155 matches found
CVE-2005-4176
CVE-2005-4176 affects AWARD BIOS Modular 4.50pg and is caused by failure to clear the keyboard buffer after BIOS password reads, enabling local users to read the password from physical memory. The vulnerability is local in scope with low base score (2.1); details on exploit code or practical in‑t...
CVE-2002-1940
CVE-2002-1940 affects the LCC-Win32 3.2 compiler running on Windows 95/98/ME, where memory after the import table can leak previously used data, potentially exposing sensitive information. Root cause involves memory handling in that environment; Red Hat/Red Hat-like advisories and other sources c...
CVE-2005-1166
The CVE-2005-1166 entry concerns DameWare NT Utilities (DNTUS26) and MiniRemote Control (DWRCS) up to version 4.9, where the username and password are stored in memory in plaintext. This in-memory credential exposure could allow a local attacker to obtain sensitive information. The connected sour...
US-CERT Technical Cyber Security Alert TA04-247A -- Vulnerabilities in MIT Kerberos 5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA04-247A Vulnerabilities in MIT Kerberos 5 Original release date: September 3, 2004 Last revised: -- Source: US-CERT Systems Affected MIT Kerberos 5 versions prior to krb5-1.3.5 Applications...
SuSE memory cleartext passwords
Cleartext passwords in memory are never wiped out, it leads to cleartext passwords visible in swap files...
Linux OpenExchange - cleartext rootpw in swap
date: 31.08.2004 author: l0om - l0om at excluded dot org - www.excluded.org discovered in: SuSE Linux Openexchange Server 4 problem: cleartext rootpw in swap caused by fergotten "mlock" or wiping out memory hi, i have noticed my root password flying around on my swap in cleartext. an attacker who...
MacOS X cleartext passwords in memory
Passwords are stored in swap and memory in cleartext...
leak of information in counterpane/Bruce Schneier's (now open source) Password Safe program
Program description: --- Password Safe is a tool that allows you to have a different password for all the different programs and websites that you deal with, without actually having to remember all those usernames and passwords. Originally created by Bruce Schneier's Counterpane Labs, Password Sa...
Weaknesses in MIT magic cookie and XDM X Windows authorization
Overview MIT magic cookie and XDM authorization contain vulnerabilities that could allow remote attackers to connect to X displays. Description Two widely used X Window System authorization schemes have weaknesses in their sample implementations. MIT-MAGIC-COOKIE-1 On some systems built without t...
CVE-2003-0046
AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials...
CVE-2003-0046
AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials...
Weak password encryption in memory for multiple SSH2 clients
User's password stays in memory uinecnrypted...
Cleartext Cryptainer memory password
Cleartext password in process' memory...
Password Disclosure in Cryptainer
=================================================== Advisory: Password Disclosure in Cryptainer Vendor: SecureSoft http://www.cypherix.com Download Location: http://www.cypherix.com/downloads.htm Versions affected: Cryptainer PE and Cryptainer 2.0 Date: 16th December 2002 Type of Vulnerability:...
GNU Screen 3.9.x Braille Module - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/4578/info Screen is a freely available, open source terminal management software package. It is distributed and maintained by the Free Software Foundation. It is available for the Unix and Linux platforms. Under some circumstances, it may be possible f...