CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4652 matches found

securityvulns•added 2002/11/11 12:0 a.m.•29 views

GLSA: kgpg

0.1AI score

Exploits0

OSV•added 2002/10/17 12:0 a.m.•20 views

pam - serious security violation

A serious security violation in PAM was discovered. Disabled passwords i.e. those with '' in the password file were classified as empty password and access to such accounts is granted through the regular login procedure getty, telnet, ssh. This works for all such accounts whose shell field in the...

7.5CVSS1.1AI score0.02426EPSS

Exploits0

OSV•added 2002/08/06 12:0 a.m.•17 views

DSA-144 wwwoffle - improper input handling

Bulletin has no description...

7.5CVSS6.2AI score0.04052EPSS

Exploits0

securityvulns•added 2002/07/24 12:0 a.m.•32 views

pine DoS

Empty boundary field causes pine to crash...

1.8AI score

Exploits0References1Affected Software1

Cvelist•added 2002/06/25 4:0 a.m.•23 views

CVE-2001-1132

Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication...

6.8AI score0.02522EPSS

Exploits0References3

NVD•added 2002/05/31 4:0 a.m.•12 views

CVE-2002-0286

The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to adduser.php, which causes GetPassword to produce and compare a blank password for the...

7.5CVSS7.1AI score0.01571EPSS

Exploits0References3

Cvelist•added 2002/05/03 4:0 a.m.•15 views

CVE-2002-0286

7.1AI score0.01571EPSS

Exploits0References3

Positive Technologies•added 2002/05/03 12:0 a.m.•5 views

PT-2002-1274 · Oracle · Tarantella Enterprise

Name of the Vulnerable Software and Affected Versions: Tarantella Enterprise versions 3.0x through 3.20 Tarantella Enterprise version 3.11.903 Description: The issue allows remote attackers to view directory contents. This is achieved by providing an empty pg parameter in the ttawebtop.cgi script...

5CVSS6.5AI score0.01878EPSS

Exploits0References3

securityvulns•added 2002/02/21 12:0 a.m.•35 views

Доступ без пароля в Novell Groupwise (unauthorized access)

Можно подключиться через LDAP с пустым паролем...

1.5AI score

Exploits0References1Affected Software1

securityvulns•added 2001/08/13 12:0 a.m.•43 views

Многочисленные дырки в Avaya Argent Office (DoS, weak password, empty SNMP password, tftp file spoofing)

Многочисленные дырки...

1AI score

Exploits0References1

securityvulns•added 2001/08/01 12:0 a.m.•42 views

DoS против pine (empty message body)

Сообщение с пустым телом и заголовками приводит к краху программы...

0.5AI score

Exploits0References1Affected Software1

Cvelist•added 2001/07/27 4:0 a.m.•20 views

CVE-2001-0566

Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 SNMP when SNMP is disabled...

6.6AI score0.06421EPSS

Exploits0References2

securityvulns•added 2001/06/04 12:0 a.m.•21 views

Qpopper 4.0.3 **** Fixes Buffer Overflow ****

Qpopper 4.0.3 is available at ftp://ftp.qualcomm.com/eudora/servers/unix/popper/. 4.0.3 FIXES A BUFFER OVERFLOW PRESENT IN ALL VERSIONS OF 4.0 -- PLEASE UPGRADE IMMEDIATELY Changes from 4.0.2 to 4.0.3: ---------------------------- 1. Don't call SSLshutdown unless we tried to negotiate an SSL...

4.2AI score

Exploits0

securityvulns•added 2001/05/07 12:0 a.m.•29 views

Cisco Catalyst 2900XL crashes with empty UDP packet when SNMP is disabled.

Hi It's possible to crash Cisco Catalyst 2900XL with a empty UDP packet to port 161 when SNMP is disabled. Other switches also? The crash only occurs when the switch is booted with SNMP disabled. Seems that SNMP is listening, even if SNMP is disabled.. ? I have only tested this with Software...

0.9AI score

Exploits0

exploitpack•added 2001/05/03 12:0 a.m.•15 views

Cisco Catalyst 2900 12.0 - 5.2XU SNMP Empty UDP Packet Denial of Service

Cisco Catalyst 2900 12.0 - 5.2XU SNMP Empty UDP Packet Denial of Service source: https://www.securityfocus.com/bid/2689/info The Catalyst series switch is a scalable, high performance layers 2 and 3 switch manufactured by Cisco Systems. The Catalyst series ranges in size, and is designed for use ...

0.5AI score

Exploits0

Exploit DB•added 2001/05/03 12:0 a.m.•37 views

Cisco Catalyst 2900 12.0 - '5.2'XU SNMP Empty UDP Packet Denial of Service

source: https://www.securityfocus.com/bid/2689/info The Catalyst series switch is a scalable, high performance layers 2 and 3 switch manufactured by Cisco Systems. The Catalyst series ranges in size, and is designed for use in organizations sized from small business to large enterprise. A problem...

7.4AI score

Exploits0

exploitpack•added 2001/04/13 12:0 a.m.•14 views

Microsoft Windows NT 4.02000 - TCP Stack Denial of Service (2)

Microsoft Windows NT 4.02000 - TCP Stack Denial of Service 2 // source: https://www.securityfocus.com/bid/3967/info An issue exists in Windows which could cause the TCP stack to consume all available system memory. This is achieved if a user sends numerous empty TCP packets to a host on port 139...

7.3AI score

Exploits0

SonicWall•added 2001/01/09 5:0 a.m.•5 views

Soho Firewall CVE-2000-1098 Denial-Of-Service Vulnerability

The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. CVE: CVE-2000-1098 Last updated: Sept. 5, 2008, 8:22 p.m...

5CVSS7AI score0.01291EPSS

Exploits0

securityvulns•added 2000/12/20 12:0 a.m.•22 views

Дырка в мастере "Configure Your Server" Windows 2000

Создается пустой пароль Restore mode...

1.6AI score

Exploits0References1

NVD•added 2000/12/19 5:0 a.m.•17 views

CVE-2000-0962

The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service...

5CVSS6.6AI score0.01608EPSS

Exploits1References4