PT-2000-1431 · Passwd · Passwd

Published

2000-06-04

Updated

2008-09-10

CVE-2000-0492

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions PassWD version 1.2

Description The issue concerns the use of weak encryption, specifically trivial encoding, to store passwords. This allows an attacker with read access to the password file to easily decrypt the passwords.

Recommendations For PassWD version 1.2, consider updating the password storage mechanism to use a secure encryption method to protect passwords. As a temporary workaround, restrict access to the password file to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0492

Affected Products

Passwd

PT-2000-1431 · Passwd · Passwd

CVE-2000-0492

Related Identifiers

Affected Products

References · 4