CVE-2001-1359

Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server.

Score10.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published2001-06-08 12:00:00.000-04
Last Modified2017-10-09 09:30:02.000-04

Vulnerable Software List

VendorProductVersions
Caldera Volution 1.0, 1.0.6, 1.0.7

References

SourceLink
CALDERACSSA-2001-021.0
BID2850
XFvolution-authentication-failure-access(6672)