7.5
CVE-2001-1106
- EPSS 2.39%
- Veröffentlicht 25.07.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sambar ≫ Sambar Server Version4.1
Sambar ≫ Sambar Server Version4.2.1_production
Sambar ≫ Sambar Server Version4.3
Sambar ≫ Sambar Server Version4.4
Sambar ≫ Sambar Server Version5.0 Updatebeta1
Sambar ≫ Sambar Server Version5.0 Updatebeta2
Sambar ≫ Sambar Server Version5.0 Updatebeta3
Sambar ≫ Sambar Server Version5.0 Updatebeta4
Sambar ≫ Sambar Server Version5.0 Updatebeta5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.39% | 0.818 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.securityfocus.com/archive/1/199418
http://www.securityfocus.com/bid/3095
https://exchange.xforce.ibmcloud.com/vulnerabilities/6909