| Vulnerability Name: | CVE-2001-1291 (CCN-6855) | ||||||||
| Assigned: | 2001-07-12 | ||||||||
| Published: | 2001-07-12 | ||||||||
| Updated: | 2017-10-10 | ||||||||
| Summary: | The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers who provide an incorrect username or password, which makes it easier to break into the server via brute force password guessing. | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Thu Jul 12 2001 - 15:46:44 CDT 3Com TelnetD Source: MITRE Type: CNA CVE-2001-1291 Source: CCN Type: OSVDB ID: 5435 3Com Telnet Server Brute Force Attack Source: BUGTRAQ Type: Vendor Advisory 20010712 3Com TelnetD Source: BID Type: Exploit, Vendor Advisory 3034 Source: CCN Type: BID-3034 3Com TelnetD Weak Password Protection Vulnerability Source: XF Type: UNKNOWN 3com-telnetd-brute-force(6855) Source: XF Type: UNKNOWN 3com-telnetd-brute-force(6855) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||