lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <002c01c37214$f9416230$0bac07d5@remote>
Date: Wed, 3 Sep 2003 14:14:37 +0200
From: "Florian Rock" <florianrock@....de>
To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.netsys.com>,
   <vuln@...unia.com>
Subject: SMC Router safe Login in plaintext

I found that the SMC Barricade SMC-7404BRB safe the Login for the Provider safe in plaintext!!!

If you go to PPPoE and look a the source code you found the password in plaintext.
Here a pic from the HTML site:

If you look at Source you can find the line:
<input type="password" name="p_passwd" size="25" maxlength="60" value="00000000"></font> 
The password is safe in plaintext!!! 00000000 = password in plaintext


Content of type "text/html" skipped

Download attachment "smc.jpg" of type "image/jpeg" (108266 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