Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2002-12-31 CVE-2002-2323 Improper Preservation of Permissions vulnerability in SUN Solaris PC Netlink 1.0/1.1/1.2
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions.
network
low complexity
sun CWE-281
7.5
2002-12-31 CVE-2002-2119 Improper Handling of Case Sensitivity vulnerability in Novell Edirectory 8.6.2/8.7
Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.
network
low complexity
novell CWE-178
critical
9.8
2002-12-31 CVE-2002-2070 Incomplete Cleanup vulnerability in Accessdata Secureclean 3
SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
network
low complexity
accessdata CWE-459
7.5
2002-12-31 CVE-2002-2069 Incomplete Cleanup vulnerability in PGP Personal Privacy
PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
network
low complexity
pgp CWE-459
7.5
2002-12-31 CVE-2002-2068 Incomplete Cleanup vulnerability in Tolvanen Eraser 5.3
Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
network
low complexity
tolvanen CWE-459
7.5
2002-12-31 CVE-2002-2067 Incomplete Cleanup vulnerability in East-Tec Eraser 2002
East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
network
low complexity
east-tec CWE-459
7.5
2002-12-31 CVE-2002-2066 Incomplete Cleanup vulnerability in Jetico Bcwipe 1.0.7/2.0/2.35.1
BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
network
low complexity
jetico CWE-459
7.5
2002-12-31 CVE-2002-2058 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Teekai Tracking Online 1.0
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'.
network
low complexity
teekai CWE-327
7.5
2002-12-31 CVE-2002-1975 Inadequate Encryption Strength vulnerability in Sharp Zaurus Sl-5000D Firmware and Zaurus Sl-5500 Firmware
Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods.
local
low complexity
sharp CWE-326
5.5
2002-12-31 CVE-2002-1949 Cleartext Transmission of Sensitive Information vulnerability in Iomega NAS A300U Firmware
The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password.
network
low complexity
iomega CWE-319
7.5