Read Time:37 Second
Description
The software records password hashes in a data store, receives a hash of a password from a client, and compares the supplied hash to the hash obtained from the data store.
Modes of Introduction:
– Implementation
Likelihood of Exploit:
Related Weaknesses
Consequences
Access Control: Bypass Protection Mechanism, Gain Privileges or Assume Identity
An attacker could bypass the authentication routine without knowing the original password.
Potential Mitigations
CVE References
- CVE-2009-1283
- Product performs authentication with user-supplied password hashes that can be obtained from a separate SQL injection vulnerability (CVE-2009-1282).
- CVE-2005-3435
- Product allows attackers to bypass authentication by obtaining the password hash for another user and specifying the hash in the pwd argument.