Unrated severityNVD Advisory· Published Feb 8, 2006· Updated Jun 16, 2026
CVE-2006-0584
CVE-2006-0584
Description
The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 with a fixed DES key to store user passwords, which makes it easier for local users to guess passwords using a dictionary attack that compares output strings.
Affected products
8cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.40:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.41:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.42:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.43:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.45.5:*:*:*:*:*:*:*
- cpe:2.3:a:peoplesoft:peopletools:8.46.3:*:*:*:*:*:*:*
- (no CPE)range: 8.4.x
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.