Don Libes Expect vulnerabilities
2 known vulnerabilities affecting don_libes/expect.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2001-1374HIGHCVSS 7.2v0v1+35 more2001-07-19
CVE-2001-1374 [HIGH] CVE-2001-1374: expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allo
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
nvd
CVE-2001-1467HIGHCVSS 7.5v5.2.82001-04-11
CVE-2001-1467 [HIGH] CVE-2001-1467: mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generato
mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.
nvd