CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 4584 | CVE-2002-0192 | Candidate | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0193, CVE-2002-1564. Reason: This candidate was published with a description that identified a different vulnerability than what was identified in the original authoritative reference. Notes: Consult CVE-2002-0193 or CVE-2002-1564 to find the identifier for the proper issue. | Modified (20050204) | ACCEPT(5) Armstrong, Baker, Cole, Foat, Wall | MODIFY(1) Frech | NOOP(1) Cox | REJECT(1) Christey | Frech> XF:ie-content-disposition-variant(9085) | Christey> Hrmmm... the MS advisory says this is the "Script within | Cookies Reading Cookies" vulnerability... This description | was also used for CVE-2002-0193. | CHANGE> [Christey changed vote from NOOP to REJECT] | Christey> This CAN had the wrong description added to it, which made | it look like a different vulnerability than the one identified | by Microsoft in MS:MS02-023. Therefore this CAN should be | REJECTed. | View |
| 1542 | CVE-1999-1562 | Candidate | gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file. | Modified (20050309) | MODIFY(1) Frech | NOOP(3) Cole, Foat, Wall | Frech> XF:gftp-plaintext-password(7319) | View |
| 3436 | CVE-2001-0623 | Candidate | sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges. | Modified (20050309) | ACCEPT(2) Baker, Frech | NOOP(5) Bishop, Cole, Foat, Wall, Ziese | REVIEWING(1) Christey | CHANGE> [Bishop changed vote from REVIEWING to NOOP] | Christey> Need to figure out if this is one or multiple problems. | (See BIDs 2631, 2652, and 2645). | View |
| 891 | CVE-1999-0911 | Candidate | Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. | Modified (20050309) | ACCEPT(5) Baker, Blake, Cole, Prosser, Stracener | MODIFY(1) Frech | REVIEWING(1) Christey | Frech> XF:proftpd-long-dir-bo(3399) | Christey> Not absolutely sure if this isn"t the same as Palmetto | (CVE-1999-0368), which describes a similar type of overflow. | | NETBSD:NetBSD-SA1999-003 may refer to CVE-1999-0368: | ADDREF URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-003.txt.asc | Christey> ADDREF CIAC:J-068 | Include version numbers; too many wu-ftp/etc. problems | were published in summer/fall 1999 | View |
| 3733 | CVE-2001-0927 | Candidate | Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog_io_message functions. | Modified (20050309) | ACCEPT(3) Armstrong, Baker, Cole | MODIFY(1) Frech | NOOP(3) Christey, Foat, Wall | Frech> XF:libgtop-format-string(7608) | Christey> BID:3586 | URL:http://www.securityfocus.com/bid/3586 | CONECTIVA:CLA-2002:448 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000448 | MANDRAKE:MDKSA-2001:094 | URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-094.php3 | DEBIAN:DSA-098 | URL:http://www.debian.org/security/2002/dsa-098 | View |
Page 20408 of 20943, showing 5 records out of 104715 total, starting on record 102036, ending on 102040
