|
313671
|
- |
|
nrl.navy
|
one-time_passwords_in_everything
|
One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and st…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2001-1483
|
2024-02-15 00:17 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313672
|
- |
|
amtote
|
homebet
|
AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid accoun…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2001-1528
|
2024-02-15 00:17 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313673
|
- |
|
netfilter
|
iptables
|
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2001-1387
|
2024-02-15 00:17 |
2001-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313674
|
- |
|
php
|
php
|
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell…
|
CWE-88
Argument Injection
|
CVE-2001-1246
|
2024-02-15 00:17 |
2001-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313675
|
- |
|
ibm
|
lotus_notes
|
The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring d…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2000-1117
|
2024-02-15 00:16 |
2001-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313676
|
- |
|
gnu
|
cvs
|
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which caus…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2004-0778
|
2024-02-15 00:07 |
2004-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313677
|
- |
|
openssl
openbsd
freebsd
|
openssl
openbsd
freebsd
|
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2003-0078
|
2024-02-15 00:07 |
2003-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313678
|
- |
|
joetesta
|
hellbent
|
Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root's parent, which generates a 403 error …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2002-2094
|
2024-02-15 00:07 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313679
|
- |
|
openbsd
|
openbsd
|
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2002-0514
|
2024-02-15 00:07 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313680
|
- |
|
phildev
|
ipfilter
|
IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2002-0515
|
2024-02-15 00:07 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
