CVE-1999-1072

Excite for Web Servers (EWS) 1.1 is affected by a local-privilege escalation where an attacker who can read Architext.conf (world-readable) can obtain the encrypted password and replay it in an HTTP request to AT-generated.cgi or AT-admin.cgi to gain privileges. Root cause: the password is stored...

CVE-2001-0195

sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking...

iplanet calendar server 5.0p2 exposes Netscape Admin Server master password

at the time of writing, 5.0p2 is the currently available revision on iplanet's download site. the problem: the standard install of iPlanet Calendar server stores the NAS LDAP admin username and password in plaintext in the world readable file: -rw-r--r-- 1 icsuser icsgroup 37882 Feb 20 10:18...

CVE-2001-0195

sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking...

CVE-2000-0164

The installation of Sun Internet Mail Server SIMS creates a world-readable file that allows local users to obtain passwords...

CVE-2000-0552

ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information...

CVE-2000-0552

ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information...

Intel Corporation Shiva Access Manager 5.0 - Solaris World Readable LDAP Password

source: https://www.securityfocus.com/bid/1329/info The Shiva Access Manager is a solution for centralized remote access authentication, authorization, and accounting offered by Intel. It runs on Solaris and Windows NT. Shiva Access Manager is vulnerable to a default configuration problem in its...

CVE-2000-0164

The installation of Sun Internet Mail Server SIMS creates a world-readable file that allows local users to obtain passwords...

CVE-1999-0982

The Sun Web-Based Enterprise Management WBEM installation script stores a password in plaintext in a world readable file...

PT-1999-1502 · Sun · Sun Wbem

Name of the Vulnerable Software and Affected Versions: Sun Web-Based Enterprise Management WBEM affected versions not specified Description: The issue concerns the storage of a password in plaintext within a world-readable file by the Sun Web-Based Enterprise Management WBEM installation script...

CVE-1999-1072

Excite for Web Servers EWS 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi...