exploitDog

CVE-2001-1169

Опубликовано: 02 сент. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-08/0441.html
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-08/0441.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:bell_communications_research:s_key:gold:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00471

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-hxfh-gjpx-m797

github

больше 3 лет назад

keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo.

EPSS

Процентиль: 64%

0.00471

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other