2022-03-21 23:45:15
Sophos
PUBLISHED
Confd log files contain local users, including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.