CVE-2001-1003: Weak Encryption
First published: Fri Aug 31 2001(Updated: )
Respondus 1.1.2 for WebCT uses weak encryption to remember usernames and passwords, which allows local users who can read the WEBCT.SVR file to decrypt the passwords and gain additional privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WebCT | =1.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-1003?
CVE-2001-1003 is rated as a high severity vulnerability due to the weak encryption used, which can lead to unauthorized access.
How do I fix CVE-2001-1003?
To fix CVE-2001-1003, upgrade to a version of Respondus that uses stronger encryption methods for storing credentials.
What are the risks associated with CVE-2001-1003?
The risks include unauthorized access to sensitive information and potential escalation of privileges for local users.
Who is affected by CVE-2001-1003?
Users of Respondus 1.1.2 for WebCT are affected by CVE-2001-1003 due to its insecure handling of usernames and passwords.
Is there any workaround for CVE-2001-1003?
There are no recommended workarounds for CVE-2001-1003; upgrading to a secure version is the best course of action.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- vendor/webct
- product/respondus
- canonical/webct respondus
- agent/software-canonical-lookup-request
- collector/nvd-index
- canonical/webct
- version/webct/1.1.2