Encrypt all passwords stored on the file system

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-2146. panel Passwords are not encrypted in confluence-mail.cfg.xml nor in confluence.cfg.xml; they should be. Resolve an...

Encrypt all passwords stored on the file system

Passwords are not encrypted in confluence-mail.cfg.xml nor in confluence.cfg.xml; they should be. Resolve an encryption scheme for anything requiring security stored on the file system...

Encrypt all passwords stored on the file system

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-2146. panel Passwords are not encrypted in confluence-mail.cfg.xml nor in confluence.cfg.xml; they should be. Resolve an...

Multiple ActivePost bugs

Buffer overflows, directory traversal, weak password encryption...

AOL Instant Messenger Password Encryption Weakness

Binary data 1259.prm...

Ipswitch IMail Weak Password Encryption Weakness

Binary data 2049.prm...

Server Alive week password encryption

Product Description : Servers Alive is an end-to-end network monitor program. Among the many checks it can do: it can monitor any Winsock service, ping a host, check if an NT service/process is running, check the available disk space on a server, retrieve an URL, check your database engine, and...

NetSupport School 7.0/7.5 - Weak Password Encryption

source: https://www.securityfocus.com/bid/9981/info NetSupport School is prone to a password-encryption vulnerability because the application fails to protect passwords with a sufficiently effective encryption scheme. Exploiting this issue may allow an attacker to access user and administrator...

NetSupport School 7.07.5 - Weak Password Encryption

NetSupport School 7.07.5 - Weak Password Encryption source: https://www.securityfocus.com/bid/9981/info NetSupport School is prone to a password-encryption vulnerability because the application fails to protect passwords with a sufficiently effective encryption scheme. Exploiting this issue may...

CVE-2003-1226

BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords...

MySQL 3.x/4.0.x - Weak Password Encryption

// source: https://www.securityfocus.com/bid/7500/info MySQL has been reported to implement a weak password encryption algorithm. It has been reported that the MySQL function used to encrypt MySQL passwords makes just one pass over the password and employs a weak left shift based cipher. The hash...

FlashFXP 1.4 - User Password Encryption

FlashFXP 1.4 - User Password Encryption // source: https://www.securityfocus.com/bid/7499/info FlashFXP uses a trivially reversible algorithm to encrypt FTP user credentials. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credential...

FlashFXP 1.4 - User Password Encryption

// source: https://www.securityfocus.com/bid/7499/info FlashFXP uses a trivially reversible algorithm to encrypt FTP user credentials. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credentials for remote sites. / Flashfxp sites.dat...

MySQL 3.x4.0.x - Weak Password Encryption

MySQL 3.x4.0.x - Weak Password Encryption // source: https://www.securityfocus.com/bid/7500/info MySQL has been reported to implement a weak password encryption algorithm. It has been reported that the MySQL function used to encrypt MySQL passwords makes just one pass over the password and employ...

WFVote

Product : WFVote Version : 0.2 WebSite : http://jid.2yd.ru Problem : Admin access rus Description: ------------ setadmpw.php ========= ... myflock; $f=fopen"votepwd.dat","w"; fputs$f,md5$admpwd1; fclose$f; myfunlock; ... ========= votepwd.dat ======= 21232f297a57a5a743894a0e4a801fc3 =======...

PHP Message Board/Guestbook

Product : PHP Message Board/Guestbook Version : First WebSite : http://www.cyber-cats.com/php Problem : Viewing passwords file Description: ------------ In this script passwords are in passwd.txt file They are encrypted by DES algorithm. In Shrot, all who want see the passwords can make it...

Weak password encryption in memory for multiple SSH2 clients

User's password stays in memory uinecnrypted...

CVE-2002-1872

Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption XOR, which allows remote attackers to sniff and decrypt the password...

CVE-2002-1975

Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods...

PT-2002-2632 · Click2Learn · Click2Learn Ingenium Learning Management System

Name of the Vulnerable Software and Affected Versions: Click2Learn Ingenium Learning Management System versions 5.1 through 6.1 Description: The issue concerns the use of weak encryption for passwords in the affected software, specifically a reversible algorithm. This weakness allows attackers to...