CVE-2001-0981

Published: Aug 31, 2001Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.

Affected (1)

Products: Hp: Cifs 9000 Server

1 product

Cifs 9000 Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Cifs 9000 Server	Up to a.01.07

References (4)

http://archives.neohapsis.com/archives/hp/2001-q3/0048.html

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7051

Source: cve@mitre.org

http://archives.neohapsis.com/archives/hp/2001-q3/0048.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7051

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.