Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2068 | Incomplete Cleanup vulnerability in Tolvanen Eraser 5.3 Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
| 2002-12-31 | CVE-2002-2067 | Incomplete Cleanup vulnerability in East-Tec Eraser 2002 East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
| 2002-12-31 | CVE-2002-2066 | Incomplete Cleanup vulnerability in Jetico Bcwipe 1.0.7/2.0/2.35.1 BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
| 2002-12-31 | CVE-2002-2058 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Teekai Tracking Online 1.0 TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | 7.5 |
| 2002-12-31 | CVE-2002-1975 | Inadequate Encryption Strength vulnerability in Sharp Zaurus Sl-5000D Firmware and Zaurus Sl-5500 Firmware Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods. | 5.5 |
| 2002-12-31 | CVE-2002-1949 | Cleartext Transmission of Sensitive Information vulnerability in Iomega NAS A300U Firmware The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password. | 7.5 |
| 2002-12-31 | CVE-2002-1946 | Inadequate Encryption Strength vulnerability in Tata Integrated Dialer 1.2.000 Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" option is used, stores the password with a weak encryption scheme (one-to-one mapping) in a registry key, which allows local users to obtain and decrypt the password. | 5.5 |
| 2002-12-31 | CVE-2002-1915 | Improper Locking vulnerability in multiple products tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | 5.5 |
| 2002-12-31 | CVE-2002-1914 | Improper Locking vulnerability in Dump Project Dump 0.4 dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file. | 5.5 |
| 2002-12-31 | CVE-2002-1912 | NULL Pointer Dereference vulnerability in Skystream Emr5000 1.16/1.17/1.18 SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets. | 7.5 |