3 matches found
CVE-2001-1356
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021...
CVE-2001-1356
Affected software: NetWin SurgeFTP 2.0f and earlier. Vulnerability: passwords are encrypted with weak hashing, a fixed salt, and modulo 40 arithmetic, enabling remote attackers to perform brute‑force password guessing against the administrator account on port 7021. Impact: attacker could compromi...
CVE-2001-1356
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021...