Lucene search
K

429 matches found

Cvelist
Cvelist
added 2002/10/25 4:0 a.m.27 views

CVE-2002-0666

IPSEC implementations including 1 FreeS/WAN and 2 KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service kernel panic via spoofed, short Encapsulating Security Payload ESP packets, which result in integer signedness errors...

6.7AI score0.02474EPSS
Exploits0References6
CVE
CVE
added 2002/10/25 4:0 a.m.70 views

CVE-2002-0666

CVE-2002-0666 affects multiple IPsec implementations (notably FreeS/WAN and KAME). The root cause is incorrect calculation of the authentication data length for very small ESP datagrams, which can result in an unsigned integer overflow and cause a kernel panic (remote denial of service). The NVD/...

5CVSS6.7AI score0.02474EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2002/10/23 12:0 a.m.33 views

NetBSD Security Advisory 2002-016: Insufficient length check in ESP authentication data

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2002-016 ================================= Topic: Insufficient length check in ESP authentication data Version: NetBSD-current: source prior to August 23, 2002 NetBSD-1.6 beta: source prior to August 23, 2002 NetBSD-1.5.3: affected...

7.7AI score
Exploits0
CERT
CERT
added 2002/10/17 12:0 a.m.30 views

Multiple IPsec implementations do not adequately validate authentication data

Overview IPsec implementations from multiple vendors do not adequately validate the authentication data in IPsec packets, exposing vulnerable systems to a denial of service. Description For background: RFC 2401 Security Architecture for the Internet Protocol RFC 2402 IP Authentication Header RFC...

5CVSS7AI score0.02474EPSS
Exploits0References4
exploitpack
exploitpack
added 2002/08/19 12:0 a.m.16 views

Kerio MailServer 5.05.1 Web Mail - Multiple Cross-Site Scripting Vulnerabilities

Kerio MailServer 5.05.1 Web Mail - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/5507/info Reportedly, Kerio Mailserver is vulnerable to cross site scripting attacks. The vulnerability is present in Kerio Mailserver's web mail component. An attacker may...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/19 12:0 a.m.44 views

Kerio MailServer 5.0/5.1 Web Mail - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/5507/info Reportedly, Kerio Mailserver is vulnerable to cross site scripting attacks. The vulnerability is present in Kerio Mailserver's web mail component. An attacker may exploit this vulnerability by causing a victim user to follow a malicious link...

7AI score
Exploits0
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.29 views

CVE-2001-0928

Buffer overflow in the permitted function of GNOME gtop daemon libgtopdaemon in libgtop 1.0.13 and earlier may allow remote attackers to execute arbitrary code via long authentication data...

7.8AI score0.06053EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2001/12/31 12:0 a.m.4 views

PT-2001-2621 · Unknown · Autogalaxy

Name of the Vulnerable Software and Affected Versions: Autogalaxy affected versions not specified Description: The issue allows remote attackers to obtain authentication information and gain unauthorized access. This is possible because Autogalaxy stores usernames and passwords in cleartext in...

7.5CVSS6.2AI score0.01355EPSS
Exploits0References5
securityvulns
securityvulns
added 2000/10/16 12:0 a.m.31 views

ALERT: Remote Retrieval Of Authentication Data From Internet Explorer

=====BEGIN-ACROS-REPORT===== ========================================================================= ACROS Security Problem Report 2000-07-22-2-PUB ------------------------------------------------------------------------- Remote Retrieval Of Authentication Data From Internet Explorer...

0.1AI score
Exploits0
Rows per page
Query Builder