Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches.
References
Link | Resource |
---|---|
http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt | Exploit Third Party Advisory |
http://seclists.org/fulldisclosure/2018/Apr/7 | Exploit Mailing List Third Party Advisory |
https://www.exploit-db.com/exploits/44411/ | Exploit Third Party Advisory VDB Entry |
http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt | Exploit Third Party Advisory |
http://seclists.org/fulldisclosure/2018/Apr/7 | Exploit Mailing List Third Party Advisory |
https://www.exploit-db.com/exploits/44411/ | Exploit Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 04:15
Type | Values Removed | Values Added |
---|---|---|
References | () http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt - Exploit, Third Party Advisory | |
References | () http://seclists.org/fulldisclosure/2018/Apr/7 - Exploit, Mailing List, Third Party Advisory | |
References | () https://www.exploit-db.com/exploits/44411/ - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2018-04-05 17:29
Updated : 2024-11-21 04:15
NVD link : CVE-2018-9233
Mitre link : CVE-2018-9233
CVE.ORG link : CVE-2018-9233
JSON object : View
Products Affected
sophos
- endpoint_protection
CWE
CWE-916
Use of Password Hash With Insufficient Computational Effort