CVE-2000-0516

Shiva Access Manager 5.0.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0516. PoCs published by Blaise St. Laurent.

AI-analyzed exploit summary This is a writeup describing an information leakage vulnerability in Shiva Access Manager's default configuration on Solaris. The vulnerability allows unauthorized access to LDAP credentials stored in a world-readable file, which can be used to compromise the LDAP server.

Description

When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Blaise St. Laurent · textlocalsolaris
https://www.exploit-db.com/exploits/20003

This is a writeup describing an information leakage vulnerability in Shiva Access Manager's default configuration on Solaris. The vulnerability allows unauthorized access to LDAP credentials stored in a world-readable file, which can be used to compromise the LDAP server.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Shiva Access Manager (Solaris version)
No auth needed
Prerequisites: Access to the file system where Shiva Access Manager is installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-06/0008.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1329
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/4612

Scores

EPSS 0.0040
EPSS Percentile 60.7%

Details

Status published
Products (1)
intel/shiva_access_manager 5.0
Published Jun 06, 2000
Tracked Since Feb 18, 2026