CVE-2001-0553
Summary
| CVE | CVE-2001-0553 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2001-08-14 04:00:00 UTC |
| Updated | 2017-10-10 01:29:00 UTC |
| Description | SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ssh | Secure Shell | 3.0.0 | All | All | All |
| Application | Ssh | Secure Shell | 3.0.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SSH Secure Shell Remote Root Exploit Vulnerability | CIAC | www.ciac.org | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CERT/CC Vulnerability Note VU#737451 | CERT-VN | www.kb.cert.org | US Government Resource |
| Page Not Found. Sorry about that! | CONFIRM | www.ssh.com | |
| 404 Not Found | OSVDB | www.osvdb.org | |
| SSH Short Password Login Vulnerability | BID | www.securityfocus.com | |
| Neohapsis Archives - Bugtraq - URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 - From [email protected] | BUGTRAQ | archives.neohapsis.com | Exploit, Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.