Lucene search

[email protected]NVD:CVE-2001-1467

HistoryApr 11, 2001 - 4:00 a.m.

CVE-2001-1467

2001-04-1104:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

80.3%

JSON

mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.

Affected configurations

Nvd

Node

don_libesexpectMatch5.2.8

VendorProductVersionCPE
don_libesexpect5.2.8cpe:2.3:a:don_libes:expect:5.2.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
don_libes	expect	5.2.8	cpe:2.3:a:don_libes:expect:5.2.8:::::::*

References

archives.neohapsis.com/archives/bugtraq/2001-04/0173.html

archives.neohapsis.com/archives/bugtraq/2001-04/0192.html

securitytracker.com/id?1001303

www.kb.cert.org/vuls/id/527736

www.securityfocus.com/bid/2632

exchange.xforce.ibmcloud.com/vulnerabilities/6382

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

80.3%

JSON

Related for NVD:CVE-2001-1467

cvelist1 debiancve1 cve1