7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.3%
mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | expect | < 5.45.4-2 | expect_5.45.4-2_all.deb |
Debian | 11 | all | expect | < 5.45.4-2 | expect_5.45.4-2_all.deb |
Debian | 999 | all | expect | < 5.45.4-3 | expect_5.45.4-3_all.deb |
Debian | 13 | all | expect | < 5.45.4-3 | expect_5.45.4-3_all.deb |