CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 1657 | CVE-2000-0079 | Candidate | The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL. | Proposed (20000125) | MODIFY(2) Baker, Frech | NOOP(2) Christey, Williams | RECAST(1) LeBlanc | Frech> XF:w3c-httpd-reveal-paths | LeBlanc> Title references IIS, vuln references W3C CERN httpd. Which | one is broken? | Christey> The mention of CERN httpd was buried in a followup on a | description of an IIS problem, so this is the correct reference. | Baker> Will the XF reference be added? | View |
| 1702 | CVE-2000-0124 | Candidate | surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions. | Proposed (20000208) | MODIFY(2) Baker, Frech | NOOP(2) Christey, Wall | RECAST(1) Cole | Cole> See comments for CVE-2000-0101 | Frech> XF:surfcontrol-superscout-bypass-filter(4009) | Christey> Fix typo: "asign" | Baker> Description still has typo asign instead of assign | View |
| 410 | CVE-1999-0411 | Candidate | Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. | Proposed (19990726) | MODIFY(2) Baker, Frech | NOOP(2) Christey, Wall | Frech> Neither XFDB nor the BugTraq article (incidentally, shows up as 7 March, not | 19 February) does not mention gaining root access... it says a local user | could | "delete or overwrite arbitrary files on the system." | Baker> By overwriting arbitrary files, one could then gain root access. I agree with a minor description change to reflect this. | Christey> Normalize Bugtraq reference to: | BUGTRAQ:19990307 Little exploit for startup scripts (SCO 5.0.4p). | http://marc.theaimsgroup.com/?l=bugtraq&m=92087765014242&w=2 | Also, SCO:SB-99.17 | ftp://ftp.sco.com/SSE/security_bulletins/SB-99.17c | View |
| 98 | CVE-1999-0098 | Candidate | Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities. | Proposed (19990726) | MODIFY(2) Baker, Frech | NOOP(1) Wall | REVIEWING(1) Christey | Frech> (Accept XF reference.) | Our references do not mention hiding activities. This issue can crash the | SMTP server or execute arbitrary byte-code. Is there another reference | available? | Christey> Should this be merged with CVE-1999-0284, which is Sendmail | with SMTP HELO? | Christey> BUGTRAQ:19980522 about sendmail 8.8.8 HELO hole | http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925991&w=2 | BUGTRAQ:19980527 about sendmail 8.8.8 HELO hole | http://marc.theaimsgroup.com/?l=bugtraq&m=90221101926003&w=2 | Baker> Apparently this XF reference is not for this issue, but for the other issue. This should be modified to have the Bugtraq references, and remove the XF reference. | View |
| 1633 | CVE-2000-0055 | Candidate | Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option. | Proposed (20000125) | MODIFY(2) Baker, Frech | NOOP(1) Dik | Frech> XF:sol-chkperm-bo(3870) | Dik> chkperm runs set-uid bin, so initially the access granted | will be user bin, not root. (Though bin access can easily be leveraged | to root access, less so in Solaris 8+) | Also, there is reason to believe this bug is not exploitable; the buffer | overflown is declared in the stack in main(); yet, the program never | returns from main() but calls exit instead so any damage to return addresses | is never noticed. | Baker> Maybe the details from Caspar could be included, or modify the description somewhat | View |
Page 19787 of 20943, showing 5 records out of 104715 total, starting on record 98931, ending on 98935
