Don Libes

don_libes

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Expect

expect

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2001-1374 3Conectiva Don LibesRedhat 3Expect LinuxLinux Apr 16, 2026 Jul 19, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
CVE-2001-1467 1Don Libes 1Expect Apr 16, 2026 Apr 11, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force...Show more mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2001-1374

3Conectiva

Don LibesRedhat

3Expect

LinuxLinux

Apr 16, 2026

Jul 19, 2001

N/A· v4

N/A· v3

7.2 HIGH· v2

expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.

CVE-2001-1467

1Don Libes

1Expect

Apr 16, 2026

Apr 11, 2001

N/A· v4

N/A· v3

7.5 HIGH· v2

mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force...Show more