CVE-2001-1291
First published: Thu Jul 12 2001(Updated: )
The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers who provide an incorrect username or password, which makes it easier to break into the server via brute force password guessing.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| 3Com SuperStack II PS Hub 40 | =40 | |
| All of | ||
| 3Com SuperStack II PS Hub 40 Firmware | ||
| 3Com SuperStack II PS Hub 40 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-1291?
CVE-2001-1291 has a high severity rating due to its ease of exploitation through brute force attacks.
How do I fix CVE-2001-1291?
To fix CVE-2001-1291, configure your telnet server to implement account lockout or delay mechanisms for failed login attempts.
Which devices are affected by CVE-2001-1291?
CVE-2001-1291 affects 3Com hardware, particularly the PS40 SuperStack II models.
Can CVE-2001-1291 lead to unauthorized access?
Yes, CVE-2001-1291 can lead to unauthorized access as it allows attackers to repeatedly guess passwords without any lockout.
Is CVE-2001-1291 still relevant today?
While CVE-2001-1291 is an older vulnerability, it remains relevant in environments that still utilize vulnerable 3Com hardware.
- agent/first-publish-date
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/3com
- canonical/3com superstack ii ps hub 40
- version/3com superstack ii ps hub 40/40
- canonical/3com superstack ii ps hub 40 firmware