Vulnerability Details CVE-2001-1169
keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.6%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2001-1169
-
cpe:2.3:o:bell_communications_research:s_key:gold