4 matches found
Code injection
The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS 5 with a fixed DES key to store user passwords, which makes it easier for local users to guess passwords using a dictionary attack that compares output strings...
CVE-2006-0584
The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS 5 with a fixed DES key to store user passwords, which makes it easier for local users to guess passwords using a dictionary attack that compares output strings...
Peoplesoft People Tools PSCipher() function weak encryption
Weak DES block cypher without feedback is used...
PeopleSoft (Oracle) PSCipher Encryption Weakness
Vendor: PeopleSoft Product: People Tools Version: 8.4x Platform: Multi-platform Title: Weak Encryption Description: PeopleSoft uses PSCipher for encryption/hashing purposes. Based on observations from the output of PSCipher and on our familiarity with the cryptographic library objects and methods...