CyberSec.Space Logo
Back to CVE Browser

CVE-2003-1096

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1950%
EPSS Percentile23.05th
PublishedDec 31, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks.

Affected Platforms (CPE)

πŸ“¦
Cisco

Leap

All versions

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=108135227731965&w=2
πŸ”— http://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtml
πŸ”— http://www.kb.cert.org/vuls/id/473108
πŸ”— http://www.osvdb.org/15209
πŸ”— http://www.securityfocus.com/archive/1/340119
πŸ”— http://www.securityfocus.com/archive/1/340365
πŸ”— http://www.securityfocus.com/bid/8755
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/12804

Related Vulnerabilities

CVE-2016-40079.8

Multiple unspecified vulnerabilities in the obs-service-extract_file package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3...

CVE-2020-80268.4

A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15...

CVE-2019-36958.4

A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing...

CVE-2019-36968.4

A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High ...