Show filters
36 Total Results
Displaying 31-36 of 36
Sort by:
Attacker Value
Unknown
CVE-2003-0078
Disclosure Date: March 03, 2003 (last updated February 22, 2025)
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
0
Attacker Value
Unknown
CVE-2003-0015
Disclosure Date: February 07, 2003 (last updated February 22, 2025)
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.
0
Attacker Value
Unknown
CVE-2003-0001
Disclosure Date: January 17, 2003 (last updated February 22, 2025)
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
0
Attacker Value
Unknown
CVE-2002-1219
Disclosure Date: November 29, 2002 (last updated February 22, 2025)
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
0
Attacker Value
Unknown
CVE-2002-1221
Disclosure Date: November 29, 2002 (last updated February 22, 2025)
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
0
Attacker Value
Unknown
CVE-2002-1220
Disclosure Date: November 29, 2002 (last updated February 22, 2025)
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
0