Lucene search
+L

4564 matches found

securityvulns
securityvulns
added 2003/05/22 12:0 a.m.20 views

Pure Secure weak encryption

Passwords for log access are stored in cleartext...

2AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2003/05/12 12:0 a.m.990 views

TCP/IP SYN+FIN Packet Filtering Weakness

The remote host does not discard TCP SYN packets that have the FIN flag set. Depending on the kind of firewall you are using, an attacker may use this flaw to bypass its rules. C Tenable Network Security, Inc. Ref: To: [email protected] From: [email protected] Date: Mon, 5 May 2003 11:01:0...

5.6AI score
Exploits0References1
Exploit DB
Exploit DB
added 2003/05/05 12:0 a.m.36 views

FlashFXP 1.4 - User Password Encryption

// source: https://www.securityfocus.com/bid/7499/info FlashFXP uses a trivially reversible algorithm to encrypt FTP user credentials. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credentials for remote sites. / Flashfxp sites.dat...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/22 12:0 a.m.31 views

Web Protector 2.0 - Trivial Encryption

source: https://www.securityfocus.com/bid/7409/info Web protector has been reported prone to a trivial encryption weakness. It has been reported that the method used to obfuscate and protect the HTML source of web pages implementing Web Protector is flawed and may be easily reversed. This weaknes...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/04/16 12:0 a.m.16 views

Cerberus FTP Server 2.1 - Information Disclosure

Cerberus FTP Server 2.1 - Information Disclosure source: https://www.securityfocus.com/bid/7369/info It has been reported that Cerberus FTP Server is prone to an information disclosure weakness. The problem exists in the way the FTP server handles the authentication procedure. An attacker may...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/16 12:0 a.m.24 views

Cerberus FTP Server 2.1 - Information Disclosure

source: https://www.securityfocus.com/bid/7369/info It has been reported that Cerberus FTP Server is prone to an information disclosure weakness. The problem exists in the way the FTP server handles the authentication procedure. An attacker may exploit a weakness in error handling to disclose val...

7.4AI score
Exploits0
Debian
Debian
added 2003/04/09 3:56 p.m.32 views

[SECURITY] [DSA 269-2] New heimdal packages fix authentication failure

-------------------------------------------------------------------------- Debian Security Advisory DSA 269-2 [email protected] http://www.debian.org/security/ Martin Schulze April 9th, 2003 http://www.debian.org/security/faq -...

7.5CVSS9.7AI score0.04284EPSS
Exploits0
Debian
Debian
added 2003/04/09 3:56 p.m.40 views

[SECURITY] [DSA 269-2] New heimdal packages fix authentication failure

-------------------------------------------------------------------------- Debian Security Advisory DSA 269-2 [email protected] http://www.debian.org/security/ Martin Schulze April 9th, 2003 http://www.debian.org/security/faq -...

7.5CVSS0.5AI score0.04284EPSS
Exploits0
Exploit DB
Exploit DB
added 2003/04/04 12:0 a.m.45 views

Linux Kernel 2.2.x/2.4.x - I/O System Call File Existence

/ source: https://www.securityfocus.com/bid/7279/info A weakness has been discovered on various systems that may result in an attacker gaining information pertaining to the existence of inaccessible files. The problem lies in the return times when attempting to access existent and non-existent...

7.4AI score
Exploits0
Debian
Debian
added 2003/03/28 12:12 p.m.30 views

[SECURITY] [DSA 273-1] New krb4 packages fix authentication failure

-------------------------------------------------------------------------- Debian Security Advisory DSA 273-1 [email protected] http://www.debian.org/security/ Martin Schulze March 28th, 2003 http://www.debian.org/security/faq -...

7.5CVSS9.4AI score0.04284EPSS
Exploits0
Debian
Debian
added 2003/03/28 12:12 p.m.35 views

[SECURITY] [DSA 273-1] New krb4 packages fix authentication failure

-------------------------------------------------------------------------- Debian Security Advisory DSA 273-1 [email protected] http://www.debian.org/security/ Martin Schulze March 28th, 2003 http://www.debian.org/security/faq -...

7.5CVSS0.4AI score0.04284EPSS
Exploits0
OSV
OSV
added 2003/03/28 12:0 a.m.18 views

DSA-273 krb4 - Cryptographic weakness

Bulletin has no description...

7.5CVSS6.3AI score0.04284EPSS
Exploits0
Debian
Debian
added 2003/03/26 12:1 p.m.42 views

[SECURITY] [DSA 269-1] New heimdal packages fix authentication failure

-------------------------------------------------------------------------- Debian Security Advisory DSA 269-1 [email protected] http://www.debian.org/security/ Martin Schulze March 26th, 2003 http://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.04284EPSS
Exploits0
Debian
Debian
added 2003/03/26 12:1 p.m.31 views

[SECURITY] [DSA 269-1] New heimdal packages fix authentication failure

-------------------------------------------------------------------------- Debian Security Advisory DSA 269-1 [email protected] http://www.debian.org/security/ Martin Schulze March 26th, 2003 http://www.debian.org/security/faq -...

7.5CVSS9.4AI score0.04284EPSS
Exploits0
OSV
OSV
added 2003/03/26 12:0 a.m.16 views

DSA-269 heimdal - Cryptographic weakness

Bulletin has no description...

7.5CVSS6.3AI score0.04284EPSS
Exploits0
OSV
OSV
added 2003/03/24 12:0 a.m.33 views

DSA-266 krb5 - several vulnerabilities

Bulletin has no description...

7.5CVSS9.4AI score0.15031EPSS
Exploits1
Exploit DB
Exploit DB
added 2003/03/21 12:0 a.m.34 views

ProtWare HTML Guardian 6.x - Encryption

source: https://www.securityfocus.com/bid/7169/info A weakness has been reported in the encryption scheme used by ProtWare HTML Guardian. Specifically, the encryption scheme implemented obfuscates data using a simple bit shifting technique, making it trivial for attackers to reverse. Administrato...

7AI score
Exploits0
CERT
CERT
added 2003/03/20 12:0 a.m.43 views

MIT Kerberos vulnerable to ticket splicing when using Kerberos4 triple DES service tickets

Overview Several cryptographic vulnerabilities exist in the basic Kerberos version 4 protocol that could allow an attacker to impersonate any user in a Kerberos realm and gain any privilege authorized through that Kerberos realm. Description The MIT Kerberos Development team has discovered a...

7.5CVSS9.4AI score0.04284EPSS
Exploits0References1
securityvulns
securityvulns
added 2003/03/17 12:0 a.m.40 views

MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol

-----BEGIN PGP SIGNED MESSAGE----- MIT krb5 Security Advisory 2003-004 2003-03-17 Topic: Cryptographic weaknesses in Kerberos v4 protocol Severity: CRITICAL SUMMARY ======= A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2003/03/11 12:0 a.m.18 views

Qpopper 34 - Username Information Disclosure

Qpopper 34 - Username Information Disclosure source: https://www.securityfocus.com/bid/7110/info An information disclosure weakness has been reported for Qpopper when authenticating. The weakness is due to the fact that if a valid username is sent with a bad password, Qpopper will wait a small...

7.2AI score
Exploits0
Rows per page
Query Builder