| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access. |
| The backup configuration file for Microsoft MN-500 wireless base station stores administrative passwords in plaintext, which allows local users to gain access. |
| Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote attackers to gain privileges. |
| NETGEAR WGT624 Wireless DSL router has a default account of super_username "Gearguy" and super_passwd "Geardog", which allows remote attackers to modify the configuration. NOTE: followup posts have suggested that this might not occur with all WGT624 routers. |
| nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the (1) key.pem or (2) key.der files. |
| Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database. |
| ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords. |
| Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges. |
| hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service. |
| TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files. |
| Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue |
| Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file. |
| NessusWX 1.4.4 stores account passwords in plaintext in .session files, which allows local users to obtain passwords. |
| The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. |
| Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions. |
| FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt the passwords and gain access. |
| TippingPoint IPS running the TippingPoint Operating System (TOS) before 2.2.4.6519 allows remote attackers to "force the device into layer 2 fallback (L2FB)", causing a denial of service (page fault), via a malformed packet. |
| Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information. |
| The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot). |
| message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie. |
