Lucene search

[email protected]CVE-2001-1359

HistoryJun 08, 2001 - 4:00 a.m.

CVE-2001-1359

2001-06-0804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-1359

volution clients 1.0.7

ldap authentication failure

trojan horse

cybersecurity

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

80.8%

JSON

Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server.

CPENameOperatorVersion
caldera:volutioncaldera volutioneq1.0.7
caldera:volutioncaldera volutioneq1.0.6
caldera:volutioncaldera volutioneq1.0

CPE	Name	Operator	Version
caldera:volution	caldera volution	eq	1.0.7
caldera:volution	caldera volution	eq	1.0.6
caldera:volution	caldera volution	eq	1.0

References

www.caldera.com/support/security/advisories/CSSA-2001-021.0.txt

www.securityfocus.com/bid/2850

exchange.xforce.ibmcloud.com/vulnerabilities/6672

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

80.8%

JSON