Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Password
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-1999-0364 |
Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. Published: January 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0394 |
DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. Published: January 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0397 |
The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext. Published: January 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0452 |
A service or application has a backdoor password that was placed there by the developer. Published: January 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0527 |
The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten. Published: January 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0554 |
NFS exports system-critical data to the world, e.g. / or a password file. Published: January 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0564 |
An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled. Published: January 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0570 |
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. Published: January 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-1430 |
PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly accessing the files with a different application, such as Access. Published: January 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-1999-1188 |
mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. Published: December 27, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1277 |
BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password. Published: December 24, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1282 |
RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. Published: December 10, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1280 |
Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file. Published: December 03, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-1072 |
Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi. Published: November 30, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1073 |
Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack. Published: November 30, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1322 |
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. Published: November 12, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0505 |
A Windows NT domain user or administrator account has a guessable password. Published: October 01, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0506 |
A Windows NT domain user or administrator account has a default, null, blank, or missing password. Published: October 01, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1048 |
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory. Published: September 05, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1420 |
NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration. Published: July 20, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |