272 matches found
Web Protector 2.0 - Trivial Encryption
source: https://www.securityfocus.com/bid/7409/info Web protector has been reported prone to a trivial encryption weakness. It has been reported that the method used to obfuscate and protect the HTML source of web pages implementing Web Protector is flawed and may be easily reversed. This weaknes...
ProtWare HTML Guardian 6.x - Encryption
source: https://www.securityfocus.com/bid/7169/info A weakness has been reported in the encryption scheme used by ProtWare HTML Guardian. Specifically, the encryption scheme implemented obfuscates data using a simple bit shifting technique, making it trivial for attackers to reverse. Administrato...
Yet another plaintext attack to ZIP encryption scheme.
Introduction ------------ The ZIP format is one of the most widely used compresion/archival programs on computers systems, its use is even more extended on Windows plataform, with WinZIP program. Known Attacks ------------- The PKZIP encryption scheme have been proved to be weak in a lot of paper...
CVE-2002-0863
Remote Data Protocol RDP version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."...
Trillian Instant Messaging 0.x - Credential Encryption
// source: https://www.securityfocus.com/bid/5677/info The Trillian instant messaging client uses weak encryption to store saved authentication credentials for instant messaging services. The credentials are encrypted by using XOR with a static key that is used with every installation of the...
CVE-2001-1356
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021...
CVE-1999-0757
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates...
CVE-2000-1008
PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device...
CVE-2000-0250
The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords...
PcAnywhere weak password encryption
PcAnywhere weak password encryption ---- Discussion ---- PcAnywhere 9.0.0 set to its default security value uses a trivial encryption method so user names and password are not sent directly in clear. Since most users have the encryption methods set to either "none" or "PcAnyWhere", their password...
CVE-2000-0084
CuteFTP uses weak encryption to store password information in its tree.dat file...
MacOS_encryption.txt
Subject: MacOS system encryption algorithm To: [email protected] The encryption algorithm in MacOS system is simple and the password can be easily decoded. Password is stored in Users & Groups Data File in Preferences folder. Offset is different on each system and depends on Users & Group...