4 results (0.015 seconds)

CVSS: 7.5EPSS: 3%CPEs: 93EXPL: 0

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. • http://marc.info/?l=bugtraq&m=109351293827731&w=2 http://www.securityfocus.com/bid/11015 http://xforce.iss.net/xforce/alerts/id/180 https://exchange.xforce.ibmcloud.com/vulnerabilities/16314 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 3

Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. • https://www.exploit-db.com/exploits/20324 https://www.exploit-db.com/exploits/20325 http://archives.neohapsis.com/archives/bugtraq/2000-10/0383.html http://www.iplanet.com/downloads/patches/0122.html http://www.osvdb.org/4086 http://www.osvdb.org/486 http://www.securityfocus.com/bid/1839 https://exchange.xforce.ibmcloud.com/vulnerabilities/5421 •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. • http://archives.neohapsis.com/archives/bugtraq/2000-10/0383.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5422 •

CVSS: 5.0EPSS: 0%CPEs: 22EXPL: 0

Information from SSL-encrypted sessions via PKCS #1. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •