CVE-2003-0493

Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID...

CVE-2003-0493

Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID...

CVE-2002-0788

An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System EFS, creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain...

CVE-2002-0790

clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges...

PlatinumFTP.txt

Multiple vulnerabilities found in PlatinumFTPserver V1.0.7 PlatinumFTPserver C2002 BYTE/400 LTD Discovered by Dennis Rand http://www.infowarfare.dk ------------------------------------------------------------------------ SUMMARY PlatinumFTPserver simplifies management of all your Ftp clients with...

CVE-2002-1977

Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase...

CVE-2002-2172

Informed 1 Designer and 2 Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information...

DEBIAN-CVE-2002-1318

Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string...

CVE-2002-1318

Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string...

CVE-2002-0994

SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications...

CVE-2002-0994

SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications...

CVE-2002-0790

clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges...

CVE-2002-0788

An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System EFS, creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain...

PT-2002-1809 · Pgp +1 · Pgp +1

Name of the Vulnerable Software and Affected Versions: PGP version 7.0.3 Description: The issue arises from an interaction between PGP and the Windows Encrypted File System EFS when the "wipe deleted files" option is used. This interaction creates cleartext temporary files that cannot be wiped or...

CVE-2002-0197

Technical details (affected products, versions, vulnerabilities, exploitation) are not publicly provided in the connected documents. Monitor for updates.

CVE-2002-0570

The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key...

NTFS and PGP interact to expose EFS encrypted data

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NTFS and PGP interact to expose EFS encrypted data c 2002 Ry Jones, Airgap Networks. Summary: NTFS, a feature of Windows XP, supports an "encrypted" attribute. PGP 7.0.3 Freeware, a product of Network Associates, supports wiping files as they are...

CVE-2002-0202

CVE-2002-0202 affects PaintBBS 1.2. The vulnerability arises from insecure permissions on installed files/directories, enabling local users to access the encrypted server password via the world-readable oekakibbs.conf and to modify the server configuration through the world-writable /oekaki/ dire...

CVE-2001-1151

Affected product : Trend Micro OfficeScan Corporate Edition (Virus Buster Corporate Edition). Vulnerability : Remote disclosure of sensitive configuration data via unauthenticated access to /officescan/hotdownload, specifically reading the configuration file ofcscan.ini which contains a weakly en...

CVE-2001-0522

Format string vulnerability in Gnu Privacy Guard aka GnuPG or gpg 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file...