CVE-2001-0553

SSH Secure Shell 3.0.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0553. PoCs published by hypoclear.

AI-analyzed exploit summary This Perl script scans a local system for the SSH Short Password Login Vulnerability (CVE-2001-0553) by checking if SSH 3.0.0 is running and if any accounts have passwords with two or fewer characters in the /etc/shadow file. It requires superuser access to read the shadow file.

Description

SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field.

Exploits (1)

exploitdb SCANNER VERIFIED

by hypoclear · perlremoteunix

https://www.exploit-db.com/exploits/21021

View Code ZIP pw:eip

This Perl script scans a local system for the SSH Short Password Login Vulnerability (CVE-2001-0553) by checking if SSH 3.0.0 is running and if any accounts have passwords with two or fewer characters in the /etc/shadow file. It requires superuser access to read the shadow file.

Classification

Scanner 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: SSH daemon (sshd) 3.0.0

Auth required

Prerequisites: Superuser access on the target system · SSH 3.0.0 running on the target system

MITRE ATT&CK