CVE-2001-1169 Information

Description

keyinit in S/Key does not require authentication to initialize a one-time password sequence which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication such as sudo.

Reference

http://archives.neohapsis.com/archives/bugtraq/2001-08/0441.html