2001-11-22 05:00:00
mitre
PUBLISHED
ibillpm.pl in iBill password management system generates weak passwords based on a clients MASTER_ACCOUNT, which allows remote attackers to modify account information in the .htpasswd file via brute force password guessing.