CVE-2001-1467

mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.
Configurations

Configuration 1 (hide)

cpe:2.3:a:don_libes:expect:5.2.8:*:*:*:*:*:*:*

History

20 Nov 2024, 23:37

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2001-04/0173.html - () http://archives.neohapsis.com/archives/bugtraq/2001-04/0173.html -
References () http://archives.neohapsis.com/archives/bugtraq/2001-04/0192.html - () http://archives.neohapsis.com/archives/bugtraq/2001-04/0192.html -
References () http://securitytracker.com/id?1001303 - () http://securitytracker.com/id?1001303 -
References () http://www.kb.cert.org/vuls/id/527736 - US Government Resource () http://www.kb.cert.org/vuls/id/527736 - US Government Resource
References () http://www.securityfocus.com/bid/2632 - () http://www.securityfocus.com/bid/2632 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/6382 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/6382 -

Information

Published : 2001-04-11 04:00

Updated : 2024-11-20 23:37


NVD link : CVE-2001-1467

Mitre link : CVE-2001-1467

CVE.ORG link : CVE-2001-1467


JSON object : View

Products Affected

don_libes

  • expect