS in WEBactive win65/NT server","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671@Rage.Resentment.org"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2000-0642","datePublished":"2000-10-13T04:00:00.000Z","dateReserved":"2000-08-02T00:00:00.000Z","dateUpdated":"2024-08-08T05:28:40.549Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2000-07-12 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:itafrica:webactive:1.0:*:*:*:*:*:*:*","matchCriteriaId":"2DDF8C55-A416-4D20-86A0-F86875E60C12"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2000","CveId":"642","Ordinal":"1","Title":"CVE-2000-0642","CVE":"CVE-2000-0642","Year":"2000"},"notes":[{"CveYear":"2000","CveId":"642","Ordinal":"1","NoteData":"The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page.","Type":"Description","Title":"CVE-2000-0642"},{"CveYear":"2000","CveId":"642","Ordinal":"2","NoteData":"2000-10-13","Type":"Other","Title":"Published"},{"CveYear":"2000","CveId":"642","Ordinal":"3","NoteData":"2005-11-02","Type":"Other","Title":"Modified"}]}}}