← CVECheck
HomeVulnerabilities

CVE-2001-1354 — MEDIUM severity vulnerability (NetWin Authentication module (NWAuth) 2.0 and 3.0b, as imple)

NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.

CVE IDCVE-2001-1354
SeverityMEDIUM
CVSS score4.6
CVSS vectorAV:L/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-07-20
Last modified2026-04-16
DescriptionNetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →