CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 4 | CVE-1999-0004 | Candidate | MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. | Modified (19990621-01) | ACCEPT(8) Baker, Cole, Collins, Dik, Landfield, Magdych, Northcutt, Wall | MODIFY(1) Frech | NOOP(1) Christey | REVIEWING(1) Shostack | Frech> Extremely minor, but I believe e-mail is the correct term. (If you reject | this suggestion, I will not be devastated.) :-) | Christey> This issue seems to have been rediscovered in | BUGTRAQ:20000515 Eudora Pro & Outlook Overflow - too long filenames again | http://marc.theaimsgroup.com/?l=bugtraq&m=95842482413076&w=2 | | Also see | BUGTRAQ:19990320 Eudora Attachment Buffer Overflow | http://marc.theaimsgroup.com/?l=bugtraq&m=92195396912110&w=2 | Christey> | CVE-2000-0415 may be a later rediscovery of this problem | for Outlook. | Dik> Sun bug 4163471, | Christey> ADDREF BID:125 | Christey> BUGTRAQ:19980730 Long Filenames & Lotus Products | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221104526201&w=2 | View |
| 33 | CVE-1999-0033 | Candidate | Command execution in Sun systems via buffer overflow in the at program. | Modified (20040811) | ACCEPT(8) Baker, Cole, Collins, Dik, Hill, Northcutt, Shostack, Wall | NOOP(1) Christey | RECAST(1) Frech | Frech> This vulnerability also manifests itself for the following | platforms: AIX, HPUX, IRIX, Solaris, SCO, NCR MP-RAS. In this light, | please add the following: | Reference: XF:at-bo | Dik> Sun bug 1265200, 4063161 | Christey> ADDREF SGI:19971102-01-PX | ftp://patches.sgi.com/support/free/security/advisories/19971102-01-PX | SCO:SB.97:01 | ftp://ftp.sco.com/SSE/security_bulletins/SB.97:01a | Christey> CIAC:F-15 | http://ciac.llnl.gov/ciac/bulletins/f-15.shtml | HP:HPSBUX9502-023 | Christey> Add period to the end of the description. | View |
| 2781 | CVE-2000-1214 | Candidate | Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges. | Proposed (20020830) | ACCEPT(8) Armstrong, Baker, Cole, Cox, Foat, Frech, Green, Wall | View | |
| 1805 | CVE-2000-0227 | Candidate | The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max paremeter, which allows local users to cause a denial of service by requesting a large number of sockets. | Modified (20010910-01) | ACCEPT(8) Armstrong, Baker, Blake, Cole, Collins, Frech, Levy, Ozancin | NOOP(3) Christey, Magdych, Wall | Christey> Fix typo: "paremeter" | Magdych> I remember when this came up... seems like there were some wildly | mixed results for the exploit. | Christey> See http://marc.theaimsgroup.com/?l=bugtraq&m=95421263519558&w=2 | for Elias" summary of the mixed results. It looks like | enough people were able to replicate it that we should | include it. | Christey> Fix typo: "paremeter" | CHANGE> [Magdych changed vote from REVIEWING to NOOP] | View |
| 3149 | CVE-2001-0328 | Candidate | TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN. | Modified (20161125) | ACCEPT(7) Baker, Cole, Magdych, Renaud, Wall, Williams, Ziese | MODIFY(1) Frech | REVIEWING(1) Christey | Frech> XF:tcp-seq-predict(139) | Christey> It could be argued that this is a "class" of vulnerability in which | several stacks have the problem. | Also need to add references. | Christey> Consider adding BID:2682 | Christey> HP:HPSBUX0207-205 | URL:http://archives.neohapsis.com/archives/hp/2002-q3/0031.html | Christey> COMPAQ:SSRT-547 | URL:http://archives.neohapsis.com/archives/tru64/2002-q3/0017.html | HP:HPSBUX0207-205 | URL:http://archives.neohapsis.com/archives/hp/2002-q3/0031.html | View |
Page 19850 of 20943, showing 5 records out of 104715 total, starting on record 99246, ending on 99250
