acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges.
Max CVSS
10.0
EPSS Score
4.76%
Published
2002-12-31
Updated
2008-09-05
Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed (1) source IP address of 127.0.0.1 or (2) network address of 127.0.0.0.
Max CVSS
10.0
EPSS Score
39.41%
Published
2002-12-31
Updated
2008-09-05
Unspecified vulnerability in the bind function in config.inc of aldap 0.09 allows remote attackers to authenticate with Manager permissions.
Max CVSS
10.0
EPSS Score
0.86%
Published
2002-12-31
Updated
2017-07-29
The admin.html file in MySimple News 1.0 stores its administrative password in plaintext, which allows remote attackers to gain unauthorized access to the web server by viewing the source of admin.html.
Max CVSS
7.5
EPSS Score
3.24%
Published
2002-12-31
Updated
2008-09-05
Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative password.
Max CVSS
10.0
EPSS Score
1.94%
Published
2002-12-31
Updated
2008-09-05
SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field.
Max CVSS
10.0
EPSS Score
0.29%
Published
2002-12-31
Updated
2017-07-11
Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access.
Max CVSS
10.0
EPSS Score
1.38%
Published
2002-12-31
Updated
2017-07-11
The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without authentication, including Dynamic Monitoring Services (1) dms0, (2) dms/DMSDump, (3) servlet/DMSDump, (4) servlet/Spy, (5) soap/servlet/Spy, and (6) dms/AggreSpy; and Oracle Java Process Manager (7) oprocmgr-status and (8) oprocmgr-service, which can be used to control Java processes.
Max CVSS
5.0
EPSS Score
94.12%
Published
2002-07-03
Updated
2017-07-11
An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA.
Max CVSS
2.1
EPSS Score
7.17%
Published
2002-08-12
Updated
2020-04-02
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!