CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0968

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile23.78th
PublishedAug 31, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges.

Affected Platforms (CPE)

πŸ“¦
Knox Software

Arkeia

= 4.2
πŸ“¦
Knox Software

Arkeia

= 4.2.8.2

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-08/0228.html
πŸ”— http://www.securityfocus.com/bid/3203
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-08/0228.html
πŸ”— http://www.securityfocus.com/bid/3203

Related Vulnerabilities

CVE-2015-770910.0

The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass auth...

CVE-2005-049110.0

Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 7...

CVE-2005-04969.8

Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attack...

CVE-2001-09679.8

Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, wh...