漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
S/Key漏洞
Vulnerability Description
S/Key的keyinit不能要求认证初始化一次性密码序列。提升特权的攻击者去用户账户创建新一次性密码用在其他可能使用S/Key认证的活动中,如sudo。
CVSS Information
N/A
Vulnerability Type
N/A