Description

Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password.

Remediation

References

CVE-2002-1872

Related Vulnerabilities

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9414)

WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Vulnerabilities (2.25.1)

WordPress Plugin StatPress Multiple Unspecified Vulnerabilities (1.4.1)

WordPress Plugin Delete All Comments Easily Cross-Site Request Forgery (1.3)

WordPress Plugin XData Toolkit Arbitrary File Upload (1.9)

Severity

Medium

Classification

CVE-2002-1872

Tags

Missing Update Known Vulnerabilities