CVE-2001-1359

Description

Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server.

Affected products

• caldera / volution1.0 – 1.0
• caldera / volution1.0.6 – 1.0.6
• caldera / volution1.0.7 – 1.0.7

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/6672
• MISChttp://www.securityfocus.com/bid/2850
• VENDOR_ADVISORYhttp://www.caldera.com/support/security/advisories/CSSA-2001-021.0.txt