CVE-2001-1374

Published: Jul 19, 2001Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.

Affected (40)

Products: Conectiva: Linux · Don Libes: Expect · Redhat: Linux

1 product

1 product

1 product

Configuration A

39 vulnerable

Vulnerable Software	Affected Versions
Conectiva Linux	Version 6.0
Conectiva Linux	Version 7.0
Don Libes Expect	Version 0
Don Libes Expect	Version 1
Don Libes Expect	Version 2
Don Libes Expect	Version 3
Don Libes Expect	Version 4
Don Libes Expect	Version 5.0
Don Libes Expect	Version 5.10
Don Libes Expect	Version 5.11
Don Libes Expect	Version 5.12
Don Libes Expect	Version 5.13
Don Libes Expect	Version 5.14
Don Libes Expect	Version 5.15
Don Libes Expect	Version 5.16
Don Libes Expect	Version 5.17
Don Libes Expect	Version 5.18
Don Libes Expect	Version 5.19
Don Libes Expect	Version 5.1
Don Libes Expect	Version 5.20
Don Libes Expect	Version 5.21
Don Libes Expect	Version 5.22
Don Libes Expect	Version 5.23
Don Libes Expect	Version 5.24
Don Libes Expect	Version 5.25
Don Libes Expect	Version 5.26
Don Libes Expect	Version 5.27
Don Libes Expect	Version 5.28
Don Libes Expect	Version 5.29
Don Libes Expect	Version 5.2
Don Libes Expect	Version 5.30
Don Libes Expect	Version 5.31
Don Libes Expect	Version 5.3
Don Libes Expect	Version 5.4
Don Libes Expect	Version 5.5
Don Libes Expect	Version 5.6
Don Libes Expect	Version 5.7
Don Libes Expect	Version 5.8
Don Libes Expect	Version 5.9