Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2323 | Improper Preservation of Permissions vulnerability in SUN Solaris PC Netlink 1.0/1.1/1.2 Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions. | 7.5 |
2002-12-31 | CVE-2002-2119 | Improper Handling of Case Sensitivity vulnerability in Novell Edirectory 8.6.2/8.7 Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing. | 9.8 |
2002-12-31 | CVE-2002-2070 | Incomplete Cleanup vulnerability in Accessdata Secureclean 3 SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
2002-12-31 | CVE-2002-2069 | Incomplete Cleanup vulnerability in PGP Personal Privacy PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
2002-12-31 | CVE-2002-2068 | Incomplete Cleanup vulnerability in Tolvanen Eraser 5.3 Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
2002-12-31 | CVE-2002-2067 | Incomplete Cleanup vulnerability in East-Tec Eraser 2002 East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
2002-12-31 | CVE-2002-2066 | Incomplete Cleanup vulnerability in Jetico Bcwipe 1.0.7/2.0/2.35.1 BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
2002-12-31 | CVE-2002-2058 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Teekai Tracking Online 1.0 TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | 7.5 |
2002-12-31 | CVE-2002-1975 | Inadequate Encryption Strength vulnerability in Sharp Zaurus Sl-5000D Firmware and Zaurus Sl-5500 Firmware Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods. | 5.5 |
2002-12-31 | CVE-2002-1949 | Cleartext Transmission of Sensitive Information vulnerability in Iomega NAS A300U Firmware The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password. | 7.5 |