Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re: IRCXpro 1.0 - Clear local and default remote admin passwords]
From: northern snowfall <dbailey27 () ameritech net>
Date: Tue, 03 Jun 2003 12:13:21 -0500
Then in this case this would be an operating system vulnerability.

Overuse in the use of encrypted passwords can be counter productive to
functionality.
There are good reasons to keep passwords clear text passwords to better
interface with other software.
For example Merak Mail server software
(http://www.icewarp.com/Products/Merak_Email_Server_Software/)
When using this mail server, it can store the accounts on an SQL Server.
The passwords are stored clear text.  This enables other software to
interface with its data to create and sync its accounts/passwords with other
systems.


Wow.

http://deadchildren.org/~north_






_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • Re: IRCXpro 1.0 - Clear local and default remote admin passwords] northern snowfall (Jun 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]