CVE-2005-4860

CVE-2005-4860

EPSS 0.2%

Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://marc.info/?l=bugtraq&m=111229613907550&w=2 http://secunia.com/advisories/13985 http://www.portcullis.co.uk/uplds/advisories/Portcullis%20Security%20Advisory%2005-002%20Spectrum%20Cash%20Receipting%20System%20Weak%20Password%20Protection%20Vulnerability.txt