RSS   Vulnerabilities for 'Supercrypt'   RSS

2008-02-04
 
CVE-2008-0581

CWE-264
 

 
Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch.

 
 
CVE-2007-6340

CWE-255
 

 
Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector (IV), which makes it easier for local users to obtain cleartext passwords.

 

 >>> Vendor: Moernaut 2 Products
Lsrunase
Supercrypt


Copyright 2024, cxsecurity.com

 

Back to Top