LiveActive security incident?Get immediate response
CVE archive

2001 CVE Archive

Browse CVE records published in 2001 CVE Archive, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 1537 matching CVEs · Page 3 of 31.

Unknown · CVSS Not scored

CVE-2001-1594: GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user...

GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, and possibly other accounts, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Published Aug 4, 2015 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-1585: SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, availabl...

SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote attackers to bypass authentication as other users by supplying a public key from that user's authorized_keys file.

Published Oct 6, 2007 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-1501: The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a den...

The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple (1) "*/..", (2) "*/.*", or (3) ".*./*?/" sequences in the argument.

Published Jun 21, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-1473: The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge...

The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows the attacker to compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target.

Published Apr 21, 2005 · Updated Aug 8, 2024