Opera < 9.50 Multiple Vulnerabilities

Binary data 4541.prm...

Sun GlassFish Enterprise Server Multiple Vulnerabilities

Binary data 5030.prm...

Movable Type < 4.26 Multiple Vulnerabilities

Binary data 5088.prm...

IMail < 7.0.6 Account Hijacking

Binary data 1507.prm...

FTP Server .csv Office Files Detection

Binary data 4006.prm...

ClamAV < 0.88.1 Multiple Vulnerabilities (deprecated)

Binary data 3505.prm...

vulnerabilities in JetboxOne CMS

ECHOADV03$2004 --------------------------------------------------------------------------- vulnerabilities in JetboxOne CMS --------------------------------------------------------------------------- Author: y3dips Date: August, 4th 2004 Location: Indonesia, Jakarta Web:...

Plaintext Vulnerability in Alan Ward Acart

Vulnerability: Plaintext Vulnerability Description: All of the data in this database is stored in plain text not encrypted, including usernames, passwords, credit card numbers, addresses, etc. Many times the database is placed into a web accessible folder by default Exploit: None Required Solutio...

EUVD-2002-0855

Remote Data Protocol RDP version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."...

Zaurus PDA FTP Server Unpassworded root Account

The remote Zaurus FTP server can be accessed as the user 'root' with no password. An attacker may use this flaw to steal or modify the content of your PDA, including but not limited to your address book, personal files, and list of appointments. C Tenable Network Security, Inc. Script audit and...

CVE-2002-0570

CVE-2002-0570 : The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, allowing local users to modify encrypted data without knowing the key. The affected component is the loop device encryption code in these kernels. The provided do...

CVE-1999-1530

CVE-1999-1530 affects Cobalt RaQ2/RaQ3i environments where the cgiwrap component fails to properly identify users when running scripts. This allows a malicious site administrator to view or modify data located at another virtual site on the same system. The vulnerability is documented in CVE-1999...

kebi-webmail_vul.txt

kebi-Webmail Solution vulnerability Tested by secret e-mail: [email protected] Summary : Get webmail server's admin competence by remote attack in kebi-Webmail Solution. Platform: Attacker platform : All Operating Systems + Web browser Target platform: All kebi Webmail solution loading server ke...

Possible Issue with Netinfo and Mac OS X

Hi, I have been using Mac OS X for quite a while now, and I have just found something that concerns me a little. As you probably know Mac OS X is based on BSD and by default does not have any services running though it is not hard to turn these on thefore is reasonably secure out of the box. Now ...

Microsys CyberPatrol 4.0 4.0034.0 4.005 - Insecure Registration

Microsys CyberPatrol 4.0 4.0034.0 4.005 - Insecure Registration source: https://www.securityfocus.com/bid/1977/info CyberPatrol is popular web access restriction software by Microsys. A vulnerability exists in the way CyberPatrol submits registration information from its client software to...

CVE-2000-0678

CVE-2000-0678 affects PGP 5.5.x through 6.5.3. The flaw: ADKs are not checked in the signed portion of a public certificate, so an attacker who modifies a victim’s certificate can decrypt data encrypted with that modified certificate. Exploitation requires a modified certificate and a sender usin...

University of Washington pop2d 4.46/4.51/4.54/4.55 - Remote File Read

source: https://www.securityfocus.com/bid/1484/info A vulnerability exists in versions of the ipop2d daemon, through version 4.55. ipop2d is part of the University of Washington imap package. Versions through 4.7c of the imap package are affected. Any user who has a pop account on the machine can...

Citrix Metaframe 1.0/1.8 - Weak Encryption

// source: https://www.securityfocus.com/bid/1077/info The ICA protocol uses a simple XOR-based encryption algorthm to protect user credentials while stored or in transit. This encryption can be easily broken, meaning that anyone sniffing the connection can obtain user access to the server. The I...

CVE-2000-0220

ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event...

CVE-2000-0068

The CVE-2000-0068 entry concerns the daynad component of Intel InBusiness E-mail Station. The issue arises because the daynad program does not require authentication, enabling remote attackers to modify configuration, delete files, or read mail. The provided sources state the vulnerability and im...