Unrated severityNVD Advisory· Published Apr 11, 2001· Updated Apr 16, 2026

CVE-2001-1467

Description

mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.

Affected products

Don Libes/Expect
cpe:2.3:a:don_libes:expect:5.2.8:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/527736nvdUS Government Resource
archives.neohapsis.com/archives/bugtraq/2001-04/0173.htmlnvd
archives.neohapsis.com/archives/bugtraq/2001-04/0192.htmlnvd
securitytracker.com/idnvd
www.securityfocus.com/bid/2632nvd
exchange.xforce.ibmcloud.com/vulnerabilities/6382nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000