4.2.8.2

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

knox-software

critical

NVD

Published: 2001-08-31

Updated: 2008-09-05

Summary

Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Knox_Software Knox Software Arkeia 4.2 Knox Software Arkeia 4.2.8.2	2

References

http://archives.neohapsis.com/archives/bugtraq/2001-08/0228.html
http://www.securityfocus.com/bid/3203