CVE-2001-0981 — HP Cifs-9000 Server vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

0.4%

top 39.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Cifs-9000 Server

Timeline

PublishedAug 31

Latest updateApr 30

Description

HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/cifs-9000_servera.01.07

Patches

Patch: archives.neohapsis.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-6ch6-64q2-fpvr: HP CIFS/9000 Server (SAMBA) A↗2022-04-30

▶

CVEList

CVE-2001-0981: HP CIFS/9000 Server (SAMBA) A↗2002-06-25

▶