Plaintext Password Transmission in RhinoSoft Serv-U Remote Administration Client
CVE-2001-1463

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 19 November 2001

What is CVE-2001-1463?

The remote administration client for RhinoSoft Serv-U 3.0 is susceptible to a security issue where user passwords are transmitted in plaintext, even when the S/KEY One-Time Password (OTP) authentication method is enabled. This vulnerability could allow remote attackers to intercept and capture user credentials during transmission, making it critical for users to ensure that secure password transmission practices are implemented to safeguard sensitive information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7925

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/279763

third-party-advisoryx_refsource_CERT-VN

http://securitytracker.com/id?1002882

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Apr 21, 2005
Vulnerability published
Nov 19, 2001

Solarwinds

What is CVE-2001-1463?

References

Timeline