Pswd.Js · Pswd.Js · CVE-2006-4068
**Name of the Vulnerable Software and Affected Versions**
pswd.js (affected versions not specified)
**Description**
The issue concerns the pswd.js script, which relies on the client to calculate whether a username and password match hard-coded hashed values for a server. It uses a hashing scheme that creates a large number of collisions, making it easier for remote attackers to conduct offline brute force attacks.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.