Weak Password Hashing in NetWin Authentication Module for SurgeFTP and DMail
CVE-2001-1354

Currently unrated

Key Information:

Vendor: Netwin
Status: Dmail; Surgeftp
Vendor: CVE Published:; 20 July 2001

What is CVE-2001-1354?

The NetWin Authentication module, utilized in applications like SurgeFTP and DMail, exhibits vulnerabilities due to its weak password hashing mechanism. This weakness can potentially enable local users to decipher passwords or exploit alternative passwords that produce identical hash values as the legitimate passwords, leading to unauthorized access and security breaches.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/6866

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/3075

vdb-entryx_refsource_BID

http://online.securityfocus.com/archive/1/198293

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Jun 7, 2002
Vulnerability published
Jul 20, 2001

Netwin

What is CVE-2001-1354?

References

Timeline