CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 2120 | CVE-2000-0543 | Candidate | The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000. | Modified (20001010-1) | ACCEPT(5) Baker, Cole, Collins, Levy, Ozancin | MODIFY(1) Frech | NOOP(1) Armstrong | REVIEWING(1) Christey | Christey> XF:pgp-cert-server-dos | Frech> XF:pgp-cert-server-dos(4695) | CHANGE> [Armstrong changed vote from REVIEWING to NOOP] | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Christey> Need to consult Jim Magdych on this one. | View |
| 2268 | CVE-2000-0692 | Candidate | ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set. | Modified (20001010-1) | ACCEPT(2) Cole, Levy | MODIFY(1) Frech | NOOP(1) Wall | REVIEWING(1) Christey | Frech> XF:realsecure-rskill-dos | Christey> CHANGEREF XF:realsecure-rskill-dos to XF:realsecure-frag-syn-dos? | http://xforce.iss.net/static/5133.php | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Christey> In an email to issforum@iss.net on September 7, 2000, ISS says | that Network Sensor 3.2.2 is affected by SYN flooding, but | RealSecure 5.0 is not affected by Syn flooding. In addition, | they could not find conclusive evidence that RS 3.2.2 or 5.0 | was affected by IP fragmentation. This seems to indicate | that there are 2 *possible* problems: syn flooding (acknowledged | by ISS) and fragmentation (unconfirmed). Perhaps this | candidate needs to be split, or its description should be | rewritten to separate the 2 reported problems. | Frech> XF:realsecure-rskill-dos(5133) | View |
| 212 | CVE-1999-0213 | Candidate | libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. | Modified (20001009-01) | ACCEPT(6) Blake, Cole, Dik, Hill, Landfield, Ozancin | MODIFY(3) Baker, Frech, Levy | NOOP(4) Armstrong, Bishop, Meunier, Wall | REVIEWING(1) Christey | Frech> XF:sun-libnsl | Dik> Sun bug #4305859 | Baker> http://xforce.iss.net/static/1204.php Misc Defensive Info | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/172&type=0&nav=sec.sba Vendor Info | http://www-1.ibm.com/services/continuity/recover1.nsf/advisories/A1050E354364BF498525680F0077E414/$file/ERS-OAR-E01-1998_074_1.txt Vendor Info | http://www.securityfocus.com/archive/1/9749 Misc Defensive Info | Christey> I don"t think this is the bug that everyone thinks it is. | This candidate came from CyberCop Scanner 2.4/2.5, which | only reports this as a DoS problem. If SUN:00172 is an | advisory for this, then it may be a duplicate of | CVE-1999-0055. There appears to be overlap with other | references as well. HOWEVER, this particular one deals with a | DoS in rpcbind - which isn"t mentioned in the sources for | CVE-1999-0055. | Levy> BID 148 | View |
| 260 | CVE-1999-0261 | Candidate | Netmanager Chameleon SMTPd has several buffer overflows that cause a crash. | Modified (20000827-01) | ACCEPT(1) Baker | MODIFY(2) Frech, Landfield | NOOP(3) Christey, Northcutt, Ozancin | Frech> XF:chamelion-smtp-dos | Landfield> - Specify what "a crash" means. | Christey> ADDREF XF:chameleon-smtp-dos ? (but it"s not on the web site) | Christey> Consider adding BID:2387 | View |
| 772 | CVE-1999-0792 | Candidate | ROUTERmate has a default SNMP community name which allows remote attackers to modify its configuration. | Modified (20000827) | ACCEPT(1) Baker | MODIFY(2) Frech, Stracener | NOOP(1) Christey | REVIEWING(1) Levy | Stracener> Change the Ref to read: ROOTSHELL: Osicom Technologies ROUTERmate | Security | Advisory | Frech> XF:routermate-snmp-community | Christey> BUGTRAQ:19980914 [rootshell] Security Bulletin #23 | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90581019105693&w=2 | View |
Page 564 of 20943, showing 5 records out of 104715 total, starting on record 2816, ending on 2820
