4 matches found
PSWD.JS Insecure Password Hash Weakness
No description provided by source. source: http://www.securityfocus.com/bid/19333/info Applications running pswd.js are prone to an insecure password-hash weakness. This issue is due to a design flaw that results in password hashes being created in an insecure manner. This issue allows attackers ...
CVE-2006-4068
The pswd.js script relies on the client to calculate whether a username and password match hard-coded hashed values for a server, and uses a hashing scheme that creates a large number of collisions, which makes it easier for remote attackers to conduct offline brute force attacks. NOTE: this scri...
CVE-2006-4068
The pswd.js script relies on the client to calculate whether a username and password match hard-coded hashed values for a server, and uses a hashing scheme that creates a large number of collisions, which makes it easier for remote attackers to conduct offline brute force attacks. NOTE: this scri...
CVE-2006-4068
The CVE concerns a client-side pswd.js script that relies on the user’s environment to verify a username/password against hard-coded hashed values on the server. The hashing scheme reportedly produces a large number of collisions, which can ease offline brute-force attempts by an attacker. The de...