CVE-2005-4860 Information

Description

Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file which makes it easier for local users to gain privileges by decrypting a password.

Reference

http://marc.info/?l=bugtraq&m=111229613907550&w=2 http://secunia.com/advisories/13985 http://www.portcullis.co.uk/uplds/advisories/Portcullis20Security20Advisory2005-00220Spectrum20Cash20Receipting20System20Weak20Password20Protection20Vulnerability.txt