CVE-2000-0559

eTrust Intrusion Detection System - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0559. PoCs published by Phate.net.

AI-analyzed exploit summary The exploit describes a weak encryption scheme in Computer Associates eTrust Intrusion Detection System, allowing decryption of the admin password stored in the registry via XOR techniques or a provided tool. The password and key are stored in a specific registry location.

Description

eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Phate.net · textlocalwindows

https://www.exploit-db.com/exploits/20012

View Code ZIP pw:eip

The exploit describes a weak encryption scheme in Computer Associates eTrust Intrusion Detection System, allowing decryption of the admin password stored in the registry via XOR techniques or a provided tool. The password and key are stored in a specific registry location.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Computer Associates eTrust Intrusion Detection System (formerly SessionWall-3)

No auth needed

Prerequisites: Access to the registry (local or remote)

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.BSO.4.21.0006072124320.28062-100000%40bearclaw.bogus.net

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1341

Scores

EPSS 0.0021

EPSS Percentile 43.5%

Details

Status published

Products (1)

broadcom/etrust_intrusion_detection < 1.4.1.13

Published Jun 07, 2000

Tracked Since Feb 18, 2026