Lucene search
+L

2198 matches found

Cvelist
Cvelist
added 2000/11/29 5:0 a.m.16 views

CVE-2000-1030

CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server...

6.7AI score0.01562EPSS
Exploits0References3
Cvelist
Cvelist
added 2000/11/29 5:0 a.m.22 views

CVE-2000-1037

Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack...

6.8AI score0.03348EPSS
Exploits1References2
CVE
CVE
added 2000/11/29 5:0 a.m.49 views

CVE-2000-1037

The CVE-2000-1037 issue affects Check Point Firewall-1 session agent versions 3.0 through 4.1. The root cause is that the service returns different error messages for invalid usernames versus invalid passwords, enabling remote attackers to enumerate valid usernames and perform brute-force passwor...

7.5CVSS7.2AI score0.03348EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2000/07/28 12:0 a.m.44 views

TelSrv Reveals Usernames & Passwords After DoS Attack

---------- Details ---------- Application: GAMSoft's TelSrv 1.5 could be more... I don't have time to check, nor do I have the other programs Problem Type: Denial of Service Attack - Reveals User Names & Passwords Author: Patrick Webster mailto:[email protected] Platform: Win95 could be more...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2000/05/25 12:0 a.m.56 views

Deerfield Communications MDaemon Mail Server DoS

Deerfield Communications the Wingate perpetrators MDaemon POP server is vulnerable to bigass usernames causing a DoS. MDaemon is a mail server package for 95,98,NT and Win2k. Many systems that run Deerfield's World Client web-mail also use MDaemon. Exploit tested on Win2kpro running MDaemon 3.0.3...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2000/05/17 12:0 a.m.35 views

Cayman 3220-H DSL Router 1.0/GatorSurf 5.3 - Denial of Service

source: https://www.securityfocus.com/bid/1219/info Large usernames or passwords sent to the router's HTTP interface restart the router. Router log will show "restart not in response to admin command" Open the router interface with your browser. Username: ......................... x79 + After the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/04/25 12:0 a.m.26 views

Переполнение буфера в IC Radius

Переполнение буфера при имени пользователя свыше 24 символов...

0.6AI score
Exploits0References1Affected Software1
CVE
CVE
added 2000/02/04 5:0 a.m.52 views

CVE-1999-0356

Summary of CVE-1999-0356 (ControlIT) : Affects ControlIT versions prior to 4.5. The issue is the use of weak encryption to store usernames and passwords in an address book, exposing confidentiality and integrity. Root cause: insecure storage of credentials due to weak encryption. No explicit expl...

10CVSS6.9AI score0.01312EPSS
Exploits0References1
NVD
NVD
added 1999/11/25 5:0 a.m.16 views

CVE-1999-0845

Buffer overflow in SCO su program allows local users to gain root access via a long username...

7.2CVSS6.8AI score0.00778EPSS
Exploits0References1
CVE
CVE
added 1999/09/29 4:0 a.m.65 views

CVE-1999-0292

CVE-1999-0292 affects Windows with the Winpopup service, where a denial of service is achievable by using unusually large usernames. The connected records reiterate a DoS via Winpopup, but do not provide concrete exploit steps, affected versions, root-cause details, or a remediation. There is no ...

5CVSS7.4AI score0.05922EPSS
Exploits0References1Affected Software1
NVD
NVD
added 1999/09/13 4:0 a.m.23 views

CVE-1999-0691

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name...

7.2CVSS6.8AI score0.00836EPSS
Exploits0References4
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.42 views

fw-1.lpsnoop.pl

Date: Fri, 25 Sep 1998 18:24:58 -0400 From: Andrew Danforth Subject: Re: Firewall-1 3.0b Session Agent On Fri, 25 Sep 1998, Brooke Paul wrote: -----Original Message----- From: Larry Pingree SMTP:[email protected] A problem exists in the Firewall-1 3.0b Session Agent All communications from the...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.254 views

Finger Service Remote Information Disclosure

The remote host is running the 'finger' service. The purpose of this service is to show who is currently logged into the remote system, and to give information about the users of the remote system. It provides useful information to attackers, since it allows them to gain usernames, determine how...

5.5AI score0.6744EPSS
Exploits0References1
NVD
NVD
added 1999/01/25 5:0 a.m.18 views

CVE-1999-0356

ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book...

10CVSS6.5AI score0.01312EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 1999/01/25 12:0 a.m.6 views

PT-1999-1045 · Controlit · Controlit

Name of the Vulnerable Software and Affected Versions: ControlIT versions prior to 4.5 Description: The issue concerns the use of weak encryption for storing usernames and passwords in an address book. Recommendations: For ControlIT versions prior to 4.5, update to a version that uses strong...

10CVSS6.4AI score0.01312EPSS
Exploits0References2
NVD
NVD
added 1999/01/01 5:0 a.m.34 views

CVE-1999-0656

The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names...

5CVSS6.7AI score0.01551EPSS
Exploits0References2
NVD
NVD
added 1998/11/12 5:0 a.m.10 views

CVE-1999-1322

The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext...

4.6CVSS0.01503EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 1976/01/01 12:0 a.m.12 views

CVE-2024-35341

Certain Anpviz products allow unauthenticated users to download the running configuration of the device via a HTTP GET request to /ConfigFile.ini or /config.xml URIs. This configuration file contains usernames and encrypted passwords encrypted with a hardcoded key common to all devices. This...

7.4AI score0.00396EPSS
Exploits0References1
Rows per page
Query Builder