7.5
CVE-2001-1106
- EPSS 3.07%
- Veröffentlicht 25.07.2001 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sambar ≫ Sambar Server Version4.1
Sambar ≫ Sambar Server Version4.2.1_production
Sambar ≫ Sambar Server Version4.3
Sambar ≫ Sambar Server Version4.4
Sambar ≫ Sambar Server Version5.0 Updatebeta1
Sambar ≫ Sambar Server Version5.0 Updatebeta2
Sambar ≫ Sambar Server Version5.0 Updatebeta3
Sambar ≫ Sambar Server Version5.0 Updatebeta4
Sambar ≫ Sambar Server Version5.0 Updatebeta5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.07% | 0.865 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|