CVE-2004-2555

Riverdeep FoolProof Security <3.9.x - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2555. PoCs published by Cyrillium Security.

AI-analyzed exploit summary This exploit recovers the FoolProof 'Administrator' password by manipulating the password recovery algorithm using a provided recovery key and control password. It demonstrates a weakness in FoolProof Security's password recovery system.

Description

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cyrillium Security · clocalwindows

https://www.exploit-db.com/exploits/24171

View Code ZIP pw:eip

This exploit recovers the FoolProof 'Administrator' password by manipulating the password recovery algorithm using a provided recovery key and control password. It demonstrates a weakness in FoolProof Security's password recovery system.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: FoolProof versions 3.9.7 for Windows 98/ME and 3.9.4 for Windows 95

No auth needed

Prerequisites: Recovery key in hexadecimal format · Control password

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit vdb-entry x_refsource_osvdb

http://www.osvdb.org/6735

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/16327

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/11790

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10467

Exploit mailing-list x_refsource_fulldisc

http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0081.html

Scores

EPSS 0.0083

EPSS Percentile 52.9%

Details

Status published

Products (3)

smartstuff/foolproof_security 3.9

smartstuff/foolproof_security 3.9.4

smartstuff/foolproof_security 3.9.7

Published Dec 31, 2004

Tracked Since Feb 18, 2026