Multiple bugs in Microsoft SQL Server (multiple bugs)

Buffer overflows in OpenDataSource, OPENROWSET, pwdencrypt and xpdirtree. Weak registry permissions, weak password enbcryption...

SurfControl SuperScout Multiple Bugs

Access to user names/passwords, weak passwords encryption, large GET request DoS, directory traversal, SQL injection...

PHP-Nuke v5.6 - Users can compromise admin accts.

Tested on PHP-Nuke v5.6 with Mozilla on Linux should work on past versions and on most browsers Impact: --------------------------------------------- Allows any user to get admin access to a PHP-Nuke site. Summary: ---------------------------------------------- Due to a XSS flaw in PHPNuke's...

CVE-2002-0624

Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine MSDE 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption...

CVE-2002-0624

Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine MSDE 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption...

CVE-2001-1356

NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021...

Security Update: [CSSA-2002-024.0] Volution Manager: Directory Administrator password in cleartext

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: Volution Manager: Directory Administrator password in cleartext Advisory number: CSSA-2002-024.0 Issue date: 2002 June 3 Cross reference: 1. Problem...

CVE-2001-0967

Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt function, which makes it easier for an attacker to conduct brute force password guessing...

CVE-1999-1543

CVE-1999-1543 affects macOS where passwords stored in the Users & Groups Data File are protected by weak encryption. Root cause: weak encryption of password storage. Impact per available data: partial confidentiality, partial integrity, and partial availability if an attacker has local access. Ex...

CVE-2001-0967

Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt function, which makes it easier for an attacker to conduct brute force password guessing...

PT-2001-2119 · Knox · Knox Arkeia Server

Name of the Vulnerable Software and Affected Versions: Knox Arkeia server version 4.2 Description: The issue is related to the use of a constant salt when encrypting passwords using the crypt function, which makes it easier for an attacker to conduct brute force password guessing. Recommendations...

Respondus for WebCT 1.1.2 - Weak Password Encryption

Respondus for WebCT 1.1.2 - Weak Password Encryption source: https://www.securityfocus.com/bid/3228/info Respondus is an application designed to add functionality to WebCT's quiz, self-test and survey tools. WebCT is a commercial e-learning solution. When a user opts to have Respondus remember th...

Respondus for WebCT 1.1.2 - Weak Password Encryption

source: https://www.securityfocus.com/bid/3228/info Respondus is an application designed to add functionality to WebCT's quiz, self-test and survey tools. WebCT is a commercial e-learning solution. When a user opts to have Respondus remember the username/password for WebCT access, the information...

Intego FileGuard 2.04.0 - Weak Password Encryption

Intego FileGuard 2.04.0 - Weak Password Encryption source: https://www.securityfocus.com/bid/3213/info Intego FileGuard is a commercial access control utility for Mac OS versions 7-9.1. It's functionality includes the ability to enforce privileges, log activities, manage user accounts, restrict...

Intego FileGuard 2.0/4.0 - Weak Password Encryption

source: https://www.securityfocus.com/bid/3213/info Intego FileGuard is a commercial access control utility for Mac OS versions 7-9.1. It's functionality includes the ability to enforce privileges, log activities, manage user accounts, restrict access by time, etc. Intego FileGuard provides syste...

CVE-2001-1356

NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021...

CVE-2001-1106

The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure...

Многочисленные уязвимости в NetWin Authentication Module (weak encryption, buffer overflow)

Многочисленные уязвимости: обратимое шифрование паролей, плохой хэш, переполнения буфера...

NetWin DMail 2.x / SurgeFTP 1.0/2.0 - Weak Password Encryption

// source: https://www.securityfocus.com/bid/3075/info The Netwin Authentication module, or NWAuth, is an external authentication module used by several Netwin products. A simple one-way hash function is used by NWAuth to perform password encryption operations. As a result, it is trivial for an...

NetWin DMail 2.x SurgeFTP 1.02.0 - Weak Password Encryption

NetWin DMail 2.x SurgeFTP 1.02.0 - Weak Password Encryption // source: https://www.securityfocus.com/bid/3075/info The Netwin Authentication module, or NWAuth, is an external authentication module used by several Netwin products. A simple one-way hash function is used by NWAuth to perform passwor...