Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2001-1029 | First vendor Publication | 2001-09-20 |
Vendor | Cve | Last vendor Modification | 2017-10-10 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.1 | Attack Range | Local |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1029 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
6073 | OpenSSH on FreeBSD libutil Arbitrary File Read OpenSSH on FreeBSD platforms contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the user sets welcome or copyright file parameters to system-sensitive files in their login.conf, which will disclose the contents of those files to that user, resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2001-12-10 | Name : The SSH service running on the remote host has multiple vulnerabilities. File : openssh_uselogin_environment.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
BUGTRAQ | http://archives.neohapsis.com/archives/bugtraq/2001-09/0173.html |
OSVDB | http://www.osvdb.org/6073 |
XF | https://exchange.xforce.ibmcloud.com/vulnerabilities/8697 |
Alert History
Date | Informations |
---|---|
2024-02-02 01:01:48 |
|
2024-02-01 12:01:17 |
|
2023-09-05 12:01:43 |
|
2023-09-05 01:01:09 |
|
2023-09-02 12:01:45 |
|
2023-09-02 01:01:09 |
|
2023-08-12 12:02:05 |
|
2023-08-12 01:01:09 |
|
2023-08-11 12:01:48 |
|
2023-08-11 01:01:10 |
|
2023-08-06 12:01:40 |
|
2023-08-06 01:01:10 |
|
2023-08-04 12:01:43 |
|
2023-08-04 01:01:10 |
|
2023-07-14 12:01:42 |
|
2023-07-14 01:01:10 |
|
2023-03-29 01:01:40 |
|
2023-03-28 12:01:15 |
|
2022-10-11 12:01:31 |
|
2022-10-11 01:01:03 |
|
2021-05-05 01:01:11 |
|
2021-05-04 12:01:29 |
|
2021-04-22 01:01:38 |
|
2020-07-25 12:01:01 |
|
2020-05-23 01:35:38 |
|
2020-05-23 00:14:45 |
|
2019-03-21 01:00:58 |
|
2019-03-19 12:01:27 |
|
2017-10-10 09:23:22 |
|
2017-03-30 12:00:42 |
|
2016-06-28 14:57:12 |
|
2016-04-26 11:58:52 |
|
2014-02-17 10:24:06 |
|
2013-05-11 12:05:58 |
|