Weak XOR Encryption of Administrative Passwords in eTrust Intrusion Detection System

Weak XOR Encryption of Administrative Passwords in eTrust Intrusion Detection System

CVE-2000-0559 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords.

Learn more about our User Device Pen Test.