CVE-2001-0978 — Improper Control of Interaction Frequency in HP Hp-ux

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

1.3%

top 20.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Hp-ux

Timeline

PublishedSep 3

Latest updateApr 30

Description

login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDhp/hp-ux10.26

Patches

Patch: archives.neohapsis.com ↗Patch: www.securityfocus.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-j785-x57f-22x3: login in HP-UX 10↗2022-04-30

▶

CVEList

CVE-2001-0978: login in HP-UX 10↗2003-04-02

▶