Macromedia Dreamweaver Weak FTP Password Encryption

1998-06-11T00:00:00
ID OSVDB:6641
Type osvdb
Reporter Jeff Forristal(jeff@neohapsis.com)
Modified 1998-06-11T00:00:00

Description

Vulnerability Description

Dreamweaver contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to weakly encrypted passwords, which may lead to a loss of confidentiality.

Solution Description

Upgrade to version 4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Dreamweaver contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to weakly encrypted passwords, which may lead to a loss of confidentiality.

References:

Vendor URL: http://www.macromedia.com/software/dreamweaver/ Security Tracker: 1005529 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1998_2/0506.html ISS X-Force ID: 1636 CVE-1999-1271