Lucene search
K

8378 matches found

CERT
CERT
added 2001/07/18 12:0 a.m.25 views

Symantec LiveUpdate stores proxy server passwords in plaintext in registry

Overview A vulnerability exists in the way Symantec LiveUpdate stores proxy server passwords which could allow local users to have read access to the key. Description LiveUpdate version 1.5 stores proxy server passwords in clear text in the registry, under...

4.6CVSS6AI score0.00383EPSS
Exploits0References1
securityvulns
securityvulns
added 2001/07/16 12:0 a.m.26 views

ArGoSoft FTP Server 1.2.2.2 Weak password encryption

ArGoSoft FTP Server 1.2.2.2 Weak password encryption AFFECTED SYSTEMS ArGoSoft FTP Server 1.2.2.2 DESCRIPTION ArGoSoft FTP Server 1.2.2.2 for win32 is vulnerable to decryption of the password file. As a matter of fact the programmers are aware of this since they have implemented decryption...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2001/06/19 12:0 a.m.62 views

Multiple Vulnerabilities In AMLServer

Strumpf Noir Society Advisories ! Public release ! -- -= Multiple Vulnerabilities In AMLServer =- Release date: Monday, June 18, 2001 Introduction: Air Messenger LAN Server is a paging gateway server for MS Windows that allows you to send and recieve messages to a paging network over a TCP/IP LAN...

Exploits0
NVD
NVD
added 2001/05/28 4:0 a.m.23 views

CVE-2001-1336

CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges...

7.5CVSS6.8AI score0.01316EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/05/23 12:0 a.m.24 views

SpyAnywhere Authentication Bypassing Vulnerabilities

Strumpf Noir Society Advisories ! Public release ! -- -= SpyAnywhere Authentication Bypassing Vulnerabilities =- Release date: Tuesday, May 22, 2001 Introduction: Spytech's SpyAnywhere application is a remote PC monitoring and administration package for the MS Windows OS. SpyAnywhere can be...

1AI score
Exploits0
securityvulns
securityvulns
added 2001/04/20 12:0 a.m.27 views

CA CCC\Harvest exploit

-= Zero Tolerance Technologies T Security Advisory =- Reference: ZTT-SA01-27032001 Author: Richard Scott, [email protected] Product: Computer Associates' CCCHarvest Source Code control software http://ca.com/products/cccharvest.htm http://ca.com/products/descriptions/cccharvest.pdf...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2001/04/19 12:0 a.m.32 views

iplanet calendar server 5.0p2 exposes Netscape Admin Server master password

at the time of writing, 5.0p2 is the currently available revision on iplanet's download site. the problem: the standard install of iPlanet Calendar server stores the NAS LDAP admin username and password in plaintext in the world readable file: -rw-r--r-- 1 icsuser icsgroup 37882 Feb 20 10:18...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2001/04/07 12:0 a.m.50 views

ccc_harvest.txt

-= Zero Tolerance Technologies T Security Advisory =- Reference: ZTT-SA01-27032001 Author: Richard Scott, [email protected] Product: Computer Associates' CCC\Harvest Source Code control software http://ca.com/products/cccharvest.htm http://ca.com/products/descriptions/cccharvest.pdf...

7.4AI score
Exploits0
CVE
CVE
added 2001/01/22 5:0 a.m.47 views

CVE-2000-1148

The CVE-2000-1148 entry concerns VolanoChatPro server where configuration file permissions are world-readable and administrator passwords are stored in plaintext. This insecure configuration can allow local users to access sensitive credentials and potentially gain privileges on the server. The v...

4.6CVSS7AI score0.00338EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.19 views

CVE-2000-0957

The pluggable authentication module for mysql pammysql before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes...

7.2AI score0.01209EPSS
Exploits0References2
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.18 views

CVE-2000-1148

The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server...

6.6AI score0.00338EPSS
Exploits0References4
CERT
CERT
added 2001/01/10 12:0 a.m.30 views

Seagate Crystal Reports exposes cleartext username/password pairs when embedded in URL or HTTP request

Overview The Seagate Crystal Reports product exposes passwords to back-end databases in certain configurations. In particular, the username and password are transmitted in plaintext from the client browser to the server as part of the URL when using technologies other than Active Server Pages ASP...

7.5AI score
Exploits0References1
NVD
NVD
added 2001/01/09 5:0 a.m.13 views

CVE-2000-1148

The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server...

4.6CVSS6.6AI score0.00338EPSS
Exploits0References4
NVD
NVD
added 2000/12/19 5:0 a.m.10 views

CVE-2000-0954

Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server...

10CVSS6.2AI score0.01851EPSS
Exploits1References3
NVD
NVD
added 2000/12/19 5:0 a.m.9 views

CVE-2000-0957

The pluggable authentication module for mysql pammysql before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes...

7.5CVSS7.2AI score0.01209EPSS
Exploits0References2
NVD
NVD
added 2000/12/11 5:0 a.m.17 views

CVE-2000-1076

Netscape iPlanet Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server...

10CVSS7.1AI score0.01584EPSS
Exploits0References2
Cvelist
Cvelist
added 2000/11/29 5:0 a.m.25 views

CVE-2000-1076

Netscape iPlanet Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server...

7.1AI score0.01584EPSS
Exploits0References2
Cvelist
Cvelist
added 2000/11/29 5:0 a.m.14 views

CVE-2000-0954

Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server...

6.2AI score0.01851EPSS
Exploits1References3
CVE
CVE
added 2000/11/29 5:0 a.m.51 views

CVE-2000-0954

Shambala Server 4.5 stores passwords in plaintext, enabling local users to obtain passwords and compromise the server. The provided documents do not specify remediation or affected versions beyond 4.5; exploitation details are not described.

10CVSS6.6AI score0.01851EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2000/11/29 5:0 a.m.48 views

CVE-2000-1076

Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 store the administrative password in plaintext, enabling local and possibly remote attackers to gain administrative privileges. Affected components are the Certificate Management System and Directory Server; the root c...

10CVSS7.5AI score0.01584EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder