Vulnerabilities > CVE-2001-1106 - Unspecified vulnerability in Sambar Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 9 |
Exploit-Db
description | Sambar Server 4.x/5.0 Insecure Default Password Protection Vulnerability. CVE-2001-1106. Remote exploits for multiple platform |
id | EDB-ID:21027 |
last seen | 2016-02-02 |
modified | 2001-07-25 |
published | 2001-07-25 |
reporter | 3APA3A |
source | https://www.exploit-db.com/download/21027/ |
title | Sambar Server 4.x/5.0 Insecure Default Password Protection Vulnerability |