CVE-2001-0981 — HIGH (10.0)

Q: How severe is CVE-2001-0981?

CVE-2001-0981 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2001-0981?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Cifs-9000 Server.

Vulnerability Description

HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Hp	Cifs-9000 Server	<= a.01.07

References

http://archives.neohapsis.com/archives/hp/2001-q3/0048.htmlPatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7051
http://archives.neohapsis.com/archives/hp/2001-q3/0048.htmlPatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7051

FAQ

What is CVE-2001-0981?

CVE-2001-0981 is a vulnerability with a CVSS score of 10.0 (HIGH). HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause ...

How severe is CVE-2001-0981?

CVE-2001-0981 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2001-0981?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Cifs-9000 Server.