Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-1915 | Improper Locking vulnerability in multiple products tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | 5.5 |
| 2002-12-31 | CVE-2002-1914 | Improper Locking vulnerability in Dump Project Dump 0.4 dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file. | 5.5 |
| 2002-12-31 | CVE-2002-1739 | Inadequate Encryption Strength vulnerability in Mdaemon 5.0/5.0.6 Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords. | 5.5 |
| 2002-12-31 | CVE-2002-1713 | Incorrect Default Permissions vulnerability in Mandrakesoft Mandrake Linux 8.2 The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. | 5.5 |
| 2002-12-31 | CVE-2002-1696 | Cleartext Storage of Sensitive Information vulnerability in PGP Personal Privacy 7.0/7.0.3/7.0.4 Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted message. | 5.5 |
| 2002-12-31 | CVE-2002-1682 | Inadequate Encryption Strength vulnerability in Daansystems Newsreactor 1.0 NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts. | 5.5 |
| 2002-09-05 | CVE-2002-0725 | Link Following vulnerability in Microsoft Windows 2000 and Windows NT NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file. | 5.5 |
| 2002-08-12 | CVE-2002-0793 | Link Following vulnerability in Blackberry QNX Neutrino Real-Time Operating System 4.25 Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility. | 5.5 |
| 2002-08-12 | CVE-2002-0788 | Incomplete Cleanup vulnerability in PGP Corporate Desktop, Freeware and Personal Security An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information. | 5.5 |
| 2001-12-31 | CVE-2001-1559 | NULL Pointer Dereference vulnerability in Openbsd 2.9/3.0 The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference. | 5.5 |