Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2001-1355

Malware in sbrugna...

7.2CVSS6.4AI score0.00053EPSS
Exploits0References9
OPENSUSE Linux
OPENSUSE Linuxadded 2016/01/06 10:10 p.m.33 views

Security update for grub2 (important)

Fix buffer overflows when reading username and password. bsc956631, CVE-2015-8370 - Check MS-DOS header to find PE file header. bsc954126 - Use dirname for copying Xen kernel and initrd to esp. bsc955493 - Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty. bsc954519 - Add luks,...

6.9CVSS0.04702EPSS
Exploits1References9
Cvelist
Cvelistadded 2005/04/21 4:0 a.m.12 views

CVE-2001-1467

mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks...

6.7AI score0.0079EPSS
Exploits0References6
CVE
CVEadded 2005/04/21 4:0 a.m.47 views

CVE-2001-1467

The CVE-2001-1467 issue affects mkpasswd in expect 5.2.8 as used by Red Hat Linux 6.2–7.0. The underlying problem is that the random number generator is seeded with the process ID, reducing the seed space and enabling easier brute-force password attacks. The associated metrics indicate a HIGH sev...

7.5CVSS6.7AI score0.0079EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVEadded 2005/04/21 4:0 a.m.21 views

CVE-2001-1467

mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks...

7.5CVSS6.6AI score0.0079EPSS
Exploits0
NVD
NVDadded 2001/07/19 4:0 a.m.15 views

CVE-2001-1374

expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd...

7.2CVSS6.6AI score0.00053EPSS
Exploits0References7
securityvulns
securityvulnsadded 2001/04/14 12:0 a.m.47 views

Дырка в mkpasswd из expect (weak password generation)

Алгоритм генерации случайного пароля позволяет всего 32193 комбинаций...

1AI score
Exploits0References2Affected Software2
securityvulns
securityvulnsadded 2001/04/14 12:0 a.m.20 views

mkpasswd: acutally its worse than just not many passwords

due to a fault in expect the interpreter that runs the mkpasswd script it is trivially easy to cause arbitrary commands to be executed by someone else. under RH7.0 anyway the search path for libs for it includes /var/tmp/ check out http://bugzilla.redhat.com/bugzilla/showbug.cgi?id=28224 for...

0.8AI score
Exploits0
securityvulns
securityvulnsadded 2001/04/12 12:0 a.m.26 views

flaw in RH ``mkpasswd'' command

Hey, The mkpasswd password generator that ships in the expect'' package of at least RedHat 6.2 generates only a relatively small number 2^15 for the default password length of passwords. Presumably this is a result of trying to apply too many rules of what is a good'' password to the generation...

7.1AI score
Exploits0
NVD
NVDadded 2001/04/11 4:0 a.m.6 views

CVE-2001-1467

mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks...

7.5CVSS6.7AI score0.0079EPSS
Exploits0References6
Rows per page
Query Builder