CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0967

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0700%
EPSS Percentile14.34th
PublishedAug 31, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password guessing.

Affected Platforms (CPE)

πŸ“¦
Arkeia

Arkeia

= 4.2
πŸ“¦
Arkeia

Arkeia

= 4.2.8-2

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-08/0228.html
πŸ”— http://www.securityfocus.com/bid/3204
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-08/0228.html
πŸ”— http://www.securityfocus.com/bid/3204

Related Vulnerabilities

CVE-2005-049110.0

Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 7...

CVE-2015-770910.0

The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass auth...

CVE-2001-096810.0

Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local an...

CVE-2005-04969.8

Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attack...