CVE-2004-2555

Sažetak

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0081.html
http://secunia.com/advisories/11790
http://www.osvdb.org/6735
http://www.securityfocus.com/bid/10467
https://exchange.xforce.ibmcloud.com/vulnerabilities/16327

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-07-2017 - 01:32

Objavljeno

31-12-2004 - 05:00