MacOS_encryption_algorithm.txt

Subject: MacOS system encryption algorithm 3 To: [email protected] Sometime ago, Dawid adix Adamski sent to bugtraq the encryption algorithm in MacOS personal AppleShare server he found. I have been researching a little on this subject, and I've found his code fails when decoding the firs...

PT-1999-1490 · Wwwboard · Wwwboard

Name of the Vulnerable Software and Affected Versions: WWWBoard affected versions not specified Description: The issue concerns the storage of encrypted passwords in a password file located under the web root, making it accessible to remote attackers. Recommendations: At the moment, there is no...

Microsoft FrontPage Extensions authors.pwd Information Disclosure

The remote web server appears to be running with Microsoft FrontPage extensions. The file 'authors.pwd', which contains the encrypted passwords of FrontPage authors, can by accessed by anyone. A remote attacker could decrypt these passwords, or possibly overwrite this file. C Tenable Network...

fw-1.lpsnoop.pl

Date: Fri, 25 Sep 1998 18:24:58 -0400 From: Andrew Danforth Subject: Re: Firewall-1 3.0b Session Agent On Fri, 25 Sep 1998, Brooke Paul wrote: -----Original Message----- From: Larry Pingree SMTP:[email protected] A problem exists in the Firewall-1 3.0b Session Agent All communications from the...

afio.pgp.txt

Date: Fri, 11 Jun 1999 16:55:30 -0000 From: [email protected] To: [email protected] Subject: fwd SECURITY: afio: security hole in 'afio -P pgp' encrypted archives Hello, Just found it on comp.os.linux.announce. Sorry if it was already on the list. cezar -----BEGIN PGP SIGNED MESSAGE----- I belie...

sunsolve.database.txt

Date: Tue, 11 May 1999 19:22:59 +0100 From: "Robson, Ken" To: [email protected] Subject: Sun Microsystems Leaks extensive Amounts of Information About Itself & It's Customers Through Its Sunsolve Database... Hi Folks, I have just been scouring Sun's Bug Reports for some information and I...

lotus.notes.mail.crypto.txt

Date: Tue, 23 Mar 1999 18:57:23 +0100 From: Martin Bartosch To: [email protected] Security advisory Advisory released Mar 23 1999 ----- Application: Lotus Notes Client Version 4.5, probably others Impact: Encrypted mail sent from the Notes client may traverse the network in the clear and may b...

excite-web.txt

Date: Mon, 30 Nov 1998 17:20:04 -0600 From: Michael Gerdts Subject: Security bugs in Excite for Web Servers 1.1 On November 11 I reported the folloing problmes to [email protected]. I have only recieved an automated reply. I have found numerous security concerns with EWS 1.1 which can lead to an...

Quinn - the Eskimo and Peter N. Lewis Internet Configuration 1.02.0 Weak Password Encryption

Quinn - the Eskimo and Peter N. Lewis Internet Configuration 1.02.0 Weak Password Encryption source: https://www.securityfocus.com/bid/546/info Internet Config is a third-party freeware utility for MacOS. It provides a means of centralizing frequently-required connection information, including...

CVE-1999-0429

The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference...

Qbik WinGate 3.0 - Registry

Qbik WinGate 3.0 - Registry // source: https://www.securityfocus.com/bid/511/info WinGate stores encrypted passwords in the registry, in a subkey where Everyone has Read access by default. The encryption scheme is weak, and therefore anyone can get and decrypt them. include "stdafx.h" include...

CVE-1999-1072

Excite for Web Servers EWS 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi...

Excite for Web Servers 1.1 - Administrative Password

source: https://www.securityfocus.com/bid/2665/info Excite for Web Servers 1.1 EWS is a search engine suite for web servers running under Windows NT and UNIX. By default the file containing the administrative password, architext.conf, is world readable and world writable. This allows an attacker...

CVE-2024-35341

Certain Anpviz products allow unauthenticated users to download the running configuration of the device via a HTTP GET request to /ConfigFile.ini or /config.xml URIs. This configuration file contains usernames and encrypted passwords encrypted with a hardcoded key common to all devices. This...

DUO-PSA-2014-008: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2014-008 Publication Date: 2014-12-22 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue in the iOS Duo Mobile app that may allow credentials to be backed up in an encrypted form to a user's local machine...

DUO-PSA-2014-008: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2014-008 Publication Date: 2014-12-22 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue in the iOS Duo Mobile app that may allow credentials to be backed up in an encrypted form to a user's local machine...