VYPR
Unrated severityNVD Advisory· Published Feb 8, 2006· Updated Jun 16, 2026

CVE-2006-0584

CVE-2006-0584

Description

The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 with a fixed DES key to store user passwords, which makes it easier for local users to guess passwords using a dictionary attack that compares output strings.

Affected products

8
  • cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:peoplesoft:peopletools:8.40:*:*:*:*:*:*:*
    • cpe:2.3:a:peoplesoft:peopletools:8.41:*:*:*:*:*:*:*
    • cpe:2.3:a:peoplesoft:peopletools:8.42:*:*:*:*:*:*:*
    • cpe:2.3:a:peoplesoft:peopletools:8.43:*:*:*:*:*:*:*
    • cpe:2.3:a:peoplesoft:peopletools:8.45.5:*:*:*:*:*:*:*
    • cpe:2.3:a:peoplesoft:peopletools:8.46.3:*:*:*:*:*:*:*
    • (no CPE)range: 8.4.x

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.