ArGoSoft FTP Server 1.2.2.2 - Weak Password Encryption

ArGoSoft FTP Server 1.2.2.2 - Weak Password Encryption // source: https://www.securityfocus.com/bid/3029/info ArGoSoft FTP server is an FTP server for the Windows platform. A design error exists in ArGoSoft FTP which enables an authenticated user to view other users encrypted passwords. However d...

CVE-2000-1158

NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords...

Decrypting passwords for SmartServer 3

Product: Smart Server 3 by NetCPlus Version: 3.75 others? OS: Windows NT/2000/9x Description: SmartServer3 SS3 is a small business email server from NetCPlus. It installs by default in C:Program Filessmartserver3 . In this folder it stores a configuration file called 'dialsrv.ini' . This file is...

CVE-2000-0789

The CVE-2000-0789 entry targets WinU 5.x and earlier. The vulnerability arises because the product stores its configuration password with weak encryption, enabling local users to decrypt the password and gain privileges. This is based on the NVD/CVE descriptions indicating weak encryption used fo...

CVE-2000-0625

CVE-2000-0625 refers to NetZero 3.0 and earlier, which stores login credentials using weak encryption. The underlying issue is insecure storage that allows a local user to decrypt the password. No remediation details are provided in the sources; the impact is partial confidentiality and integrity...

CVE-2000-0492

PassWD 1.2 uses weak encryption trivial encoding to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords...

CVE-2000-0492

CVE-2000-0492 concerns PassWD 1.2, where passwords are stored with weak, trivially decodable encryption. The vulnerability occurs because the password file can be read and the stored passwords decrypted due to the weak encoding. Affected component: PassWD 1.2 password storage. Root cause: use of ...

Computer Associates eTrust Intrusion Detection 1.4.1.13 - Weak Encryption

source: https://www.securityfocus.com/bid/1341/info A weak encryption scheme exists in Computer Associates eTrust Intrusion Detection System formerly known as SessionWall-3 password which authorizes users to view and configure the application's registry settings. Provided that either a remote or...

Computer Associates eTrust Intrusion Detection 1.4.1.13 - Weak Encryption

Computer Associates eTrust Intrusion Detection 1.4.1.13 - Weak Encryption source: https://www.securityfocus.com/bid/1341/info A weak encryption scheme exists in Computer Associates eTrust Intrusion Detection System formerly known as SessionWall-3 password which authorizes users to view and...

CVE-2000-0492

PassWD 1.2 uses weak encryption trivial encoding to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords...

CVE-2000-0326

The CVE describes Meeting Maker using a weak polyalphabetic substitution cipher for passwords, enabling remote attackers to sniff and decrypt Meeting Maker account passwords. Technical detail confirms the affected component is the password handling mechanism (encryption scheme) but does not speci...

CVE-2000-0250

The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords...

CVE-2000-0250

CVE-2000-0250 : The crypt function in QNX uses weak encryption, enabling local users to decrypt passwords. The available documents state this vulnerability stems from weak cryptography used by QNX’s crypt function, with impact described as complete confidentiality loss for locally accessible pass...

CVE-1999-0476

The CVE-1999-0476 entry concerns SCO TermVision which uses a weak password encryption algorithm. The root cause is weak encryption that allows a local user to easily decrypt passwords stored by TermVision. Impact is limited to confidentiality and integrity of password data, as described in the so...

CVE-1999-0476

A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user...

CVE-1999-1104

Windows 95 uses weak encryption for the password list .pwl file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords...

IBM Websphere 2.0/3.0 - ikeyman Weak Encrypted Password

source: https://www.securityfocus.com/bid/1763/info IBM WebSphere ships with a tool called 'ikeyman' that encrypts server certificates/key pairs when the IBM HTTP Server and SSL connections are enabled. Ikeyman stores the password in a stash file which can be easily decrypted through the use of a...

wingate.3.0.txt

Date: Mon, 5 Apr 1999 17:52:51 -0700 From: Marc To: [email protected] Subject: Multiple WinGate VulnerabilitiesTad late At first we were just going to post this advisory to our website but after the subject came up on the NTSEC list and we got a few emails telling us to post it to...

CVE-1999-1078

WSFTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges...

CVE-1999-0470

A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted...