Searching reading software vulnerabilities

BackWeb client stores the username and password

authentication | Communication | privileges | cleartext | registry | username | password | BackWeb | reading | client | stores | other | local | users | which | proxy | allow | could | gain | key |

BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password.


Linux 2.1.132 and earlier allows local users to

Linux |

Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.


SunOS 4.1.4 on a Sparc 20 machine allows local

SunOS |

SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.


ProFTPd 1.2 compiled with the mod_sqlpw module

privileges | passwords | mod_sqlpw | compiled | reading | command | ProFTPd | records | allows | obtain | module | users | local | which | wtmp | last | user | file | gain | log | via |

ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.


Windows NT 4.0 and Windows 2000 hosts allow rem

Windows |

Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.


GuildFTPd 0.9.7 stores user names and passwords

GuildFTPd |

GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file.


Bugzilla before 2.14 includes the username and

Bugzilla | before |

Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar.


Nevrona Designs MiraMail 1.04 and earlier store

MiraMail | Designs | Nevrona |

Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file.


Legato NetWorker 6.1 stores passwords in plaint

privileges | plaintext | daemonlog | passwords | NetWorker | password | reading | Legato | allows | stores | users | which | local | file | gain |

Legato NetWorker 6.1 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file.


The XMLHttpRequest object (XMLHTTP) in Netscape

XMLHttpRequest | object |

The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.


eUpload 1.0 stores the password.txt password fi

passwordtxt | attackers | plaintext | overwrite | arbitrary | document | password | eUpload | reading | remote | stores | allows | files | under | which | root | file | web |

eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt.


The syssgi SGI_IOPROBE system call in IRIX 6.5.

SGI_IOPROBE | system | syssgi | IRIX | call |

The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory.


Keene Digital Media Server 1.0.2 allows local u

Digital | Server | Media | Keene |

Keene Digital Media Server 1.0.2 allows local users to obtain usernames and passwords by reading the dmscore.db file on the local system.


Gyach Enhanced (Gyach-E) before 1.0.0 stores pa

Enhanced | Gyach |

Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file.


zhcon before 0.2 does not drop privileges befor

configuration | privileges | arbitrary | reading | allows | before | files | which | users | local | zhcon | read | does | drop | file | user | not |

zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files.


The SQL install script in phpMyAdmin 2.6.2 is c

phpMyAdmin | install | script | SQL |

The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script.


The iManager in eMBoxClient.jar in Novell eDire

eMBoxClientjar | eDirectory | iManager | Novell |

The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log file, which allows local users to obtain passwords by reading the file.


AuditWizard 6.3.2, when using "Remote Audit," l

AuditWizard |

AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file.


Conti FTPServer 1.0 Build 2.8 stores user passw

MyServerSettingsini | information | passwords | cleartext | sensitive | FTPServer | reading | allows | obtain | stores | users | Conti | Build | local | which | file | user |

Conti FTPServer 1.0 Build 2.8 stores user passwords in cleartext in MyServerSettings.ini, which allows local users to obtain sensitive information by reading this file.


PHPDirector 0.21 and earlier stores the admin a

PHPDirector |

PHPDirector 0.21 and earlier stores the admin account name and password in config.php, which allows local users to gain privileges by reading this file.


Software vulnerabilities results 1 to 20 of 101     
Page: 123456