CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1CVE-2002-0083 – OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One
https://notcve.org/view.php?id=CVE-2002-0083
15 Mar 2002 — Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 • CWE-193: Off-by-one Error •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0CVE-2001-0872
https://notcve.org/view.php?id=CVE-2001-0872
21 Dec 2001 — OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. OpenSSH 3.0.1 y anteriores con UseLogin activado no limpia variables de entorno críticas como LD_PRELOAD, lo que permite a usuario locales ganar privilegios de root. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt •
CVSS: 10.0EPSS: 6%CPEs: 87EXPL: 3CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
14 Aug 2001 — Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 2CVE-2001-1244 – HP-UX 11 / Linux Kernel 2.4 / Windows 2000/NT 4.0 / IRIX 6.5 - Small TCP MSS Denial of Service
https://notcve.org/view.php?id=CVE-2001-1244
07 Jul 2001 — Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. • https://www.exploit-db.com/exploits/20997 •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2000-1010
https://notcve.org/view.php?id=CVE-2000-1010
11 Dec 2000 — Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. • http://www.securityfocus.com/archive/1/137890 •
CVSS: 9.8EPSS: 9%CPEs: 9EXPL: 1CVE-2000-0751 – ADC2000 NG Pro 1.2 - SQL Injection
https://notcve.org/view.php?id=CVE-2000-0751
13 Oct 2000 — mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. • https://www.exploit-db.com/exploits/26630 •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2000-0750
https://notcve.org/view.php?id=CVE-2000-0750
13 Oct 2000 — Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name. • http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-1999-0798
https://notcve.org/view.php?id=CVE-1999-0798
04 Dec 1998 — Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. • http://marc.info/?l=bugtraq&m=91278867118128&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-1999-0061
https://notcve.org/view.php?id=CVE-1999-0061
02 Oct 1997 — File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0061 •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-1999-1225
https://notcve.org/view.php?id=CVE-1999-1225
24 Aug 1997 — rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. • http://www.securityfocus.com/archive/1/7526 •