PT-2000-1865 · Shambala · Shambala Server

Published

2000-12-19

Updated

2017-12-19

CVE-2000-0954

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Shambala Server version 4.5

Description The issue allows local users to obtain passwords stored in plaintext, potentially compromising the server.

Recommendations For version 4.5, update the password storage mechanism to use a secure method, such as hashing and salting, to protect user passwords.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0954

Affected Products

Shambala Server

PT-2000-1865 · Shambala · Shambala Server

CVE-2000-0954

Related Identifiers

Affected Products

References · 4