Vulnerabilities

CVE-2001-1169

by Fred · 15/03/2002

keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo.

Date published : 2002-03-15

http://archives.neohapsis.com/archives/bugtraq/2001-08/0441.html

Similar

Tags: Cybersecurity Alert