10 matches found
EUVD-2000-0601
Malware in sbrugna...
EUVD-2000-0623
Malware in sbrugna...
CVE-2000-0627
BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as userupdatepasswd.pl and userupdateadmin.pl...
CVE-2000-0627
BlackBoard CourseInfo 4.0 is affected by an authentication flaw that allows local users to modify CourseInfo database information and gain privileges by directly calling supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl. The provided documents do not include remediati...
CVE-2000-0605
Summary: CVE-2000-0605 affects Blackboard CourseInfo 4.0. The vulnerability is that local and SQL administrator usernames/passwords are stored in cleartext in a registry key whose ACL allows other users to access the passwords. This leads to potential confidentiality exposure of admin credentials...
CVE-2000-0605
Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords...
Дырка в Blackboard Courseinfo
Непроверяемый ввод пользователя позволяет поменять пароль любого пользователя или создать нового...
CVE-2000-0627
BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as userupdatepasswd.pl and userupdateadmin.pl...
CVE-2000-0605
Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords...
Two issues: Blackboard CourseInfo 4.0 stores admin password in clear text; strange settings on the winreg key.
Hi, Russ. This is a big mess; I've got two different things for your consideration. Perhaps you can help me out. First of all, Blackboard CourseInfo 4.0 stores a local administrator username and password in clear text in the registry. Unless an administrator has hardened their registry against...