Default Password (guest) for 'guest' Account

The account 'guest' has the password 'guest' set. An attacker may use this to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "guest"; password = "guest"; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11256;...

Unpassworded '4Dgifts' Account

The account '4Dgifts' has no password set. An attacker may use it to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11243; scriptversion"1.37";...

Unpassworded 'EZsetup' Account

The account 'EZsetup' has no password set. An attacker may use it to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "EZsetup"; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11241; scriptversion"1.36";...

Unpassworded 'StoogR' Account

The account 'StoogR' has no password set. An attacker may use this to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "StoogR"; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11259; scriptversion"1.35";...

Unpassworded 'backdoor' Account

The account 'backdoor' has no password set. An attacker may use it to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11250; scriptversion"1.37";...

OpenVMS weak passwords

Llimit character set, case insensitivity and fast encryption algorythm allow password bruteforcing...

CVE-2002-0939

The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user module protection only...

CVE-2002-0940

domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user module protection only...

security flaw

Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via 1 GetRequest, 2 GetNextRequest, and 3 SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly...

CVE-2002-0939

The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user module protection only...

CVE-2002-0940

domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user module protection only...

CVE-2002-0940

This CVE concerns domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54, where the software does not use Operator Card Set protected keys when the user requests them if the Operator Card Set has not been generated. The outcome is a lower protection level than the user-specified module protecti...

CVE-2002-0939

The CVE applies to the Install Wizard for nCipher MSCAPI CSP 5.50. The issue is that when a user requests Operator Card Set protected keys but does not actually generate the Operator Card Set, the wizard ends up using only module protection rather than the higher protection level that the user in...

DEBIAN-CVE-2002-0740

Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d SPOOLDIR argument...

nCipher Advisory #3: MSCAPI keys erroneously module-protected - update

nCipher Security Advisory No. 3 | Windows 2000 keys unexpectedly only module-protected | ==================================================== | | UPDATED - VERSION 2 | Changes are marked with |' at the right. | | | SUMMARY ======= In certain circumstances, the nCipher MSCAPI CSP Install Wizard...

CVE-2001-0488

This CVE concerns HP-UX 10.x where the pcltotiff utility has setgid permissions (sgid bin) to read fonts, allowing local users to cause denial of service. The root cause is insecure sgid settings on /opt/sharedprint/bin/pcltotiff, as described in HP advisory HPSBUX0104-149. Impact is local DoS; n...

CVE-1999-1413

Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg...

CVE-1999-1413

Solaris 2.4 before patching, prior to the kernel jumbo patch -35, is vulnerable. Set-gid programs can dump core even if the real user is not in the set-gid group, enabling local privilege escalation through a core dump (e.g., via dmesg). The connected documents confirm the vulnerability details; ...

CVE-1999-1413

Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg...

Переполнения буфера в утилитах Caldera Open Unix (buffer overflow)

Переполнения буфера во многих suid-утилитах...