Weekly Vulnerabilities Reports > April 9 to 15, 2001
Overview
4 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 4 high severity vulnerabilities. This weekly summary report vulnerabilities in 2 products from 2 vendors including Alcatel, and DON Libes. Vulnerabilities are notably categorized as .
- 4 reported vulnerabilities are remotely exploitables.
- 4 reported vulnerabilities are exploitable by an anonymous user.
- Alcatel has the most reported vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|
4 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2001-04-11 | CVE-2001-1467 | DON Libes | Unspecified vulnerability in DON Libes Expect 5.2.8 mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks. | 7.5 |
| 2001-04-10 | CVE-2001-1426 | Alcatel | Unspecified vulnerability in Alcatel Speed Touch Home Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote attackers to change firmware versions or the device's configurations. | 7.5 |
| 2001-04-10 | CVE-2001-1425 | Alcatel | Unspecified vulnerability in Alcatel Speed Touch Home The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login. | 7.5 |
| 2001-04-10 | CVE-2001-1424 | Alcatel | Unspecified vulnerability in Alcatel Speed Touch Home Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access. | 7.5 |
0 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|
0 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|