Request History

4 previous requests available

• Restore to current request
• cveinfos/index/page:20933
• cveinfos/index/page:20943/sort:description/direction:desc
• cveinfos/index/page:20939/sort:comments/direction:asc
• cveinfos/index/sort:id/direction:desc/page:5

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllercveinfos
• actionindex
• named(array)
  • page20935
  • sortcomments
  • directionasc
• pass(empty)
• paging(array)
  • Cveinfo(array)
    • page20935
    • current5
    • count104715
    • prevPage(true)
    • nextPage(true)
    • pageCount20943
    • order(array)
      • Cveinfo.commentsasc
    • limit5
    • options(array)
      • page20935
      • order(array)
        • Cveinfo.commentsasc
      • sortcomments
      • directionasc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• cveinfos(array)
  • 0(array)
    • Cveinfo(array)
      • id574
      • nameCVE-1999-0592
      • statusCandidate
      • descriptionThe Logon box of a Windows NT system displays the name of the last user who logged in.
      • phaseProposed (19990728)
      • votesMODIFY(1) Frech | NOOP(2) Baker, Christey | REJECT(2) Northcutt, Wall
      • commentsWall> Information gathering, not vulnerability | Northcutt> Ah a C2 weenie must have snuck this in, this can be a good thing | not just vulnerability | Frech> XF:nt-display-last-username(1353) | Use it if you will. :-) If not, let us know so I can remove the CAN | reference from our database. | Christey> MSKB:Q114463 | http://support.microsoft.com/support/kb/articles/q114/4/63.asp
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 1(array)
    • Cveinfo(array)
      • id344
      • nameCVE-1999-0345
      • statusCandidate
      • descriptionJolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
      • phaseProposed (19990728)
      • votesACCEPT(2) Blake, Cole | MODIFY(2) Frech, Wall | NOOP(4) Bishop, Landfield, Northcutt, Ozancin | RECAST(1) Meunier | REJECT(4) Armstrong, Baker, LeBlanc, Levy | REVIEWING(1) Christey
      • commentsWall> Invalid ICMP datagram fragments causes a denial of service in Windows 95 and | Windows NT systems. | Reference: Q154174. | Jolt is also known as sPING, ICMP bug, Icenewk, and Ping of Death. | It is a modified teardrop 2 attack. | Frech> XF:nt-ssping | ADDREF XF:ping-death | ADDREF XF:teardrop-mod | ADDREF XF:mpeix-echo-request-dos | Christey> I can"t tell whether the Jolt exploit at: | | http://www.securityfocus.com/templates/archive.pike?list=1&date=1997-06-28&msg=Pine.BSF.3.95q.970629163422.3264A-200000@apollo.tomco.net | | is exploiting any different flaw than teardrop does. | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Baker> Jolt (original) is basically just a fragmented oversized ICMP that | kills Win boxes ala Ping of Death. | Teardrop is altering the offset in fragmented tcp packets so that the | end of subsequent fragments is inside first packet... | Teardrop 2 is UDP packets, if I remember right. | Seems like Jolt (original, not jolt 2) is just exploit code that | creates a ping of death (CVE 1999-0128) | Levy> I tend to agree with Baker. | CHANGE> [Armstrong changed vote from REVIEWING to REJECT] | Armstrong> This code does not use fragment overlap. It is simply a large ICMP echo request. | Christey> See the SCO advisory at: | http://www.securityfocus.com/templates/advisory.html?id=1411 | which may further clarify the issue. | LeBlanc> This is a hodge-podge of DoS attacks. Jolt isn"t the same | thing as ping of death - POD was an oversized ICMP packet, Jolt froze | Linux and Solaris (and I think not NT), IIRC Jolt2 did get NT boxes. | Teardrop and teardrop2 were related attacks (usually ICMP frag attacks), | but each of these is a distinct vulnerability, affected a discrete group | of systems, and should have distinct CVE numbers. CVE entries should be | precise as to what the problem is. | Meunier> I agree with Leblanc in that Jolt is multi-faceted. Jolt has | characteristics of Ping of Death AND teardrop, but it doesn"t do | either exactly. Moreover, it sends a truncated IP fragment. I | disagree with Armstrong; jolt uses overlapping fragments. It"s not a | simple ping of death either. It may be that the author"s intent was | to construct a "super attack" somehow combining elements of other | vulnerabilities to try to make it more potent. In any case it | succeeded in confusing the CVE board :-). | | I notice that Jolt uses echo replies (type 0) instead of echo | requests (to get past firewalls?). Jolt is peculiar in that it also | sends numerous overlapping fragments. The "Pascal Simulator" :-) says | it sends: | | - 172 fragments of length 400 with offset starting at 5120 and | increasing by about 47 (odd arithmetic of 5120 OR ((n* 380) >> 3)), | which eventually results in sending fragments inside an already | covered area once ((n* 380) >> 3) is greater than 5120, which occurs | when n is reaches 108. This would look a bit like TearDrop if | fragments were reassembled on-the-fly. | | - 1 fragment