CVE-2001-1354

2001-07-20T04:00:00
ID CVE-2001-1354
Type cve
Reporter cve@mitre.org
Modified 2017-12-19T02:29:00

Description

NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.