Vulnerabilities > Cryptographic Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2303 | Cryptographic Issues vulnerability in 3D3.Com Shopfactory 5.8 3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data. | 7.8 |
| 2001-11-19 | CVE-2001-1463 | Cryptographic Issues vulnerability in Solarwinds Serv-U File Server 3.0.0.17/3.0.0.16 The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote attackers to sniff passwords. | 7.5 |
| 2001-06-27 | CVE-2001-0361 | Cryptographic Issues vulnerability in multiple products Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5. | 4.0 |
| 2001-02-12 | CVE-2001-0103 | Cryptographic Issues vulnerability in Coffeecup Software Coffeecup Direct FTP and Coffeecup Free FTP CoffeeCup Direct and Free FTP clients uses weak encryption to store passwords in the FTPServers.ini file, which could allow attackers to easily decrypt the passwords. | 4.6 |
| 2001-01-18 | CVE-2001-1473 | Cryptographic Issues vulnerability in SSH The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows the attacker to compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target. | 7.5 |
| 2000-06-26 | CVE-2000-0589 | Cryptographic Issues vulnerability in Sawmill 5.0.21 SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration. | 7.5 |