Vulnerabilities > Kiwi Enterprises > Kiwi Cattools
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-12 | CVE-2007-0889 | Information Disclosure vulnerability in Kiwi Cattools Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. | 4.6 |
2007-02-12 | CVE-2007-0888 | Directory Traversal vulnerability in Kiwi CatTools TFTP Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remote attackers to read arbitrary files, and upload files to arbitrary locations, via ..// (dot dot) sequences in the pathname argument to an FTP (1) GET or (2) PUT command. | 10.0 |