CVE-2002-0706 Information

Description

UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function.

Reference

http://marc.info/?l=bugtraq&m=103359690824103&w=2 http://www.iss.net/security_center/static/10247.php http://www.osvdb.org/3491 http://www.westpoint.ltd.uk/advisories/wp-02-0005.txt