Weak Encryption in Windows 95 Password List File (PWL) Allows Privilege Escalation

Weak Encryption in Windows 95 Password List File (PWL) Allows Privilege Escalation

CVE-1999-1104 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.

Learn more about our User Device Pen Test.