Vulnerabilities > Credentials Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2355 | Credentials Management vulnerability in Netgear Fm114P Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information. | 7.1 |
| 2002-12-31 | CVE-2002-2345 | Credentials Management vulnerability in Oracle Application Server 9.0.2 Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access. | 7.5 |
| 2002-12-31 | CVE-2002-2310 | Credentials Management vulnerability in Kryptronic Clickcartpro 4.0 ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords. | 5.0 |
| 2002-12-31 | CVE-2002-2301 | Credentials Management vulnerability in Lawson Software Lawson Financials 8.0 Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database. | 3.3 |
| 2002-12-31 | CVE-2002-2290 | Credentials Management vulnerability in Mambo Site Server 4.0.11 Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote attackers to gain privileges. | 10.0 |
| 1997-09-15 | CVE-1999-1214 | Credentials Management vulnerability in multiple products The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | 2.1 |