EUVD-2002-0064

Malware in sbrugna...

EUVD-2002-0066

Malware in sbrugna...

CVE-2002-0065

Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry...

CVE-2002-0066

Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges...

CVE-2002-0065

The CVE-2002-0065 issue affects Funk Software Proxy Host 3.x on Windows 2000/NT4 and Windows 9x. The root cause is weakly encrypted/stored passwords (obfuscated registry value on Windows 2000/NT4; PHOST.INI on Windows 9x), enabling local users to recover passwords and gain privileges. The attack ...

CVE-2002-0066

Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges...

CVE-2002-0065

Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry...

Unauthorized remote control access to systems running Funk Softwa re's Proxy v3.x

BindView Security Advisory -------- Unauthorized remote control access to systems running Funk Software's Proxy v3.x Issue Date: April 8, 2002 Contact: Chris Coffin [email protected] CVE: CAN-2002-0064, CAN-2002-0065, CAN-2002-0066 Overview: Funk Software's Proxy v3.x Remote Control...