2 matches found
CVE-2007-6330
Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a 1 cleartext or 2 weakly encrypted format to support client-side login authentication, which makes it easier for remote attackers to obtain database access by capturing credentials via a...
CVE-2007-6330
Meridian Prolog Manager 2007 and earlier versions (including 7.5 and prior) transmit all usernames and passwords to the client in cleartext or weakly encrypted form to support client-side authentication. This can enable an attacker to capture credentials via network sniffing or a man-in-the-middl...