Vulnerabilities > CVE-2001-1106 - Unspecified vulnerability in Sambar Server

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
sambar
exploit available

Summary

The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure.

Exploit-Db

descriptionSambar Server 4.x/5.0 Insecure Default Password Protection Vulnerability. CVE-2001-1106. Remote exploits for multiple platform
idEDB-ID:21027
last seen2016-02-02
modified2001-07-25
published2001-07-25
reporter3APA3A
sourcehttps://www.exploit-db.com/download/21027/
titleSambar Server 4.x/5.0 Insecure Default Password Protection Vulnerability