Weak Encryption Vulnerability in ARCserve NT Agents by CA Technologies
CVE-1999-1049

Currently unrated

Key Information:

Vendor: Broadcom
Status: Arcserve Backup
Vendor: CVE Published:; 21 February 1999

What is CVE-1999-1049?

The ARCserve NT agents utilize weak XOR-based encryption for storing and transmitting passwords. This vulnerability enables remote attackers to intercept and capture authentication requests sent to port 6050. By exploiting this flaw, malicious actors can easily decrypt the transmitted passwords, gaining unauthorized access to sensitive information and administrative controls. Organizations relying on ARCserve NT agents are advised to implement stronger encryption mechanisms to safeguard authentic data and reduce potential risks.

References

http://marc.info/?l=bugtraq&m=91972006211238&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Feb 21, 1999

Broadcom

What is CVE-1999-1049?

References

Timeline