CVSS: 1.2EPSS: 0%CPEs: 30EXPL: 0CVE-2005-2666 – openssh vulnerable to known_hosts address harvesting
https://notcve.org/view.php?id=CVE-2005-2666
SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt http://nms.csail.mit.edu/projects/ssh http://secunia.com/advisories/19243 http://secunia.com/advisories/25098 http://www.eweek.com/article2/0%2C1759%2C1815795%2C00.asp http://www.redhat.com/support/errata/RHSA-2007-0257.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10201 https://access.redhat.com/security/cve/CVE-2005-2666 https://bugzilla.redhat.com/show&# • CWE-255: Credentials Management Errors •
CVSS: 5.0EPSS: 93%CPEs: 296EXPL: 2CVE-2005-0356 – TCP TIMESTAMPS - Denial of Service
https://notcve.org/view.php?id=CVE-2005-0356
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0960
https://notcve.org/view.php?id=CVE-2005-0960
Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c and (2) tcp_usrreq.c OpenBSD 3.5 and 3.6 allow remote attackers to cause a denial of service (memory exhaustion or system crash). • http://securitytracker.com/id?1013611 http://www.openbsd.org/errata.html#sack http://www.openbsd.org/errata35.html#sack http://www.securityfocus.com/bid/12951 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0637
https://notcve.org/view.php?id=CVE-2005-0637
The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. • http://secunia.com/advisories/14432 http://securitytracker.com/id?1013333 http://www.openbsd.org/errata.html#copy http://www.openbsd.org/errata35.html#locore http://www.securityfocus.com/bid/12825 https://exchange.xforce.ibmcloud.com/vulnerabilities/19531 •
CVSS: 5.0EPSS: 4%CPEs: 17EXPL: 1CVE-2005-0740
https://notcve.org/view.php?id=CVE-2005-0740
The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout. • http://secunia.com/advisories/13819 http://securitytracker.com/id?1012861 http://www.openbsd.org/errata35.html http://www.securityfocus.com/bid/12250 •