CVE-2001-0978

Name of the Vulnerable Software and Affected Versions HP-UX version 10.26

Description The issue allows attackers to conduct brute force password guessing attacks without being detected, as failed login attempts are not recorded in /var/adm/btmp. This means that the lastb program cannot be used to observe these attempts.

Recommendations For HP-UX version 10.26, consider implementing an alternative logging mechanism to record failed login attempts, or apply a configuration change to enable the recording of such attempts in /var/adm/btmp to facilitate detection using the lastb program.