sniffing software vulnerabilities
vulnerabilities.aspcode.net
Searching sniffing software vulnerabilities
Netopia Timbuktu Pro sends user IDs and passwor
passwords
|
cleartext
|
attackers
|
Timbuktu
|
sniffing
|
Netopia
|
allows
|
obtain
|
remote
|
sends
|
which
|
them
|
user
|
Pro
|
via
|
IDs
|
Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing.
NAI Sniffer Agent allows remote attackers to ga
authentication
|
privileges
|
attackers
|
sniffing
|
commands
|
spoofing
|
initial
|
packets
|
Sniffer
|
allows
|
remote
|
Agent
|
gain
|
UDP
|
NAI
|
NAI Sniffer Agent allows remote attackers to gain privileges on the agent by sniffing the initial UDP authentication packets and spoofing commands.
PHP-Nuke 5.1 stores user and administrator pass
administrator
|
privileges
|
passwords
|
attackers
|
stealing
|
sniffing
|
decoding
|
PHP-Nuke
|
base-64
|
encoded
|
stores
|
remote
|
cookie
|
could
|
which
|
allow
|
user
|
gain
|
PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it.
Avaya Argent Office uses weak encryption (trivi
encryption
|
Office
|
Argent
|
Avaya
|
weak
|
uses
|
Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot.
WinVNC 3.3.3 and earlier generates the same cha
WinVNC
|
WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
tinc 1.0pre3 and 1.0pre4 allows remote attacker
replaying
|
attackers
|
sessions
|
sniffing
|
packets
|
inject
|
10pre4
|
allows
|
10pre3
|
remote
|
tinc
|
data
|
into
|
user
|
tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets.
Autogalaxy stores usernames and passwords in cl
authentication
|
unauthorized
|
information
|
Autogalaxy
|
cross-site
|
attackers
|
scripting
|
cleartext
|
passwords
|
usernames
|
sniffing
|
cookies
|
easier
|
access
|
stores
|
obtain
|
remote
|
attack
|
makes
|
which
|
gain
|
via
|
Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.
The Remote Desktop client in Windows XP sends t
cleartext
|
attackers
|
sniffing
|
terminal
|
Desktop
|
account
|
Windows
|
Remote
|
obtain
|
client
|
recent
|
server
|
names
|
allow
|
sends
|
which
|
could
|
most
|
name
|
user
|
via
|
The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing.
Yahoo! Messenger 4.0 sends user passwords in cl
privileges
|
passwords
|
cleartext
|
attackers
|
Messenger
|
sniffing
|
remote
|
users
|
other
|
which
|
sends
|
Yahoo
|
could
|
allow
|
gain
|
user
|
via
|
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing.
Datalex PLC BookIt! Consumer before 2.2 stores
Cross-site
|
privileges
|
plaintext
|
passwords
|
attackers
|
scripting
|
usernames
|
sniffing
|
Consumer
|
attacks
|
Datalex
|
remote
|
BookIt
|
cookie
|
before
|
stores
|
could
|
which
|
allow
|
gain
|
PLC
|
via
|
Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks.
SunPCi II VNC uses a weak authentication scheme
authentication
|
communications
|
attackers
|
encrypted
|
challenge
|
password
|
sniffing
|
scheme
|
random
|
SunPCi
|
obtain
|
remote
|
allows
|
which
|
used
|
uses
|
weak
|
byte
|
VNC
|
key
|
SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.
X-News (x_news) 1.1 and earlier allows attacker
X-News
|
X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie.
Vtun 2.5b1 allows remote attackers to inject da
replaying
|
attackers
|
sniffing
|
sessions
|
packets
|
inject
|
allows
|
remote
|
user
|
25b1
|
Vtun
|
into
|
data
|
Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets.
The DCOM client in Windows 2000 before SP3 does
Windows
|
client
|
DCOM
|
The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.
Telindus 1100 ASDL router running firmware 6.0.
Telindus
|
Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative password.
Kerio Personal Firewall (KPF) 2.1.4 and earlier
Firewall
|
Personal
|
Kerio
|
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server.
Zyxel P681 running ZyNOS Vt020225a contains por
information
|
Vt020225a
|
attackers
|
sensitive
|
portions
|
contains
|
sniffing
|
request
|
network
|
running
|
memory
|
obtain
|
remote
|
allows
|
Zyxel
|
ZyNOS
|
which
|
P681
|
ARP
|
Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remote attackers to obtain sensitive information by sniffing the network.
Six Apart Movable Type 3.16 stores account name
Movable
|
Apart
|
Type
|
Six
|
Six Apart Movable Type 3.16 stores account names and password hashes in a cookie, which allows remote attackers to login to an account by sniffing the cookie.
Abidia (1) O-Anywhere and (2) Abidia Wireless t
Abidia
|
Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing.
Peercast places a cleartext password in a query
information
|
attackers
|
sensitive
|
obtaining
|
cleartext
|
password
|
Peercast
|
sniffing
|
history
|
network
|
browser
|
Referer
|
string
|
obtain
|
places
|
might
|
which
|
query
|
allow
|
Peercast places a cleartext password in a query string, which might allow attackers to obtain sensitive information by sniffing the network, or obtaining Referer or browser history information.
Software vulnerabilities results 1 to 20 of 53
Page:
1
2
3
►