1654 matches found
CVE-1999-1497
Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts...
CVE-1999-1540
shell-lock in Cactus Software Shell Lock uses weak encryption trivial encoding which allows attackers to easily decrypt and obtain the source code...
CVE-1999-1271
CVE-1999-1271 concerns Macromedia Dreamweaver, where credentials for FTP are stored with weak encryption. The root cause is weak encryption that enables local users to decrypt other users’ FTP passwords. The entry provides a high-level impact on confidentiality (partial) but does not specify affe...
CVE-1999-1101
CVE-1999-1101 concerns the Kabsoftware Lydia utility, which stores user passwords in the lydia.ini file using weak encryption. This storage method allows local users to decrypt the passwords and potentially gain privileges. The root cause, as described, is the weak encryption used for password st...
CVE-1999-1078
The CVE applies to Ipswitch WS_FTP Pro (6.0) where passwords are stored with weak encryption in initialization files. This enables a remote attacker to decrypt stored passwords and potentially gain privileges. OpenVAS and Nessus entries corroborate weak stored password issues in WS_FTP Pro/Client...
CVE-1999-1540
CVE-1999-1540 affects Cactus Software Shell Lock, where weak encryption (trivial encoding) enables local attackers to decrypt and obtain the source code. According to NVD, the baseline impact is Partial confidentiality with no integrity or availability impact, and the exploit is local with low ov...
CVE-1999-1049
ARCserve NT agents authenticate using a weak XOR scheme for passwords. The vulnerability allows remote attackers to sniff the authentication request sent to port 6050 and decrypt the password, leading to potential unauthorized access and confidentiality/ integrity impact as described in the CVE e...
CVE-1999-1078
WSFTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges...
CVE-1999-1543
MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File...
CVE-1999-1366
Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail...
CVE-1999-1101
Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges...
CVE-1999-1049
ARCserve NT agents use weak encryption XOR for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password...
CVE-1999-1271
Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users...
CVE-2001-1005
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user password in a registry key, which allows attackers who have access to the registry key to decrypt the password and gain privileges...
CVE-2001-0983
UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges...
CVE-2001-1003
Respondus 1.1.2 for WebCT uses weak encryption to remember usernames and passwords, which allows local users who can read the WEBCT.SVR file to decrypt the passwords and gain additional privileges...
Слабое шифрование паролей в Respondus (weak encryption)
Для хранения паролей исопльзуется xor с константной строкой...
Respondus v1.1.2 stores passwords using weak encryption
Respondus Version 1.1.2 7-26-2001 stores passwords using weak encryption. Synopsis: If you have Respondus remember your userid and password it will store them in the WEBCT.SVR file in the "Respondus Projects" directory. The information is "encrypted" by taking the ASCII value of each password...
UltraEdit 8.2 - FTP Client Weak Password Encryption
UltraEdit 8.2 - FTP Client Weak Password Encryption source: https://www.securityfocus.com/bid/3234/info UltraEdit is a multi-featured commercial text editor with support for HTML, C/C++, VB, Java, Perl, XML, and C. It also includes a hex editor and a small FTP client. UltraEdit's FTP client has a...
UltraEdit 8.2 - FTP Client Weak Password Encryption
source: https://www.securityfocus.com/bid/3234/info UltraEdit is a multi-featured commercial text editor with support for HTML, C/C++, VB, Java, Perl, XML, and C. It also includes a hex editor and a small FTP client. UltraEdit's FTP client has a feature which will remember FTP passwords for later...