CVE-2001-1463

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 19 November 2001

Summary

The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote attackers to sniff passwords.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7925

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/279763

third-party-advisoryx_refsource_CERT-VN

http://securitytracker.com/id?1002882

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability Reserved
Apr 21, 2005
Vulnerability published
Nov 19, 2001