Lucene search
+L

8476 matches found

cvelist
cvelist
added 2005/02/23 5:0 a.m.24 views

CVE-2005-0517

PeerFTP5 stores sensitive information such as passwords in plaintext in the PeerFTP.ini files, which allows local users to gain privileges...

6.1AI score0.0062EPSS
Exploits0References1
cvelist
cvelist
added 2005/02/23 5:0 a.m.14 views

CVE-2005-0521

SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.eat file, which allows local users to gain privileges...

6.6AI score0.0062EPSS
Exploits0References1
cvelist
cvelist
added 2005/02/21 5:0 a.m.14 views

CVE-2005-0498

Gigafast router aka CompUSA router allows remote attackers to gain sensitive information and bypass the login page via a direct request to backup.cfg, which reveals the administrator password in plaintext...

6.7AI score0.01398EPSS
Exploits0References2
cve
cve
added 2005/02/19 5:0 a.m.40 views

CVE-2004-1497

Web Forums Server 1.6 and 2.0 Power Pack store passwords in plaintext in the Username.ini file, enabling local users to gain privileges. This indicates a local-privilege escalation risk due to insecure credential storage. The available sources describe the vulnerable component and impact but do n...

4.6CVSS7AI score0.00314EPSS
Exploits0References1
cvelist
cvelist
added 2005/02/13 5:0 a.m.18 views

CVE-2004-1447

Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers to gain sensitive information...

6.7AI score0.01669EPSS
Exploits0References7
cve
cve
added 2005/02/13 5:0 a.m.39 views

CVE-2004-1447

Jetbox One 2.0.8 (and possibly other versions) stores passwords in the database in plaintext, exposing user credentials. Root cause: plaintext credential storage in the data store, enabling potential disclosure if the database is accessed. CVE-2004-1447 is described with a Medium base score (AV:N...

5CVSS7.1AI score0.01669EPSS
Exploits0References7Affected Software1
cve
cve
added 2005/02/11 5:0 a.m.69 views

CVE-2005-0366

CVE-2005-0366 concerns OpenPGP/GnuPG where the integrity check feature, when decrypting a message encrypted with CF B mode, can allow a remote attacker to recover part of the plaintext through a chosen-ciphertext attack if the first two bytes of a message block are known and an oracle reveals whe...

5CVSS6.2AI score0.02946EPSS
Exploits0References10Affected Software1
cvelist
cvelist
added 2005/02/11 5:0 a.m.23 views

CVE-2005-0366

The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback CFB mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is...

6.2AI score0.02946EPSS
Exploits0References10
nessus
nessus
added 2005/02/01 12:0 a.m.9 views

Cisco IDS Plaintext Telnet Service Detection

Binary data 2584.prm...

7.3AI score
Exploits0
nessus
nessus
added 2005/01/29 12:0 a.m.38 views

UW-IMAP CRAM-MD5 Remote Authentication Bypass

There is a flaw in the remote UW-IMAP server which allows an authenticated user to log into the server as any user. The flaw is in the CRAM-MD5 authentication theme. An attacker, exploiting this flaw, would only need to identify a vulnerable UW-IMAP server which had enabled the CRAM-MD5...

7.5CVSS5.5AI score0.05091EPSS
Exploits0References1
nvd
nvd
added 2005/01/10 5:0 a.m.29 views

CVE-2004-1171

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are 1 manually entered by the user or 2 created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to...

2.1CVSS6.3AI score0.0045EPSS
Exploits0References16
ubuntucve
ubuntucve
added 2005/01/10 5:0 a.m.26 views

CVE-2004-1171

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are 1 manually entered by the user or 2 created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to...

2.1CVSS5.9AI score0.0045EPSS
Exploits0References1
securityvulns
securityvulns
added 2005/01/06 12:0 a.m.31 views

IBM DB2 Windows Permission Problems (#NISR05012005F)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 Windows Permission Problems Systems Affected: DB2 8.1 Severity: High risk from local Vendor URL: http://www.ibm.com/ Author: Chris Anley chris at ngssoftware.com Relates to: http://www.ngssoftware.com/advisories/db2-02.txt Date of Publi...

0.1AI score
Exploits0
nvd
nvd
added 2004/12/31 5:0 a.m.12 views

CVE-2004-2722

Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue...

2.1CVSS6.2AI score0.003EPSS
Exploits0References4
nvd
nvd
added 2004/12/31 5:0 a.m.13 views

CVE-2004-2400

WinFTP Server 1.6 stores username and password credentials in plaintext in the data\user.wfd file, which allows local users to gain access to the credentials...

2.1CVSS6.7AI score0.00336EPSS
Exploits0References5
nvd
nvd
added 2004/12/31 5:0 a.m.15 views

CVE-2004-2397

The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates...

7.5CVSS7.4AI score0.00863EPSS
Exploits0References5
nvd
nvd
added 2004/12/31 5:0 a.m.16 views

CVE-2004-1447

Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers to gain sensitive information...

5CVSS6.7AI score0.01669EPSS
Exploits0References7
nvd
nvd
added 2004/12/31 5:0 a.m.17 views

CVE-2004-2578

phpGroupWare before 0.9.16.002 transmits the 1 header admin and 2 setup passwords in plaintext via cookies, which allows remote attackers to sniff passwords...

5CVSS6.7AI score0.01425EPSS
Exploits0References4
nvd
nvd
added 2004/12/31 5:0 a.m.13 views

CVE-2004-2708

Gyach Enhanced Gyach-E before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file...

5CVSS6.4AI score0.00891EPSS
Exploits0References2
nvd
nvd
added 2004/12/31 5:0 a.m.15 views

CVE-2004-2172

EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack...

7.5CVSS7.5AI score0.06765EPSS
Exploits1References10
Rows per page
Query Builder