Lucene search
K

5 matches found

CERT
CERT
added 2007/12/17 12:0 a.m.56 views

Meridian Prolog Manager uses weak authentication to store and transmit user credentials

Overview Meridian Systems Prolog Manager does not use strong encryption and returns a list of all user credentials when authenticating clients. These behaviors could allow an attacker to obtain user credentials and decrypt passwords. Description Meridian Systems Prolog Manager is a set of...

10CVSS6.7AI score0.05075EPSS
Exploits0References5
Prion
Prion
added 2007/12/13 7:46 p.m.18 views

Code injection

Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a 1 cleartext or 2 weakly encrypted format to support client-side login authentication, which makes it easier for remote attackers to obtain database access by capturing credentials via a...

10CVSS7.1AI score0.05075EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2007/12/13 7:0 p.m.22 views

CVE-2007-6330

Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a 1 cleartext or 2 weakly encrypted format to support client-side login authentication, which makes it easier for remote attackers to obtain database access by capturing credentials via a...

6.5AI score0.05075EPSS
Exploits0References7
CVE
CVE
added 2007/12/13 7:0 p.m.51 views

CVE-2007-6330

Meridian Prolog Manager 2007 and earlier versions (including 7.5 and prior) transmit all usernames and passwords to the client in cleartext or weakly encrypted form to support client-side authentication. This can enable an attacker to capture credentials via network sniffing or a man-in-the-middl...

10CVSS6.5AI score0.05075EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2007/12/13 12:0 a.m.25 views

Meridian Prolog Manager weak encryption

Weak username/password encryption...

2.8AI score
Exploits0References1
Rows per page
Query Builder