VAR-200112-0256
Vulnerability from variot - Updated: 2025-04-03 22:39Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN. Xircom Rex 6000 PDA users can install Rextools on their desktop in order to manage the content on their MicroPDA device. A flaw exists in the transfer of the pin code information from the PDA to the Rextools application. The Rex 6000 sends the authentication information in plain text. The Xircom REX 6000 version is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200112-0256",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xircom rex 6000",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "1"
},
{
"model": "xircom rex 6000",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "*"
},
{
"model": "xircom rex 6000",
"scope": null,
"trust": 0.6,
"vendor": "intel",
"version": null
},
{
"model": "rex",
"scope": "eq",
"trust": 0.3,
"vendor": "xircom",
"version": "6000"
}
],
"sources": [
{
"db": "BID",
"id": "3574"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172"
},
{
"db": "NVD",
"id": "CVE-2001-1520"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq by Daniel Jonsson \u003cdaniel2@algonet.se\u003e on November 23, 2001.",
"sources": [
{
"db": "BID",
"id": "3574"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1520",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2001-1520",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-4321",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1520",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-200112-172",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-4321",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4321"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172"
},
{
"db": "NVD",
"id": "CVE-2001-1520"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN. Xircom Rex 6000 PDA users can install Rextools on their desktop in order to manage the content on their MicroPDA device. \nA flaw exists in the transfer of the pin code information from the PDA to the Rextools application. The Rex 6000 sends the authentication information in plain text. The Xircom REX 6000 version is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1520"
},
{
"db": "BID",
"id": "3574"
},
{
"db": "VULHUB",
"id": "VHN-4321"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3574",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1520",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172",
"trust": 0.7
},
{
"db": "XF",
"id": "6000",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011123 XIRCOM REX6000 PDA PASSWORD RETRIEVAL",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4321",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4321"
},
{
"db": "BID",
"id": "3574"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172"
},
{
"db": "NVD",
"id": "CVE-2001-1520"
}
]
},
"id": "VAR-200112-0256",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4321"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:39:10.290000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1520"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3574"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-11/0187.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/7584.php"
},
{
"trust": 0.3,
"url": "http://www.rex.net/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4321"
},
{
"db": "BID",
"id": "3574"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172"
},
{
"db": "NVD",
"id": "CVE-2001-1520"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4321"
},
{
"db": "BID",
"id": "3574"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172"
},
{
"db": "NVD",
"id": "CVE-2001-1520"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-4321"
},
{
"date": "2001-11-23T00:00:00",
"db": "BID",
"id": "3574"
},
{
"date": "2001-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200112-172"
},
{
"date": "2001-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2001-1520"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-4321"
},
{
"date": "2001-11-23T00:00:00",
"db": "BID",
"id": "3574"
},
{
"date": "2006-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200112-172"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1520"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "3574"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xircom Rex 6000 Password Retrieval Vulnerability",
"sources": [
{
"db": "BID",
"id": "3574"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "3574"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-172"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…