|
314031
|
- |
|
openssl
openbsd
freebsd
|
openssl
openbsd
freebsd
|
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2003-0078
|
2024-02-15 00:07 |
2003-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314032
|
- |
|
joetesta
|
hellbent
|
Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root's parent, which generates a 403 error …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2002-2094
|
2024-02-15 00:07 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314033
|
- |
|
openbsd
|
openbsd
|
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2002-0514
|
2024-02-15 00:07 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314034
|
- |
|
phildev
|
ipfilter
|
IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2002-0515
|
2024-02-15 00:07 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314035
|
- |
|
network.associates
|
pgpfire
|
PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2002-0208
|
2024-02-15 00:00 |
2002-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314036
|
- |
|
woppoware
|
postmaster
|
The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernam…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2005-1650
|
2024-02-14 23:43 |
2005-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314037
|
- |
|
yabbforumsoftware
|
yet_another_bulletin_board
|
YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier for remote attackers to identify valid users and conduct a brute force password guessing attack.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2004-0294
|
2024-02-14 23:32 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314038
|
- |
|
ibm
|
aix
|
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2004-0243
|
2024-02-14 23:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314039
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Rejected reason: Do not use this CVE as it is duplicate of CVE-2023-6932
|
-
|
CVE-2024-0584
|
2024-02-14 15:15 |
2024-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314040
|
7.8 |
HIGH
Local
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2023-42915
|
2024-02-14 12:15 |
2024-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
