CVE-2001-1000

Merit AAA Server <5.01 - Info Disclosure

Title source: llm

Description

rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allows local users to read arbitrary files via a symlink attack on the rlmadmin.help file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Digital Shadow · bashlocalunix

https://www.exploit-db.com/exploits/21101

View Code ZIP pw:eip

References (3)

[Exploit, Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2001-09/0036.html

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/3302

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/7096

Scores

EPSS 0.0038

EPSS Percentile 59.4%

Details

Status published

Products (2)

merit/aaa_radius_server 3.8m

merit/aaa_radius_server 5.01

Published Sep 07, 2001

Tracked Since Feb 18, 2026