such that the total length of all the fragments | is greater than 65535 (my calculation is 172*380 + 418 = 65778; the | comment about 65538 must be wrong). The last packet is size 418 | according to the IP header but the buffer is of size 400. The sendto | takes as argument the size of the buffer so a truncated packet is | sent. | | So, I am not sure if the problem is because the last packet | doesn"t extend to the payload it says it has or because the total size | of all fragments is greater than 65535. The author says it may take | more than one sending, so perhaps this has to do with an incorrect | error handling and recovery. One would need to experiment and isolate | each of those characteristics and test them independently. Inasmuch | as each of those things is likely a different vulnerability, then I | agree with Leblanc that this entry should be split. I"ll try that if | I ever get bored. Jolt 2 should also have a different entry (see | below). | | Jolt 2 runs in an infinite loop, sending the same fragmented | IP packet, which can pretend to be "ICMP" or "UDP" data; however this | is meaningless, as it"s just a late fragment of an IP packet. The | attack works only as long as packets are sent. According to | http://www.securityfocus.com/archive/1/62170 the packets are | truncated, and would overflow over the 65535 byte limit, which is | similar to Jolt. Note that Jolt does send that much data whereas | jolt2 doesn"t. Since jolt2 is simpler and narrower than jolt, and it | has weaker consequences, I believe that it"s a different | vulnerability. | | "Jolt 2 vulnerability causes a temporary denial-of-service in | Windows-type OSes" would be a title for it.
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 2(array)
    • Cveinfo(array)
      • id2647
      • nameCVE-2000-1079
      • statusCandidate
      • descriptionInteractions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
      • phaseModified (20061101)
      • votesACCEPT(3) Baker, Mell, Wall | NOOP(1) Cole | REVIEWING(1) Christey
      • commentsWall> No known exploit or patch yet. | Christey> This was a little controversial, if I recall correctly.
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 3(array)
    • Cveinfo(array)
      • id566
      • nameCVE-1999-0584
      • statusCandidate
      • descriptionA Windows NT file system is not NTFS.
      • phaseProposed (19990728)
      • votesACCEPT(2) Northcutt, Wall | MODIFY(1) Frech | NOOP(2) Baker, Christey
      • commentsWall> NTFS partition provides the security. This could be re-worded | to "A Windows NT file system is FAT" since it is either NTFS or FAT | and FAT is less secure. | Frech> XF:nt-filesys(195) | Christey> MSKB:Q214579 | MSKB:Q214579 | http://support.microsoft.com/support/kb/articles/Q100/1/08.ASP
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 4(array)
    • Cveinfo(array)
      • id576
      • nameCVE-1999-0594
      • statusCandidate
      • descriptionA Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.
      • phaseProposed (19990728)
      • votesACCEPT(1) Wall | MODIFY(1) Frech | NOOP(2) Baker, Christey | REJECT(1) Northcutt
      • commentsWall> Perhaps it can be re-worded to "removable media drives | such as a floppy disk drive or CDROM drive can be accessed (shared) in a | Windows NT system." | Northcutt> - what good is my NT w/o its floppy | Frech> XF:nt-allocate-cdroms(1294) | XF:nt-allocate-floppy(1318) | Christey> MSKB:Q172520 | URL:http://support.microsoft.com/support/kb/articles/q172/5/20.asp
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
• $request->data(empty)
• $this->validationErrors(array)
  • Cveinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Form
  • 7Session
  • 8HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/index/page:20935/sort:comments/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/index/page:20935/sort:comments/direction:asc
Remote Port	23902
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	18.191.235.161
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectdos	1
X Dostranslated Ip	18.191.235.161
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	18.191.235.161
Unique Id	aA69CHI5ovV35A0OvZepBgAAAXg
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Checkdos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	18.191.235.161
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	18.191.235.161
Redirect Unique Id	aA69CHI5ovV35A0OvZepBgAAAXg
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Checkdos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	18.191.235.161
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	18.191.235.161
Redirect Redirect Unique Id	aA69CHI5ovV35A0OvZepBgAAAXg
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1745796360.028
Request Time	1745796360

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/CveinfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Cveinfo.php
    • 1APP/Model/AppModel.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php