CVE-2001-1354 Information

Description

NetWin Authentication module (NWAuth) 2.0 and 3.0b as implemented in SurgeFTP DMail and possibly other packages uses weak password hashing which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.

Reference

http://online.securityfocus.com/archive/1/198293 http://www.securityfocus.com/bid/3075 https://exchange.xforce.ibmcloud.com/vulnerabilities/6866