8476 matches found
CVE-2002-1491
The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges...
CVE-2001-1098
The CVE-2001-1098 entry applies to Cisco PIX Firewall Manager (PFM) 4.3(2)g. The vulnerability arises because the enable password is stored/logged in plaintext in the pfm.log, potentially allowing local users to read and obtain the enable password. Affected behavior: local access to the password ...
CVE-2002-1479
Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...
CVE-2002-1491
Cisco VPN 5000 Client for macOS before 5.2.2 stores the most recently used login password in plaintext when saving Default Connection settings, enabling local users to potentially gain privileges. Affected: MacOS client; root cause: plaintext storage of MRU password; impact: local privilege eleva...
CVE-2002-1521
CVE-2002-1521 concerns Web Server 4D (WS4D) 3.6 or lower, which stores usernames and passwords in plaintext in the Ws4d.4DD file. The vulnerability enables a local attacker to gain privileges on the affected host by accessing the credential data. OpenVAS entries corroborate the 3.6-era behavior a...
CVE-2002-1530
The CVE concerns SurfControl SuperScout Email Filter, specifically its administrative web interface STEMWADM. A vulnerability in the userlist.asp page allows an attacker to retrieve usernames and plaintext passwords via the user editing form, exposing credential data through the management UI. Th...
CVE-2003-0007
CVE-2003-0007: Microsoft Outlook 2002 fails to properly handle requests to encrypt emails using V1 Exchange Server Security certificates, causing the message to be sent in plaintext. The connected documents corroborate the affected product and the underlying issue as described, but do not provide...
Java Remote Management Platform Plaintext Password Detection
Binary data 4586.prm...
IBM DB2 9.x < 9 Fix Pack 5 Multiple Vulnerabilities
Binary data 4536.prm...
MaxDB WebSQL < 7.5.00.18 Remote Overflow
Binary data 2528.prm...
CVSTrac Database Plaintext Password Storage
The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to .db files that may allow an attacker to gain access to plaintext passwords. Nessus has determined the vulnerability exists on the target simply by looking at...
phpGroupWare Admin/Setup Password Plaintext Cookie Storage
The version of PhpGroupWare installed on the remote host is reported to be affected by a plaintext cookie authentication credentials information disclosure vulnerability. If web administration of PhpGroupWare is not conducted over an encrypted link, an attacker with the ability to sniff network...
CVE-2004-0653
Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pamkrb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files...
MapInfo Discovery 1.01.1 - Remote Log File Access Information Disclosure
MapInfo Discovery 1.01.1 - Remote Log File Access Information Disclosure source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access t...
MapInfo Discovery 1.01.1 - Administrative Authentication Bypass
MapInfo Discovery 1.01.1 - Administrative Authentication Bypass source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to...
MapInfo Discovery 1.01.1 - MapFrame.asp?mapname Cross-Site Scripting
MapInfo Discovery 1.01.1 - MapFrame.asp?mapname Cross-Site Scripting source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to...
MapInfo Discovery 1.01.1 - Cleartext Transmission Credential Disclosure
MapInfo Discovery 1.01.1 - Cleartext Transmission Credential Disclosure source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to...
MapInfo Discovery 1.0/1.1 - Cleartext Transmission Credential Disclosure
source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to potentially sensitive error log information that could aid an attacker ...
MapInfo Discovery 1.0/1.1 - Administrative Authentication Bypass
source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to potentially sensitive error log information that could aid an attacker ...
MapInfo Discovery 1.0/1.1 - 'MapFrame.asp?mapname' Cross-Site Scripting
source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to potentially sensitive error log information that could aid an attacker ...