CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-1620 – nss: TLS CBC padding timing attack
https://notcve.org/view.php?id=CVE-2013-1620
08 Feb 2013 — The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. La implementación en Mozilla Network Security Services (NSS) de TLS no tiene debidamente en cuenta tiempos de canal... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-203: Observable Discrepancy •
CVSS: 5.3EPSS: 1%CPEs: 2EXPL: 0CVE-2012-1738
https://notcve.org/view.php?id=CVE-2012-1738
17 Jul 2012 — Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite Java System Web Server 6.1 and Oracle iPlanet Web Server 7.0 allows remote attackers to affect availability via unknown vectors related to Web Server. Vulnerabilidad no especificada en el componente Oracle iPlanet Web Server en Oracle Sun Products Suite Java System Web Server v6.1 y Oracle iPlanet Web Server v7.0 permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos relaciona... • http://osvdb.org/83974 •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 4CVE-2002-1654
https://notcve.org/view.php?id=CVE-2002-1654
31 Dec 2002 — iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection. • http://lists.virus.org/vulnwatch-0201/msg00008.html •