General Bytes Crypto Application Server 安全漏洞

General Bytes Crypto Application Server is General Bytes' provides powerful and simple browser-based administration. A security vulnerability exists in General Bytes Crypto Application Server versions 20201208 through prior to 20220531.38 and prior to 20220725.22, which stems from an authenticati...

VulnCheck KEV: CVE-2023-28725

General Bytes Crypto Application Server CAS 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execute arbitrary Java code by uploading a Java application to the /batm/app/admin/standalone/deployments directory, aka BATM-4780, as exploited in the wild in...

CRYPTO-Server installvariables.properties LDAP Credential Local Disclosure

A version of CRYPTOCard CRYPTO-Server, the server component of a commercial two-factor authentication system, is installed on the remote host. When CRYPTO-Server was installed on the remote host, the installer left credentials used to configure the application with Active Directory in a log file,...

CVE-2006-6145

CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\installvariables.properties, which has insecure permissions and allows local users to obtain the credentials. NOTE: The provenance of this information is unknown; the details are obtained solely from...

CVE-2006-6145

CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\installvariables.properties, which has insecure permissions and allows local users to obtain the credentials. NOTE: The provenance of this information is unknown; the details are obtained solely from...

CVE-2006-6145

CRYPTOCard CRYPTO-Server (before 6.4.56) stores LDAP credentials in plaintext in UninstallerData\installvariables.properties with insecure file permissions, allowing local users to obtain the credentials. This is documented in CVE-2006-6145 and corroborated by related Nessus findings. The vulnera...