CVSS: 5.9EPSS: 7%CPEs: 18EXPL: 1CVE-2003-0078 – OpenSSL 0.9.x - CBC Error Information Leakage
https://notcve.org/view.php?id=CVE-2003-0078
03 Mar 2003 — ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." ssl3_get_record en s3_ptk.c de OpenSSL anteriores a 0.9.7a y 0.9.6 anteriores ... • https://www.exploit-db.com/exploits/22264 • CWE-203: Observable Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2002-1915
https://notcve.org/view.php?id=CVE-2002-1915
31 Dec 2002 — tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. • http://online.securityfocus.com/archive/1/283033 • CWE-667: Improper Locking •
CVSS: 10.0EPSS: 27%CPEs: 87EXPL: 3CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
14 Aug 2001 — Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 2%CPEs: 10EXPL: 0CVE-2000-1010
https://notcve.org/view.php?id=CVE-2000-1010
11 Dec 2000 — Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. • http://www.securityfocus.com/archive/1/137890 •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 1CVE-2000-0489 – FreeBSD 5.0 / NetBSD 1.4.2 / OpenBSD 2.7 - 'setsockopt()' Denial of Service
https://notcve.org/view.php?id=CVE-2000-0489
05 Sep 1999 — FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers. • https://www.exploit-db.com/exploits/19488 •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-1999-0303
https://notcve.org/view.php?id=CVE-1999-0303
21 May 1998 — Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303 •