| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: scottp at dreamwright.com (Scott Phelps) Subject: IpSwitch IMail Server <= ver 8.1 User Password At one time, the command line utility to do this was actually linked from Ipswitches "third parties utilities" web site. -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Anonymous Sent: Monday, August 16, 2004 10:35 PM To: Adik; full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] IpSwitch IMail Server <= ver 8.1 User Password >From eEye's "darker" days: http://www.w00w00.org/advisories/imailpass.html At 11:18 PM 8/16/2004 +0600, Adik wrote: >Hi fellaz, > >IpSwitch IMail Server version up to 8.1 uses weak encryption algorithm to >encrypt its user passwords. Have a look at attached proof of concept tool, >which will decrypt user password from local machine instantly. > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists