CVE-2005-4145

Name of the Vulnerable Software and Affected Versions Lyris ListManager versions 5.0 through 8.9b

Description The issue allows remote attackers to gain access to the database via a brute force attack due to a weak password configuration for the sa account. The password uses a small search space, consisting of the string "lyris" and up to 5 digits, which may be derived from the process ID.

Recommendations For Lyris ListManager versions 5.0 through 8.9b, consider changing the password for the sa account to a stronger, more complex password to prevent brute force attacks. As a temporary workaround, restrict remote access to the database to minimize the risk of exploitation.