Слабость EFS в Windows 2000

При использовании Encrypted File System в Windows 2000 возможно дешифрование файлов, т.к. локальная база данных безопасности хранится на диске. Для предотвращения этого необходимо использовать syskey с паролем или хранением ключа на дискете...

CVE-2000-0300

The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts...

CVE-2000-0250

The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords...

CVE-2000-0250

CVE-2000-0250 : The crypt function in QNX uses weak encryption, enabling local users to decrypt passwords. The available documents state this vulnerability stems from weak cryptography used by QNX’s crypt function, with impact described as complete confidentiality loss for locally accessible pass...

CRYPTOAdmin 4.1 server with PalmPilot PT-1 token 1.04 PIN Extract ion

@Stake Inc. L0pht Research Labs www.atstake.com www.L0pht.com Security Advisory Advisory Name: CRYPTOCard PalmToken PIN Extraction Release Date: April 10, 2000 Application: CRYPTOAdmin 4.1 server with CRYPTOCard PT-1 token 1.04 Platform: Server software on any environment and token software on Pa...

CVE-2000-0300

The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts...

icadecrypt.c.txt

/ icadecrypt.c Decrypt stored Citrix ICA passwords in appsrv.ini. Dug Song / include include include include include int hexdecodechar src, uchar dst, int outsize char p, pe; uchar q, qe, ch, cl; pe = src + strlensrc; qe = dst + outsize; for p = src, q = dst; p = '0' && ch = 'a' && ch = '0' && cl...

CVE-1999-0476

The CVE-1999-0476 entry concerns SCO TermVision which uses a weak password encryption algorithm. The root cause is weak encryption that allows a local user to easily decrypt passwords stored by TermVision. Impact is limited to confidentiality and integrity of password data, as described in the so...

CVE-1999-0476

A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user...

CVE-1999-0834

CVE-1999-0834 involves a buffer overflow in RSAREF2 used by SSH up to 1.2.27 compiled with RSAREF2. The vulnerability stems from missing bounds checks in RSAREF2 RSA operations (RSAPrivateDecrypt/RSAPublicDecrypt) where the internal pkcsBlock can be overflowed by NN_Encode() writes, enabling arbi...

CVE-1999-0834

Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library...

CVE-1999-1104

Windows 95 uses weak encryption for the password list .pwl file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords...

CVE-1999-0834

Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library...

IBM Websphere 2.0/3.0 - ikeyman Weak Encrypted Password

source: https://www.securityfocus.com/bid/1763/info IBM WebSphere ships with a tool called 'ikeyman' that encrypts server certificates/key pairs when the IBM HTTP Server and SSL connections are enabled. Ikeyman stores the password in a stash file which can be easily decrypted through the use of a...

IBM Websphere 2.03.0 - ikeyman Weak Encrypted Password

IBM Websphere 2.03.0 - ikeyman Weak Encrypted Password source: https://www.securityfocus.com/bid/1763/info IBM WebSphere ships with a tool called 'ikeyman' that encrypts server certificates/key pairs when the IBM HTTP Server and SSL connections are enabled. Ikeyman stores the password in a stash...

CVE-1999-1540

shell-lock in Cactus Software Shell Lock uses weak encryption trivial encoding which allows attackers to easily decrypt and obtain the source code...

coldfusion.fixes.txt

Date: Mon, 24 May 1999 15:00:52 -0700 From: [email protected] To: [email protected] Subject: New Allaire Security Zone Bulletins and KB Articles Dear ColdFusion Customer- Several new security issues that may affect ColdFusion customers have come to our attention recently. Please visit the...

wingate.3.0.txt

Date: Mon, 5 Apr 1999 17:52:51 -0700 From: Marc To: [email protected] Subject: Multiple WinGate VulnerabilitiesTad late At first we were just going to post this advisory to our website but after the subject came up on the NTSEC list and we got a few emails telling us to post it to...

CVE-1999-1078

WSFTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges...

CVE-1999-0470

A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted...