8481 matches found
MapInfo Discovery 1.01.1 - Cleartext Transmission Credential Disclosure
MapInfo Discovery 1.01.1 - Cleartext Transmission Credential Disclosure source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to...
MapInfo Discovery 1.0/1.1 - Cleartext Transmission Credential Disclosure
source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to potentially sensitive error log information that could aid an attacker ...
MapInfo Discovery 1.0/1.1 - Remote Log File Access Information Disclosure
source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to potentially sensitive error log information that could aid an attacker ...
MapInfo Discovery 1.0/1.1 - 'MapFrame.asp?mapname' Cross-Site Scripting
source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to potentially sensitive error log information that could aid an attacker ...
MapInfo Discovery 1.0/1.1 - Administrative Authentication Bypass
source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to potentially sensitive error log information that could aid an attacker ...
MapInfo Discovery 1.01.1 - Administrative Authentication Bypass
MapInfo Discovery 1.01.1 - Administrative Authentication Bypass source: https://www.securityfocus.com/bid/10927/info Multiple remote vulnerabilities are reported in MapInfo Discovery. The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to...
CVE-2004-0653
Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pamkrb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files...
CVE-2004-0653
CVE-2004-0653 affects Solaris 9 when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an auth module with debug enabled. The issue causes passwords to be recorded in plaintext in log files, potentially allowing local users to read others’ passwords by inspec...
CVE-2004-0616
The BT Voyager 2000 Wireless ADSL Router has a default public SNMP community name, which allows remote attackers to obtain sensitive information such as the password, which is stored in plaintext...
CVE-2004-0616
The vulnerability CVE-2004-0616 affects the BT Voyager 2000 Wireless ADSL Router, where a default public SNMP community name allows remote attackers to obtain sensitive information (plaintext password). Root cause: default SNMP community name. Impact: confidentiality is partially affected; exploi...
US Robotics Broadband Router 8003 menu.htm Admin Password Disclosure
The remote host appears to be a US Robotics Broadband router. The device's administrator password is stored as plaintext in a JavaScript function in the file '/menu.htm', which can be viewed by anyone. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: Tue, 8 Jun 2004 13:41:11 +0200...
CVE-2004-1997
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges...
CVE-2004-1758
BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may store the database username and password for an untargeted JDBC connection pool in plaintext in config.xml, which allows local users to gain privileges...
CVE-2004-1852
DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information...
PT-2004-2751 · Solarwinds · Dameware Mini Remote Control
Name of the Vulnerable Software and Affected Versions: DameWare Mini Remote Control versions 3.x through 3.73 DameWare Mini Remote Control versions 4.x through 4.1 Description: The issue allows remote attackers to gain sensitive information because the Blowfish encryption key is transmitted in...
Apache mod_disk_cache stores client authentication credentials on disk
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary: ======== moddiskcache stores all client authentication credentials for cached objects on disk. This means proxy authentication credentials as well as in certain RFC2616 defined cases standard authentication credentials. In case of Basic...
Trillian Pro 2.01 - Design Error
Trillian Pro 2.01 - Design Error Trillian Pro Design Error Vendor: Cerulean Studios Product: Trillian Pro Version: !-- var username; username='plaintextusernamehere'; var password; password='plaintextpasswordhere'; function submit document.getEl...
Trillian Pro < 2.01 - Design Error
Trillian Pro Design Error Vendor: Cerulean Studios Product: Trillian Pro Version: !-- var username; username='plaintextusernamehere'; var password; password='plaintextpasswordhere'; function submit document.getElementById...
ASP Portal - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/9659/info ASP Portal has been reported to be prone to multiple vulnerabilities. The first issue results from a lack of sufficient sanitization performed on user supplied data that is later incorporated into dynamic content. An attacker may reportedly inje...
racoon security association deletion vulnerability
A remote attacker may use specially crafted IKE/ISAKMP messages to cause racoon to delete security associations. This could result in denial-of-service or possibly cause sensitive traffic to be transmitted in plaintext, depending upon configuration...