Request History

4 previous requests available

• Restore to current request
• cveinfos/index/page:20684/sort:phase/direction:desc
• cveinfos/view/1098
• cveinfos/index/page:313/sort:comments/direction:asc
• cveinfos/view/1675

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllercveinfos
• actionindex
• named(array)
  • page311
  • sortcomments
  • directiondesc
• pass(empty)
• paging(array)
  • Cveinfo(array)
    • page311
    • current5
    • count104715
    • prevPage(true)
    • nextPage(true)
    • pageCount20943
    • order(array)
      • Cveinfo.commentsdesc
    • limit5
    • options(array)
      • page311
      • order(array)
        • Cveinfo.commentsdesc
      • sortcomments
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• cveinfos(array)
  • 0(array)
    • Cveinfo(array)
      • id144
      • nameCVE-1999-0144
      • statusCandidate
      • descriptionDenial of service in Qmail by specifying a large number of recipients with the RCPT command.
      • phaseModified (20010301-02)
      • votesACCEPT(4) Baker, Frech, Hill, Meunier | REVIEWING(1) Christey
      • commentsChristey> DUPE CVE-1999-0418 and CVE-1999-0250? | Christey> Dan Bernstein, author of Qmail, says that this is not a | vulnerability in qmail because Unix has built-in resource | limits that can restrict the size of a qmail process; other | limits can be specified by the administrator. See | http://cr.yp.to/qmail/venema.html | | Significant discussion of this issue took place on the qmail | list. The fundamental question appears to be whether | application software should set its own limits, or rely | on limits set by the parent operating system (in this case, | UNIX). Also, some people said that the only problem was that | the suggested configuration was not well documented, but this | was refuted by others. | | See the following threads at | http://www.ornl.gov/its/archives/mailing-lists/qmail/1997/06/threads.html | "Denial of service (qmail-smtpd)" | "qmail-dos-2.c, another denial of service" | "[PATCH] denial of service" | "just another qmail denial-of-service" | "the UNIX way" | "Time for a reality check" | | Also see Bugtraq threads on a different vulnerability that | is related to this topic: | BUGTRAQ:19990903 Web servers / possible DOS Attack / mime header flooding | http://archives.neohapsis.com/archives/bugtraq/1998_3/0742.html | Baker> http://cr.yp.to/qmail/venema.html | Berstein rejects this as a vulnerability, claiming this is a slander campaign by Wietse Venema. | His page states this is not a qmail problem, rather it is a UNIX problem | that many apps can consume all available memory, and that the administrator | is responsible to set limits in the OS, rather than expect applications to | individually prevent memory exhaustion. CAN 1999-0250 does appear to | be a duplicate of this entry, based on the research I have done so far. | There were two different bugtraq postings, but the second one references | the first, stating that the new exploit uses perl instead of shell scripting | to accomplish the same attack/exploit. | Baker> http://www.securityfocus.com/archive/1/6970 | http://www.securityfocus.com/archive/1/6969 | http://cr.yp.to/qmail/venema.html | | Should probably reject CVE-1999-0250, and add these references to this | Candidate. | Baker> http://www.securityfocus.com/bid/2237 | CHANGE> [Baker changed vote from REVIEWING to ACCEPT] | Christey> qmail-dos-1.c, as published by Wietse Venema (CVE-1999-0250) | in "BUGTRAQ:19970612 Denial of service (qmail-smtpd)", does not | use any RCPT commands. Instead, it sends long strings | of "X" characters. A followup by "super@UFO.ORG" includes | an exploit that claims to do the same thing; however, that | exploit does not send long strings of X characters - it sends | a large number of RCPT commands. It appears that super@ufo.org | followed up to the wrong message. | | NOTE: the ufo.org domain was purchased by another party in | 2003, so the current owner is not associated with any | statements by "super@ufo.org" that were made before 2003. | | qmail-dos-2.c, as published by Wietse Venema (CVE-1999-0144) | in "BUGTRAQ:19970612 qmail-dos-2.c, another denial of service attack" | sends a large number of RCPT commands. | | ADDREF BID:2237 | ADDREF BUGTRAQ:19970612 qmail-dos-2.c, another denial of service attack | ADDREF BUGTRAQ:19970612 Re: Denial of service (qmail-smtpd) | | Also see a related thread: | BUGTRAQ:19990308 SMTP server account probing | http://marc.theaimsgroup.com/?l=bugtraq&m=92100018214316&w=2 | | This also describes a problem with mail servers not being able | to handle too many "RCPT TO" requests. A followup message | notes that application-level protection is used in Sendmail | to prevent this: | BUGTRAQ:19990309 Re: SMTP server account probing | http://marc.theaimsgroup.com/?l=bugtraq&m=92101584629263&w=2 | The person further says, "This attack can easily be | prevented with configuration methods."
