Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=111229613907550&w=2 | Mailing List |
http://secunia.com/advisories/13985 | Broken Link Vendor Advisory |
http://www.portcullis.co.uk/uplds/advisories/Portcullis%20Security%20Advisory%2005-002%20Spectrum%20Cash%20Receipting%20System%20Weak%20Password%20Protection%20Vulnerability.txt | Broken Link |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:22:44
Updated: 2022-10-03T16:22:44
Reserved: 2022-10-03T00:00:00
Link: CVE-2005-4860
JSON object: View
NVD Information
Status : Analyzed
Published: 2005-12-31T05:00:00.000
Modified: 2024-02-14T16:54:03.350
Link: CVE-2005-4860
JSON object: View
Redhat Information
No data.
CWE