NetWin DMail 2.x,SurgeFTP 1.0/2.0 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3075/info The Netwin Authentication module, or NWAuth, is an external authentication module used by several Netwin products. A simple one-way hash function is used by NWAuth to perform password encryption operations. As a...

CVE-2001-1355

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail and SurgeFTP (and possibly other packages), could allow attackers to execute arbitrary code via long arguments to the -del or -lookup commands. The vulnerability is a result of unsafe handling of l...