|
314011
|
7.8 |
HIGH
Local
|
mckesson
|
pathways_homecare
|
Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2001-1546
|
2024-02-15 01:55 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314012
|
9.8 |
CRITICAL
Network
|
arkeia
|
arkeia
|
Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password g…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2001-0967
|
2024-02-15 01:55 |
2001-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314013
|
7.8 |
HIGH
Local
|
spectrumcu
|
cash_receipting_system
|
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a passw…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2005-4860
|
2024-02-15 01:54 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314014
|
- |
|
plainblack
|
webgui
|
Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm.
|
CWE-94
Code Injection
|
CVE-2005-2837
|
2024-02-15 01:53 |
2005-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314015
|
7.5 |
HIGH
Network
|
vtun_project
|
vtun
|
Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain s…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2002-1697
|
2024-02-15 00:51 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314016
|
5.5 |
MEDIUM
Local
|
mdaemon
|
mdaemon
|
Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2002-1739
|
2024-02-15 00:50 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314017
|
7.5 |
HIGH
Network
|
microsoft
|
sql_server
|
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2002-1872
|
2024-02-15 00:50 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314018
|
7.5 |
HIGH
Network
|
click-2
|
ingenium_learning_management_system
|
Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reversible algorithm), which allows attackers to obtain passwords.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2002-1910
|
2024-02-15 00:50 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314019
|
5.5 |
MEDIUM
Local
|
tata
|
integrated_dialer
|
Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" option is used, stores the password with a weak encryption scheme (one-to-one mapping) in a registry k…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2002-1946
|
2024-02-15 00:50 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314020
|
5.5 |
MEDIUM
Local
|
sharp
|
zaurus_sl-5000d_firmware
zaurus_sl-5500_firmware
|
Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via b…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2002-1975
|
2024-02-15 00:50 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
