CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
2331 | CVE-2000-0755 | Candidate | Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges. | Proposed (20000921) | ACCEPT(2) Cole, Levy | NOOP(2) Baker, Wall | REJECT(2) Christey, Frech | Christey> DUPE CVE-2000-0730 | Also, the BID is wrong. | Frech> DUPE OF CVE-2000-0730 | Also, the BID is wrong. | View |
2332 | CVE-2000-0756 | Candidate | Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service. | Proposed (20000921) | ACCEPT(2) Cole, Levy | MODIFY(2) Frech, LeBlanc | REVIEWING(2) Christey, Wall | LeBlanc> - if a KB article, bulletin, or patch can be found, then | I"ll ACCEPT | Christey> This is the same as MS:MS01-012 (CVE-2001-0145) | See the Bugtraq post by Joel Moses: | http://marc.theaimsgroup.com/?l=bugtraq&m=98322714210100&w=2 | | As of this writing, it is not certain which candidate | should be preferred: the candidate that has been publicly | known longer (i.e. CVE-2000-0756), or the more "official" | candidate, which has probably been publicized more (i.e. | CVE-2001-0145). | Frech> XF:outlook-vcard-dos(5175) | XF:outlook-vcard-bo(6145) | Because there"s another more recent CAN linked to @stake and | Microsoft"s advisories, we"ll link both of our records to both | candiates until a final decision occurs. If a decision has been made | to promote the CVE-2001 entry, then enter my vote as a REJECT for | CVE-2000-0756. | Frech> Replace outlook-vcard-bo(6145) with outlook-vcard-dos(5175) | View |
2333 | CVE-2000-0757 | Candidate | The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed. | Proposed (20000921) | ACCEPT(2) Baker, Levy | NOOP(4) Christey, Cole, Wall, Williams | Christey> XF:totalbill-remote-execution | http://xforce.iss.net/static/5068.php | View |
2334 | CVE-2000-0758 | Entry | The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field. | View | |||
2335 | CVE-2000-0759 | Candidate | Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path. | Modified (20050703) | ACCEPT(2) Baker, Levy | NOOP(3) Cole, Wall, Williams | View |
Page 467 of 20943, showing 5 records out of 104715 total, starting on record 2331, ending on 2335