VULHUB ™

Demarc PureSecure is a commercially available graphical front-end for Snort, in addition to being a generalized network monitoring solution. Snort is a popular open-source NIDS (Network Intrusion Detection System). Demarc will run on most Linux and Unix variants, as well as Microsoft Windows NT/2000/XP operating systems. Users are authenticated into the Demarc PureSecure Snort front-end via a MySQL database. The password used by Demarc is allegedly not properly salted before it is encrypted. The result is that the first two characters remain in plaintext. Additionally, the strength of the encryption algorithm is weakened significantly. The hash of the weakly encrypted password may be viewed by a local attacker who has access to the Snort database. A local attacker may theoretically exploit this issue to mount a dictionary attack against the weakly encrypted authentication credential.

Demarc PureSecure is a commercially available graphical front-end for Snort, in addition to being a generalized network monitoring solution. Snort is a popular open-source NIDS (Network Intrusion Detection System). Demarc will run on most Linux and Unix variants, as well as Microsoft Windows NT/2000/XP operating systems. Users are authenticated into the Demarc PureSecure Snort front-end via a MySQL database. The password used by Demarc is allegedly not properly salted before it is encrypted. The result is that the first two characters remain in plaintext. Additionally, the strength of the encryption algorithm is weakened significantly. The hash of the weakly encrypted password may be viewed by a local attacker who has access to the Snort database. A local attacker may theoretically exploit this issue to mount a dictionary attack against the weakly encrypted authentication credential.