Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Password
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-1999-1533 |
Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service. Published: November 07, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0896 |
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password. Published: November 04, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-1077 |
Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock. Published: November 01, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1076 |
Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session. Published: October 26, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0884 |
The Zeus web server administrative interface uses weak encryption for its passwords. Published: October 25, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0944 |
IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections. Published: October 24, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0902 |
ypserv allows local administrators to modify password tables. Published: October 23, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1344 |
Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf configuration file. Published: October 05, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-1454 |
Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key. Published: October 04, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1236 |
Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf. Published: October 01, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0932 |
Mediahouse Statistics Server allows remote attackers to read the administrator password, which is stored in cleartext in the ss.cfg file. Published: September 30, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0953 |
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers. Published: September 16, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0954 |
WWWBoard has a default username and default password. Published: September 16, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-1353 |
Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrator password in the AdmPasswd registry key, and (2) user passwords in the Userbase.dbf data file, which could allow local users to gain privileges. Published: September 07, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1562 |
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file. Published: September 05, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1354 |
E-mail client in Softarc FirstClass Internet Server 5.506 and earlier stores usernames and passwords in cleartext in the files (1) home.fc for version 5.506, (2) network.fc for version 3.5, or (3) FCCLIENT.LOG when logging is enabled. Published: August 30, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1235 |
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. Published: August 25, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1561 |
Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server. Published: August 20, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0741 |
QMS CrownNet Unix Utilities for 2060 allows root to log on without a password. Published: August 19, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-1524 |
FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port. Published: August 07, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |