Veracode reports issue on jtds-1.3.1.jar

Brought to you by: ickzon

#742 Veracode reports issue on jtds-1.3.1.jar

Milestone: v1.3

Status: wont-fix

Owner: momo

Labels: None

Priority: 1

Updated: 2015-03-06

Created: 2015-02-23

Creator: Senthil K Selvam

Private: No

Hi, Am using jtds-1.3.1.jar in one of my component. When I submitted the jtds-1.3.1.jar for veracode scan, Veracode reported a Sev 5 defect saying "Use of a Broken or Risky Cryptographic Algorithm" on MD5Digest.java line number 41.

Could you please visit this and let me know if there is a future version that has this defect addressed? Thanks in Advance....

Discussion

momo - 2015-03-06

status: open --> wont-fix

assigned_to: momo
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

momo - 2015-03-06

This isn't a defect at all. MD5 hashes are required for NTLM authentication.

Cheers,
momo

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Veracode reports issue on jtds-1.3.1.jar

Group

Searches

Help

#742 Veracode reports issue on jtds-1.3.1.jar

Discussion