11 lines
No EOL
757 B
Text
11 lines
No EOL
757 B
Text
source: http://www.securityfocus.com/bid/2482/info
|
|
|
|
Versions of IBM NetCommerce and WebSphere Commerce Suite ecommerce packages employ weak password encryption for their users' and administrators' passwords.
|
|
|
|
This encryption is defeatable using a widely-published decryption tool.
|
|
|
|
Compromise of the user accounts could result in disclosure of sensitive information and interference with the normal operation of the affected website.
|
|
|
|
Compromise of administrator accounts could result in disclosure of sensitive information, changes to website functionality, and, potentially, could assist in further compromises of security on the affected host.
|
|
|
|
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/20685.zip |