Weak Encryption Flaw in eTrust Intrusion Detection System by Computer Associates
CVE-2000-0559

Currently unrated

Key Information:

Vendor

Broadcom
Status
Etrust Intrusion Detection
Vendor
CVE Published:
7 June 2000

What is CVE-2000-0559?

The eTrust Intrusion Detection System, previously known as SessionWall-3, is notably affected by a vulnerability involving weak encryption methods. Specifically, it employs XOR encryption to secure administrative passwords stored in the system registry. This flawed approach allows local users to easily decrypt the stored passwords, compromising the security of administrative access. As a result, unauthorized individuals may gain access to sensitive data or system controls, raising significant security concerns for organizations utilizing this solution.

References

http://www.securityfocus.com/templates/archive.pike?list=...
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/1341
vdb-entryx_refsource_BID

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.