Security Vulnerabilities, CVEs, Published In 2001 (Bypass) CVSS score >= 3
SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote attackers to bypass authentication as other users by supplying a public key from that user's authorized_keys file.
Max CVSS
6.8
EPSS Score
0.89%
Published
2001-12-31
Updated
2017-07-29
Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.
Max CVSS
7.5
EPSS Score
0.23%
Published
2001-12-31
Updated
2024-02-10
Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session ID's from cookies and gain unauthorized access via a brute force attack.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-12-31
Updated
2008-09-05
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.
Max CVSS
7.5
EPSS Score
0.21%
Published
2001-12-31
Updated
2008-09-05
Cayman 3220-H DSL Router 1.0 ship without a password set, which allows remote attackers to gain unauthorized access.
Max CVSS
7.5
EPSS Score
2.26%
Published
2001-06-11
Updated
2017-07-11
The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped with a default password, which allows remote attackers to gain unauthorized access.
Max CVSS
7.5
EPSS Score
3.65%
Published
2001-05-24
Updated
2017-07-11
Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access.
Max CVSS
7.5
EPSS Score
1.82%
Published
2001-04-10
Updated
2017-07-11
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.
Max CVSS
7.5
EPSS Score
2.41%
Published
2001-07-04
Updated
2017-12-19
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST.
Max CVSS
7.5
EPSS Score
75.50%
Published
2001-05-30
Updated
2017-12-19
CVE-2001-0537
Public exploit
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
Max CVSS
9.3
EPSS Score
87.68%
Published
2001-07-21
Updated
2017-10-10
CVE-2001-0311
Public exploit
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
Max CVSS
4.6
EPSS Score
0.10%
Published
2001-06-02
Updated
2017-10-10
11 vulnerabilities found