Weak Password Encryption in Cisco PIX Firewall
CVE-2002-0954

Currently unrated

Key Information:

Vendor: Cisco
Status: Pix Firewall
Vendor: CVE Published:; 4 October 2002

What is CVE-2002-0954?

The Cisco PIX Firewall's encryption algorithms for the 'enable' and 'passwd' commands are vulnerable due to a limited number of rounds, making it susceptible to brute force attacks. This flaw allows attackers to quickly decrypt passwords, compromising system security and allowing unauthorized access.

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/...

mailing-listx_refsource_VULNWATCH

http://marc.info/?l=bugtraq&m=102651159507659&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 16, 2002