CVE-2000-0300
published 2000-04-06CVE-2000-0300: The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
PriorityP335critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
5.89%
92.3th percentile
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| symantec | pcanywhere | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Cisco VPN Client - Integer Overflow Denial of Service
exploitdb·2009-11-21
CVE-2009-4118 Cisco VPN Client - Integer Overflow Denial of Service
Cisco VPN Client - Integer Overflow Denial of Service
---
/*
Cisco VPN client version 5.0.03.0560
Cisco VPN client Version 5.0.04.0300
Cisco VPN client Version 5.0.05.0290
Cisco VPN client Version 4.8.02.0010
*/
/*
* Cisco VPN Client 0day Integer overflow (DOS) Proof Of Concept Code
*
* By Alex Hernandez aka alt3kx (c) November 2009
*
* This POC is only for test. If an application read a malformed chars
* file like this POC, the application will be crashed.
*
* We tested this code on:
*
* Windows Vista Bussines SP1 Spanish
* Windows Vista Home Premium SP1 English
* Windows 2000 Server English
* Windows XP Professional SP3
*
* Cisco VPN client version 5.0.03.0560
* Cisco VPN client Version 5.0.04.0300
* Cisco VPN client Version 5.0.05.0290
* Cisco VPN client Version 4.8.02.0010
*
* Compi
Exploit-DB
GNUJSP 1.0 - File Disclosure
exploitdb·2002-02-19
CVE-2002-0300 GNUJSP 1.0 - File Disclosure
GNUJSP 1.0 - File Disclosure
---
source: https://www.securityfocus.com/bid/4125/info
GNUJSP is a freely available, open-source implementation of Sun's Java Server Pages. It will run on most Unix and Linux variants, as well as Microsoft Windows NT/2000 operating systems.
It has been reported that a remote attacker may disclose the contents of directories via a specially crafted web request. This may be exploited to list directories, read the contents of arbitrary web-readable files, and disclose script source code. The attacker simply appends the name of the directory and/or file to be disclosed to a web request for /servlets/gnujsp/.
It should be noted that this may allow an attacker to circumvent .htaccess files.
This issue may be the result of a configuration error.
http://site/se
Exploit-DB
Symantec pcAnywhere 9.0 - Weak Encryption
exploitdb·2000-04-06
CVE-2000-0300 Symantec pcAnywhere 9.0 - Weak Encryption
Symantec pcAnywhere 9.0 - Weak Encryption
---
// source: https://www.securityfocus.com/bid/1093/info
Symantec pcAnywhere is shipped by default with a weak encryption scheme that is used to encrypt username and password transmittal. Therefore, usernames and password can be retrieved by anyone sniffing the network in between the host computer running pcAnywhere and the NT domain controller.
Users of pcAnywhere can be authenticated with their NT domain username and password. In this case, the weakly encrypted transmitted authentication would be transmitted domain wide.
#include
#include
void main() {
char password[128];
char cleartext[128];
int i;
// input the sniffed hex values here
// Encrypted example of the 'aaaaa' password
password[0]=0xca;
password[1]=0xab;
password[2]=0xcb;
pas
No writeups or analysis indexed.
2000-04-06
Published