CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 2402 | CVE-2000-0833 | Candidate | Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command. | Modified (20020222-01) | ACCEPT(5) Baker, Cole, Collins, Frech, Wall | NOOP(2) Armstrong, Magdych | Cole> HAS-INDEPENDENT-CONFIRMATION | CHANGE> [Wall changed vote from REVIEWING to ACCEPT] | View |
| 531 | CVE-1999-0534 | Candidate | A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input. | Proposed (19990721) | ACCEPT(5) Baker, Christey, Ozancin, Shostack, Wall | MODIFY(2) Frech, Northcutt | Northcutt> If we are going to write a laundry list put access to the scheduler in it. | Christey> The list of privileges is very useful for lookup. | Frech> XF:nt-create-token | XF:nt-replace-token | XF:nt-lock-memory | XF:nt-increase-quota | XF:nt-unsol-input | XF:nt-act-system | XF:nt-create-object | XF:nt-sec-audit | XF:nt-add-workstation | XF:nt-manage-log | XF:nt-take-owner | XF:nt-load-driver | XF:nt-profile-system | XF:nt-system-time | XF:nt-single-process | XF:nt-increase-priority | XF:nt-create-pagefile | XF:nt-backup | XF:nt-restore | XF:nt-debug | XF:nt-system-env | XF:nt-remote-shutdown | View |
| 891 | CVE-1999-0911 | Candidate | Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. | Modified (20050309) | ACCEPT(5) Baker, Blake, Cole, Prosser, Stracener | MODIFY(1) Frech | REVIEWING(1) Christey | Frech> XF:proftpd-long-dir-bo(3399) | Christey> Not absolutely sure if this isn"t the same as Palmetto | (CVE-1999-0368), which describes a similar type of overflow. | | NETBSD:NetBSD-SA1999-003 may refer to CVE-1999-0368: | ADDREF URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-003.txt.asc | Christey> ADDREF CIAC:J-068 | Include version numbers; too many wu-ftp/etc. problems | were published in summer/fall 1999 | View |
| 3420 | CVE-2001-0607 | Candidate | asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083. | Modified (20090302) | ACCEPT(5) Baker, Bishop, Cole, Williams, Ziese | MODIFY(1) Frech | NOOP(2) Foat, Wall | REVIEWING(1) Christey | Frech> XF:hp-asecure-dos(6212) | Possible duplicate of CVE-2000-0083: HP asecure creates the | Audio Security File audio.sec with insecure permissions, which allows | local users to cause a denial of service or gain additional | privileges. | Williams> Frech - this is not a dupe of CVE-2000-0083. | Christey> While this advisory is vaguely worded, the fact that HP did an | advisory for the other asecure problem (now CVE-2000-0083) | indicates at the very least that this problem occurs in | a different version than CVE-2000-0083, so CD:SF-LOC | suggests a SPLIT. However, the HP advisory says "10.X" | and "11.X" are affected, so who knows what versions they | *really* mean? | CHANGE> [Christey changed vote from NOOP to REVIEWING] | View |
| 3381 | CVE-2001-0568 | Candidate | Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Zope user) with through-the-web scripting capabilities to alter ZClasses class attributes. | Proposed (20010727) | ACCEPT(5) Baker, Bishop, Cole, Williams, Ziese | MODIFY(1) Frech | NOOP(2) Foat, Wall | Frech> XF:zope-zclass-modification(6247) | View |
Page 19878 of 20943, showing 5 records out of 104715 total, starting on record 99386, ending on 99390
