A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
Max CVSS
5.9
EPSS Score
0.10%
Published
2023-11-28
Updated
2024-02-09
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Max CVSS
5.0
EPSS Score
0.52%
Published
2005-12-31
Updated
2018-10-19
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
Max CVSS
5.0
EPSS Score
1.28%
Published
2005-12-31
Updated
2018-10-19
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
Max CVSS
5.0
EPSS Score
1.06%
Published
2004-10-18
Updated
2017-10-11
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
Max CVSS
5.0
EPSS Score
0.25%
Published
2004-11-23
Updated
2024-02-15
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Max CVSS
5.0
EPSS Score
0.26%
Published
2004-11-23
Updated
2021-11-08
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.
Max CVSS
5.0
EPSS Score
0.89%
Published
2003-08-27
Updated
2017-10-11
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.45%
Published
2003-08-27
Updated
2017-10-11
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
Max CVSS
5.0
EPSS Score
0.25%
Published
2003-08-27
Updated
2017-10-11
The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.
Max CVSS
5.0
EPSS Score
4.51%
Published
2003-06-16
Updated
2017-10-11
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
Max CVSS
5.0
EPSS Score
2.82%
Published
2003-06-16
Updated
2017-10-11
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
Max CVSS
5.0
EPSS Score
4.07%
Published
2002-11-04
Updated
2016-10-18

CVE-2001-1013

Public exploit
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
Max CVSS
5.0
EPSS Score
3.63%
Published
2001-09-12
Updated
2017-12-19
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
Max CVSS
5.0
EPSS Score
2.42%
Published
2001-07-16
Updated
2017-10-10
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.
Max CVSS
5.0
EPSS Score
0.20%
Published
2001-12-06
Updated
2017-10-10
TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.
Max CVSS
5.0
EPSS Score
4.52%
Published
2001-12-06
Updated
2018-05-03
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.
Max CVSS
5.0
EPSS Score
0.28%
Published
2001-06-02
Updated
2017-10-10
pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
Max CVSS
5.0
EPSS Score
0.82%
Published
2000-07-27
Updated
2017-10-10
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
Max CVSS
5.0
EPSS Score
1.16%
Published
1994-12-19
Updated
2017-10-10
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.
Max CVSS
5.0
EPSS Score
0.27%
Published
1999-12-03
Updated
2008-09-10
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
Max CVSS
5.0
EPSS Score
0.28%
Published
2001-03-12
Updated
2016-10-18
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
Max CVSS
5.0
EPSS Score
0.26%
Published
2001-03-12
Updated
2016-10-18
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
Max CVSS
5.0
EPSS Score
0.34%
Published
2000-03-27
Updated
2008-09-10
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
Max CVSS
5.0
EPSS Score
0.04%
Published
1999-12-08
Updated
2008-09-09
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
Max CVSS
5.0
EPSS Score
0.18%
Published
1999-06-01
Updated
2008-09-09
26 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!