CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 3486 | CVE-2001-0678 | Candidate | A buffer overflow in reggo.dll file used by Trend Micro InterScan VirusWall prior to 3.51 build 1349 for Windows NT 3.5 and InterScan WebManager 1.2 allows a local attacker to execute arbitrary code. | Proposed (20010829) | ACCEPT(5) Baker, Cole, Frech, Stracener, Ziese | NOOP(2) Foat, Wall | RECAST(1) Christey | Christey> CD:SF-LOC may suggest merging with CVE-2001-0761 | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Christey> CONFIRM:http://solutionbank.antivirus.com/solutions/solutionDetail.asp?solutionID=9590 | CONFIRM:http://solutionfile.trendmicro.com/SolutionFile/9590/en/PatchT3419.zip | Also say it"s the Serial Number field, as stated in | ISVWNTBufferOverflowPatch.txt of the zip file. | Since there is a separate patch for CVE-2001-0761 (though no | build number), there is enough evidence to keep these | 2 candidates separate. | CHANGE> [Christey changed vote from REVIEWING to RECAST] | Christey> CONFIRM:http://download.antivirus.com/ftp/products/patches/isapi_security_patch_351b1360.zip | | This patch fixes a number of overflows in various DLL"s, | including RegGo.dll. See Readme_ISNT_BufferOverflowPatchFiles.txt. | By CD:SF-LOC, the same type of issue appears in the same | versions, so CVE-2001-0678 must be RECAST to include the following | *other* issues in 1512: | (1) FtpSaveCSP.dll, (2) FtpSaveCVP.dll, (3) | HttpSaveCSP.dll, (4) HttpSaveCVP.dll, (5) RegGo.dll, (6) ViewLog.dll, | (7) ftpSaveCVP.dll, (8) patupd.dll, (9) smtpscan.dll, or (10) | smtpscanCVP.dll. | | BUGTRAQ:20010612 [SNS Advisory No.31] Trend Micro InterScan VirusWall for Windows NT 3.51 FtpSaveC*P.dll Buffer Overflow Vulnerability | URL:http://archives.neohapsis.com/archives/bugtraq/2001-06/0148.html | XF:interscan-viruswall-ftpsave-bo(6698) | URL:http://xforce.iss.net/static/6698.php | View |
| 3515 | CVE-2001-0707 | Candidate | Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a denial of service (crash) via a long string to port 514. | Proposed (20010829) | ACCEPT(5) Baker, Cole, Frech, Stracener, Ziese | NOOP(2) Foat, Wall | Stracener> | The vendor fixed the problem in RSHD/NT version 2.18.04. CONFIRM: http://www.denicomp.com/rshdnt.htm | View |
| 3516 | CVE-2001-0708 | Candidate | Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string. | Proposed (20010829) | ACCEPT(5) Baker, Cole, Frech, Stracener, Ziese | NOOP(2) Foat, Wall | Stracener> CONFIRM: http://www.denicomp.com/rexecdnt.htm | View |
| 3454 | CVE-2001-0645 | Candidate | Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password. | Modified (20050510) | ACCEPT(5) Baker, Cole, Frech, Prosser, Ziese | NOOP(2) Foat, Wall | Prosser> Additional Reference | http://www.sarc.com/avcenter/security/Content/2001_05_08.html | Prosser> Add Symantec vendor advisory source | http://securityresponse.symantec.com/avcenter/security/Content/2001_05_08.html | View |
| 3267 | CVE-2001-0450 | Candidate | Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name. | Proposed (20010524) | ACCEPT(5) Baker, Cole, Frech, Oliver, Ziese | NOOP(2) Christey, Wall | Christey> Change "LIST" to "DIR" - see original post. The problem with | LIST (and NLST) occurred in Broker 3.0, not 5.0. | | The CONFIRM link is dead. | | Thanks to John Segura of secureinfo.com for noticing this. | View |
Page 19874 of 20943, showing 5 records out of 104715 total, starting on record 99366, ending on 99370
