Lucene search

[email protected]CVE-2001-0553

HistoryAug 14, 2001 - 4:00 a.m.

CVE-2001-0553

2001-08-1404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

unix systems

ssh secure shell

password authentication

access control

vulnerability

7 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use “NP” in the password field.

CPENameOperatorVersion
ssh:secure_shellssh secure shelleq3.0.0

CPE	Name	Operator	Version
ssh:secure_shell	ssh secure shell	eq	3.0.0

References

archives.neohapsis.com/archives/bugtraq/2001-07/0486.html

www.ciac.org/ciac/bulletins/l-121.shtml

www.kb.cert.org/vuls/id/737451

www.osvdb.org/586

www.securityfocus.com/bid/3078

www.ssh.com/products/ssh/exploit.cfm

exchange.xforce.ibmcloud.com/vulnerabilities/6868

7 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for CVE-2001-0553

cert1 nessus1 securityvulns1