Weak Encryption of User Password in Starfish Truesync Desktop 2.0b on REX 5000 PDA Allows Privilege Escalation
CVE-2001-1005 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user password in a registry key, which allows attackers who have access to the registry key to decrypt the password and gain privileges.
Learn more about our Cis Benchmark Audit For Desktop Software.