11 lines
No EOL
688 B
Text
11 lines
No EOL
688 B
Text
source: https://www.securityfocus.com/bid/3095/info
|
|
|
|
Sambar Server is a multi-threaded HTTP server for Microsoft Windows and Unix systems.
|
|
|
|
Sambar Server provides insecure default protection for user passwords.
|
|
|
|
The default password decryption algorithm employs only a single key, built into the server binary. If the key is recovered, user passwords may be extracted.
|
|
|
|
Compromise of the webserver's passwords could allow a local attacker to compromise the website's design and function, obtain confidential or security-sensitive information which could lead to further compromises of the host.
|
|
|
|
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/21027.zip |