Vulnerabilities > Cryptographic Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1483 | Cryptographic Issues vulnerability in Flashfxp 1.4 FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt the passwords and gain access. | 6.4 |
| 2003-12-31 | CVE-2003-1480 | Cryptographic Issues vulnerability in multiple products MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods. | 4.3 |
| 2003-12-31 | CVE-2003-1447 | Cryptographic Issues vulnerability in IBM Websphere Application Server 4.0.4 IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML. | 1.9 |
| 2003-12-31 | CVE-2003-1392 | Cryptographic Issues vulnerability in multiple products CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data. | 6.6 |
| 2003-12-31 | CVE-2003-1391 | Cryptographic Issues vulnerability in Research Triangle Software Cryptobuddy 1.0/1.2 RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predictable keys, which makes it easier for attackers to guess the passphrase. | 7.5 |
| 2003-12-31 | CVE-2003-1390 | Cryptographic Issues vulnerability in Research Triangle Software Cryptobuddy 1.0/1.2 RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, which makes it easier for local users to guess the passphrase. | 7.5 |
| 2003-12-31 | CVE-2003-1389 | Cryptographic Issues vulnerability in Research Triangle Software Cryptobuddy 1.0/1.2 RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks. | 7.5 |
| 2003-12-31 | CVE-2003-1344 | Cryptographic Issues vulnerability in Trend Micro Virus Control System Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. | 5.0 |
| 2003-08-27 | CVE-2003-0512 | Cryptographic Issues vulnerability in Cisco IOS Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge. | 5.0 |
| 2002-12-31 | CVE-2002-2326 | Cryptographic Issues vulnerability in Apple mac OS X The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic. | 5.0 |