Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2001-1291

The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers who provide an incorrect username or password, which makes it easier to break into the server via brute force password guessing.

Published

2001-07-12T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-307

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	3com	superstack_ii_ps_hub_40_firmware	-	Yes
Hardware	3com	superstack_ii_ps_hub_40	-	No

References

http://www.securityfocus.com/archive/1/196957 Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/3034 Broken Link, Exploit, Third Party Advisory, VDB Entry, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/6855 Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/archive/1/196957 Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/3034 Broken Link, Exploit, Third Party Advisory, VDB Entry, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6855 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)