SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote attackers to guess portions of user passwords by replaying user sessions with certain modifications, which trigger different messages depending on whether the guess is correct or not.
Max CVSS
7.5
EPSS Score
0.40%
Published
2001-01-18
Updated
2017-07-11
SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated.
Max CVSS
7.5
EPSS Score
0.55%
Published
2001-01-18
Updated
2017-07-11
SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
Max CVSS
5.0
EPSS Score
0.30%
Published
2001-01-18
Updated
2017-07-11
The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows the attacker to compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target.
Max CVSS
7.5
EPSS Score
0.26%
Published
2001-01-18
Updated
2017-07-11
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
Max CVSS
5.0
EPSS Score
0.30%
Published
2001-01-18
Updated
2017-07-11
The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
Max CVSS
5.0
EPSS Score
0.25%
Published
2001-01-18
Updated
2017-07-11
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.
Max CVSS
7.5
EPSS Score
0.93%
Published
2001-01-10
Updated
2017-07-11
Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password.
Max CVSS
4.6
EPSS Score
0.24%
Published
2001-01-18
Updated
2017-07-11
WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
Max CVSS
7.5
EPSS Score
0.62%
Published
2001-01-23
Updated
2017-07-11
Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags.
Max CVSS
5.1
EPSS Score
0.52%
Published
2001-01-18
Updated
2008-09-05
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
Max CVSS
5.0
EPSS Score
0.33%
Published
2001-01-12
Updated
2016-10-18
MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
Max CVSS
7.2
EPSS Score
0.16%
Published
2001-01-19
Updated
2019-10-07
Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
Max CVSS
7.5
EPSS Score
1.18%
Published
2001-01-23
Updated
2019-10-07
Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
Max CVSS
7.5
EPSS Score
2.81%
Published
2001-01-11
Updated
2017-12-19
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-01-08
Updated
2018-10-30
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
Max CVSS
4.6
EPSS Score
0.34%
Published
2001-01-01
Updated
2008-09-05
WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
Max CVSS
7.5
EPSS Score
1.24%
Published
2001-01-01
Updated
2023-12-15
Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks.
Max CVSS
5.0
EPSS Score
0.80%
Published
2001-01-01
Updated
2008-09-05
Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector (IV) values for the Wireless Encryption Protocol (WEP) which allows remote attackers to quickly compile information that will let them decrypt messages.
Max CVSS
5.0
EPSS Score
0.90%
Published
2001-01-01
Updated
2008-09-05
Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.
Max CVSS
7.2
EPSS Score
0.06%
Published
2001-01-09
Updated
2017-10-10
Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter.
Max CVSS
5.0
EPSS Score
0.77%
Published
2001-01-09
Updated
2008-09-10
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
Max CVSS
7.5
EPSS Score
0.94%
Published
2001-01-09
Updated
2017-10-10
Buffer overflow in phf CGI program allows remote attackers to execute arbitrary commands by specifying a large number of arguments and including a long MIME header.
Max CVSS
7.5
EPSS Score
0.72%
Published
2001-01-09
Updated
2017-12-19
The telnet proxy in RideWay PN proxy server allows remote attackers to cause a denial of service via a flood of connections that contain malformed requests.
Max CVSS
5.0
EPSS Score
0.28%
Published
2001-01-09
Updated
2008-09-05
telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file.
Max CVSS
5.0
EPSS Score
0.84%
Published
2001-01-09
Updated
2017-10-10
130 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!