CVE-2001-0981

Currently unrated

Key Information:

Vendor: HP
Status: Cifs-9000 Server
Vendor: CVE Published:; 31 August 2001

Summary

HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7051

vdb-entryx_refsource_XF

http://archives.neohapsis.com/archives/hp/2001-q3/0048.html

vendor-advisoryx_refsource_HP

Timeline

Vulnerability Reserved
Jan 31, 2002
Vulnerability published
Aug 31, 2001