« Firefox and Thunderbird updates | Main | Microsoft Genuine Advantage cracked »
July 27, 2005
Domino Passwords Vulnerable for Web-Users
An advisory by CybSec S.A. released yesterday describes a possibility for users with read-access to the person documents in names.nsf using a web-browser to retrieve the password hash of users. Available cracker tools can then retrieve the plain password. A workaround is described as well, which requries the modification of a sub-form in names.nsf.
Posted by Carlos Nossa at July 27, 2005 1:24 PM
Comments
Post a comment
Thanks for signing in, . Now you can comment. (sign out)
(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)