2198 matches found
CVE-2000-1030
CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server...
CVE-2000-1037
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack...
CVE-2000-1037
The CVE-2000-1037 issue affects Check Point Firewall-1 session agent versions 3.0 through 4.1. The root cause is that the service returns different error messages for invalid usernames versus invalid passwords, enabling remote attackers to enumerate valid usernames and perform brute-force passwor...
TelSrv Reveals Usernames & Passwords After DoS Attack
---------- Details ---------- Application: GAMSoft's TelSrv 1.5 could be more... I don't have time to check, nor do I have the other programs Problem Type: Denial of Service Attack - Reveals User Names & Passwords Author: Patrick Webster mailto:[email protected] Platform: Win95 could be more...
Deerfield Communications MDaemon Mail Server DoS
Deerfield Communications the Wingate perpetrators MDaemon POP server is vulnerable to bigass usernames causing a DoS. MDaemon is a mail server package for 95,98,NT and Win2k. Many systems that run Deerfield's World Client web-mail also use MDaemon. Exploit tested on Win2kpro running MDaemon 3.0.3...
Cayman 3220-H DSL Router 1.0/GatorSurf 5.3 - Denial of Service
source: https://www.securityfocus.com/bid/1219/info Large usernames or passwords sent to the router's HTTP interface restart the router. Router log will show "restart not in response to admin command" Open the router interface with your browser. Username: ......................... x79 + After the...
Переполнение буфера в IC Radius
Переполнение буфера при имени пользователя свыше 24 символов...
CVE-1999-0356
Summary of CVE-1999-0356 (ControlIT) : Affects ControlIT versions prior to 4.5. The issue is the use of weak encryption to store usernames and passwords in an address book, exposing confidentiality and integrity. Root cause: insecure storage of credentials due to weak encryption. No explicit expl...
CVE-1999-0845
Buffer overflow in SCO su program allows local users to gain root access via a long username...
CVE-1999-0292
CVE-1999-0292 affects Windows with the Winpopup service, where a denial of service is achievable by using unusually large usernames. The connected records reiterate a DoS via Winpopup, but do not provide concrete exploit steps, affected versions, root-cause details, or a remediation. There is no ...
CVE-1999-0691
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name...
fw-1.lpsnoop.pl
Date: Fri, 25 Sep 1998 18:24:58 -0400 From: Andrew Danforth Subject: Re: Firewall-1 3.0b Session Agent On Fri, 25 Sep 1998, Brooke Paul wrote: -----Original Message----- From: Larry Pingree SMTP:[email protected] A problem exists in the Firewall-1 3.0b Session Agent All communications from the...
Finger Service Remote Information Disclosure
The remote host is running the 'finger' service. The purpose of this service is to show who is currently logged into the remote system, and to give information about the users of the remote system. It provides useful information to attackers, since it allows them to gain usernames, determine how...
CVE-1999-0356
ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book...
PT-1999-1045 · Controlit · Controlit
Name of the Vulnerable Software and Affected Versions: ControlIT versions prior to 4.5 Description: The issue concerns the use of weak encryption for storing usernames and passwords in an address book. Recommendations: For ControlIT versions prior to 4.5, update to a version that uses strong...
CVE-1999-0656
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names...
CVE-1999-1322
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext...
CVE-2024-35341
Certain Anpviz products allow unauthenticated users to download the running configuration of the device via a HTTP GET request to /ConfigFile.ini or /config.xml URIs. This configuration file contains usernames and encrypted passwords encrypted with a hardcoded key common to all devices. This...