Request History

4 previous requests available

• Restore to current request
• cveinfos/index/page:91/sort:status/direction:desc
• cvereves/view/430892
• cveinfos/index/page:88/sort:votes/direction:asc
• cveinfos/index/page:20863/sort:votes/direction:asc

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllercveinfos
• actionindex
• named(array)
  • page91
  • sortid
  • directionasc
• pass(empty)
• paging(array)
  • Cveinfo(array)
    • page91
    • current5
    • count104715
    • prevPage(true)
    • nextPage(true)
    • pageCount20943
    • order(array)
      • Cveinfo.idasc
    • limit5
    • options(array)
      • page91
      • order(array)
        • Cveinfo.idasc
      • sortid
      • directionasc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• cveinfos(array)
  • 0(array)
    • Cveinfo(array)
      • id451
      • nameCVE-1999-0452
      • statusCandidate
      • descriptionA service or application has a backdoor password that was placed there by the developer.
      • phaseProposed (19990726)
      • votesACCEPT(2) Baker, Wall | REJECT(1) Frech
      • commentsFrech> Much too broad. Also may be HIGHCARD (or will be in the future). | Baker> I think we want to address this using the dot notation idea. We do need to address this, just not a separate entry for every single occurance.
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 1(array)
    • Cveinfo(array)
      • id452
      • nameCVE-1999-0453
      • statusCandidate
      • descriptionAn attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).
      • phaseModified (20040512-02)
      • votesACCEPT(2) Baker, Balinsky | MODIFY(1) Frech | NOOP(2) Northcutt, Wall | REVIEWING(1) Christey
      • commentsFrech> XF:cisco-ident(2289) | ADDREF BUGTRAQ:19990118 Remote Cisco Identification | In description, probably better to use "Cisco" as product/company name. | Balinsky> CiscoSecure IDS has a signature for this...ID 3602 Cisco IOS Identity. | Christey> There may be a slight abstraction problem here, e.g. look | at the candidate for queso/nmap; also see followup Bugtraq post | from "Basement Research" on 19990120 which says that there are | many other features in Cisco products that allow remote | identification. | Christey> fix typo: "Dicsovery"
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 2(array)
    • Cveinfo(array)
      • id453
      • nameCVE-1999-0454
      • statusCandidate
      • descriptionA remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso.
      • phaseProposed (19990728)
      • votesMODIFY(1) Frech | NOOP(2) Christey, Wall | REJECT(2) Baker, Northcutt
      • commentsNorthcutt> Nmap and queso are the tip of the iceberg and not the most advanced | ways to accomplish this. To pursue making the world signature free | is as much a vulnerability as having signatures, nay more. | Frech> XF:decod-nmap(2053) | XF:decod-queso(2048) | Christey> Add "fingerprinting" to facilitate search. | Some references: | MISC:http://www.insecure.org/nmap/nmap-fingerprinting-article.html | BUGTRAQ:19981228 A few more fingerprinting techniques - time and netmask | http://marc.theaimsgroup.com/?l=bugtraq&m=91489155019895&w=2 | BUGTRAQ:19990222 Preventing remote OS detection | http://marc.theaimsgroup.com/?l=bugtraq&m=91971553006937&w=2 | BUGTRAQ:20000901 ICMP Usage In Scanning v2.0 - Research Paper | http://marc.theaimsgroup.com/?l=bugtraq&m=96791499611849&w=2 | BUGTRAQ:20000912 Using the Unused (Identifying OpenBSD, | http://marc.theaimsgroup.com/?l=bugtraq&m=96879267724690&w=2 | BUGTRAQ:20000912 The DF Bit Playground (Identifying Sun Solaris & OpenBSD OSs) | http://marc.theaimsgroup.com/?l=bugtraq&m=96879481129637&w=2 | BUGTRAQ:20000816 TOSing OSs out of the window / Fingerprinting Windows 2000 with | http://marc.theaimsgroup.com/?l=bugtraq&m=96644121403569&w=2 | BUGTRAQ:20000609 p0f - passive os fingerprinting tool | http://marc.theaimsgroup.com/?l=bugtraq&m=96062535628242&w=2 | Baker> I think we can probably reject this as the corollary is that you can identify OS from a IP/TCP packet sent by a system, looking at various parts of the SYN packet. Unless we believe that all systems should always use identical packet header/identical responses, in which case the protocol should not permit variation.
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 3(array)
    • Cveinfo(array)
      • id454
      • nameCVE-1999-0455
      • statusCandidate
      • descriptionThe Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.
      • phaseModified (19991210-01)
      • votesACCEPT(3) Balinsky, Frech, Ozancin | MODIFY(1) Wall | NOOP(1) Baker | REVIEWING(1) Christey
      • commentsWall> The reference should be ASB99-01 (Expression Evaluator Security Issues) | make application plural since there are three sample applications | (openfile.cfm, displayopenedfile.cfm, and exprcalc.cfm). | Christey> The CD:SF-EXEC and CD:SF-LOC content decisions apply here. | Since there are 3 separate "executables" with the same | (or similar) problem, we need to make sure that CD:SF-EXEC | determines what to do here. There is evidence that some | of these .cfm scripts have an "include" file, and if so, | then CD:SF-LOC says that we shouldn"t make separate entries | for each of these scripts. On the other hand, the initial | L0pht discovery didn"t include all 3 of these scripts, and | as far as I can tell, Allaire had patched the first problem | before the others were discovered. So, CD:DISCOVERY-DATE | may argue that we should split these because the problems | were discovered and patched at different times. | | In any case, this candidate can not be accepted until the | Editorial Board has accepted the CD:SF-EXEC, CD:SF-LOC, | and CD:DISCOVERY-DATE content decisions.
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 4(array)
    • Cveinfo(array)
      • id455
      • nameCVE-1999-0457
      • statusEntry
      • descriptionLinux ftpwatch program allows local users to gain root privileges.
      • phase(null)
      • votes(null)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
• $request->data(empty)
• $this->validationErrors(array)
  • Cveinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Form
  • 7Session
  • 8HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/index/page:91/sort:id/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/index/page:91/sort:id/direction:asc
Remote Port	34596
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.142.131.56
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.142.131.56
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.142.131.56
Unique Id	aBPDrhfj2LbAdsNgpHtg0wAAAgE
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.142.131.56
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.142.131.56
Redirect Unique Id	aBPDrhfj2LbAdsNgpHtg0wAAAgE
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.142.131.56
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.142.131.56
Redirect Redirect Unique Id	aBPDrhfj2LbAdsNgpHtg0wAAAgE
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746125742.4862
Request Time	1746125742

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/CveinfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Cveinfo.php
    • 1APP/Model/AppModel.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php