CVE-2001-1169

Name of the Vulnerable Software and Affected Versions S/Key (affected versions not specified)

Description The issue concerns the keyinit functionality in S/Key, which does not require authentication to initialize a one-time password sequence. This allows an attacker with gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.