Searching makes software vulnerabilities

Excite for Web Servers (EWS) 1.1 records the fi

Servers | Excite | Web |

Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack.


The POP3 server in FTGate returns an -ERR code

usernames | receiving | attackers | determine | guessing | password | conduct | request | invalid | returns | remote | easier | FTGate | server | brute | force | valid | after | which | makes | -ERR | POP3 | USER | code |

The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing.


Cisco 340-series Aironet access point using fir

340-series | firmware | Aironet | access | Cisco | using | point |

Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks.


PHP-Nuke 5.2 allows remote attackers to copy an

casefilemanagerphp | attackers | arbitrary | $PHP_SELF | variable | argument | adminphp | PHP-Nuke | calling | instead | allows | called | appear | remote | delete | files | being | which | makes | user | sets | copy |

PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.


Knox Arkeia server 4.2, and possibly other vers

encrypting | passwords | versions | constant | possibly | server | Arkeia | other | using | uses | Knox | salt |

Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password guessing.


Beck IPC GmbH IPC@CHIP telnet service does not

disconnect | passwords | attackers | guessing | password | IPC@CHIP | entered | conduct | attacks | service | easier | remote | telnet | brute | users | force | delay | which | makes | GmbH | does | Beck | IPC | bad | not |

Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad passwords are entered, which makes it easier for remote attackers to conduct brute force password guessing attacks.


Dallas Semiconductor iButton DS1991 returns pre

Semiconductor | predictable | dictionary | incorrect | physical | password | against | conduct | attacks | returns | iButton | DS1991 | access | Dallas | device | values | easier | which | given | users | makes |

Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password.


Autogalaxy stores usernames and passwords in cl

authentication | unauthorized | information | Autogalaxy | cross-site | attackers | scripting | cleartext | passwords | usernames | sniffing | cookies | easier | access | stores | obtain | remote | attack | makes | which | gain | via |

Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.


VPN Server module in Linksys EtherFast BEFVP41

EtherFast | Cable/DSL | BEFVP41 | Linksys | before | Router | Server | module | VPN |

VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.


The Telnet service for Polycom ViewStation befo

ViewStation | Polycom | service | before | Telnet |

The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.


Thomas Hauck Jana Server 2.x through 2.2.1, and

through | Server | Thomas | Hauck | Jana |

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.


The POP3 service for WebEasyMail 3.4.2.2 and ea

WebEasyMail | service | POP3 |

The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks.


PostgreSQL uses the username for a salt when ge

generating | PostgreSQL | passwords | attackers | username | easier | remote | attack | force | brute | guess | which | makes | uses | salt | via |

PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.


Sharp Zaurus PDA SL-5000D and SL-5500 uses a sa

screen-locking | Securityconf | password | SL-5000D | encrypt | methods | SL-5500 | stored | easier | Zaurus | makes | which | local | users | force | Sharp | guess | brute | salt | uses | "A0" | file | via | PDA |

Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods.


Novell eDirectory 8.6.2 and 8.7 use case insens

eDirectory | Novell |

Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.


Novell iChain 2.2 before Support Pack 1 uses a

non-existent | usernames | attackers | password | guessing | timeout | conduct | Support | shorter | remote | easier | Novell | before | iChain | brute | force | guess | valid | which | makes | uses | Pack | than | user |

Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing.


Perl 5.8.1 on Fedora Core does not properly ini

Perl |

Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.


The PPTP server in Astaro Security Linux before

Security | before | Astaro | server | Linux | PPTP |

The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks.


The default configuration of WebAPP before 0.9.

configuration | default | before | WebAPP |

The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of "no," which makes it easier for automated programs to submit false data.


eXtremail 2.1.1 and earlier does not verify the

eXtremail |

eXtremail 2.1.1 and earlier does not verify the ID field (aka transaction id) in DNS responses, which makes it easier for remote attackers to conduct DNS spoofing.


Software vulnerabilities results 1 to 20 of 126     
Page: 12345...7