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 1(array)
    • Cveinfo(array)
      • id825
      • nameCVE-1999-0845
      • statusCandidate
      • descriptionBuffer overflow in SCO su program allows local users to gain root access via a long username.
      • phaseProposed (19991208)
      • votesACCEPT(4) Armstrong, Cole, Prosser, Stracener | MODIFY(1) Frech | RECAST(1) Baker | REVIEWING(1) Christey
      • commentsChristey> DUPE CVE-1999-0317? | Frech> XF:sco-su-username-bo | Christey> ADDREF BID:826 | CONFIRM:ftp://ftp.sco.com/SSE/sse039.tar.Z
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 2(array)
    • Cveinfo(array)
      • id417
      • nameCVE-1999-0418
      • statusCandidate
      • descriptionDenial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.
      • phaseProposed (20010912)
      • votesACCEPT(1) Cole | MODIFY(1) Frech | NOOP(3) Baker, Foat, Wall | REVIEWING(1) Christey
      • commentsChristey> DUPE CVE-1999-0144 and CVE-1999-0250? | Frech> XF:smtp-rctpto-dos(7499)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 3(array)
    • Cveinfo(array)
      • id5036
      • nameCVE-2002-0646
      • statusCandidate
      • description** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0371. Reason: This candidate is a reservation duplicate of CVE-2002-0371. Notes: CVE-2002-0371 should be used instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
      • phaseAssigned (20020628)
      • votesNOOP(1) Christey
      • commentsChristey> DO NOT USE THIS CANDIDATE. | It is a "reservation duplicate" of CVE-2002-0371. CVE users | should use CVE-2002-0371 instead.
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 4(array)
    • Cveinfo(array)
      • id8738
      • nameCVE-2004-0310
      • statusCandidate
      • descriptionCross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote attackers to execute Javascript as other users via the stylesheet, which does not strip the semicolon or parentheses, as demonstrated using a background:url.
      • phaseProposed (20040318)
      • votesNOOP(5) Armstrong, Christey, Cole, Cox, Wall
      • commentsChristey> Despite the description, the specific affected versions are | not actually known. Either they need to be removed or we need | some source that can confirm the affected versions.
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
• $request->data(empty)
• $this->validationErrors(array)
  • Cveinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Form
  • 7Session
  • 8HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/index/page:311/sort:comments/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/index/page:311/sort:comments/direction:desc
Remote Port	15925
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.23.102.192
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.23.102.192
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.23.102.192
Unique Id	aCTbu_RoHmsg9-KesvU4ggAAAJw
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Checkdos	1
Redirect X Dostranslated Ip	3.23.102.192
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.23.102.192
Redirect Unique Id	aCTbu_RoHmsg9-KesvU4ggAAAJw
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Checkdos	1
Redirect Redirect X Dostranslated Ip	3.23.102.192
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.23.102.192
Redirect Redirect Unique Id	aCTbu_RoHmsg9-KesvU4ggAAAJw
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747246011.7555
Request Time	1747246011

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/CveinfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Cveinfo.php
    • 1APP/Model/AppModel.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php