exploitDog

CVE-2001-0981

Опубликовано: 31 авг. 2001

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.

Ссылки

http://archives.neohapsis.com/archives/hp/2001-q3/0048.html
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7051
http://archives.neohapsis.com/archives/hp/2001-q3/0048.html
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7051

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hp:cifs-9000_server:*:*:*:*:*:*:*:*

Версия до a.01.07 (включая)

EPSS

Процентиль: 60%

0.00393

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-6ch6-64q2-fpvr

github

почти 4 года назад

HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.

EPSS

Процентиль: 60%

0.00393

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other