Description

Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password.

Remediation

References

CVE-2002-1872

Related Vulnerabilities

WordPress Plugin SMTP by BestWebSoft Cross-Site Scripting (1.0.9)

Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.19)

phpBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-3880)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-1460)

Grafana Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-21703)

Severity

Medium

Classification

CVE-2002-1872

Tags

Missing Update Known Vulnerabilities