JVN/CVE Demo: Jvninfos

JVN List

Name	Title	Summary	Cveinfo	Cvssv2	Jvnurl	Published Date	Last Updated Date	Actions
JVNDB-2008-003611	cdcontrol の writtercontrol における任意のファイルを上書きされる脆弱性	cdcontrol の writtercontrol には、任意のファイルを上書きされる脆弱性が存在します。	CVE-2008-4944	6.9	http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003611.html	2008-08-24	2012-06-26	View
JVNDB-1999-000037	CDE dtaction の AddSuLog() 関数におけるバッファオーバーフローの脆弱性	CDE dtaction には、"-user" に 1024 bytes 以上の引数を与えた場合、LogFailure() 関数によって呼び出される AddSuLog() 関数においてバッファオーバーフローが発生する脆弱性が存在します。	CVE-1999-0691	7.2	http://jvndb.jvn.jp/ja/contents/1999/JVNDB-1999-000037.html	1999-09-13	2007-04-01	View
JVNDB-2001-000172	CDE dtspcd の libDtSvc ライブラリにバッファオーバーフローの脆弱性	CDE Subprocess Control Service (dtspcd) の libDtSvc ライブラリにバッファオーバーフローが発生する脆弱性が存在します。	CVE-2001-0803	10	http://jvndb.jvn.jp/ja/contents/2001/JVNDB-2001-000172.html	2001-11-06	2007-04-01	View
JVNDB-2001-000149	CDE ToolTalk database server におけるフォーマットストリングの脆弱性	CDE 環境において Tooltalk のコンポーネントは、バッファオーバーフローが発生する脆弱性が存在します。	CVE-2001-0717	10	http://jvndb.jvn.jp/ja/contents/2001/JVNDB-2001-000149.html	2001-10-01	2007-04-01	View
JVNDB-2002-000157	CDE ToolTalk の rpc.ttdbserverd における任意のファイルを上書きされる脆弱性	CDE ToolTalk には、TT_TRANSACTION プロシージャがログファイルを作成および書き込む場合に、ファイルのシンボリックリンクチェックが不適切であるため、ファイルを上書きされる脆弱性が存在します。	CVE-2002-0678	7.2	http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000157.html	2002-07-10	2007-04-01	View

Page 2215 of 13768, showing 5 records out of 68839 total, starting on record 11071, ending on 11075

<<first <prev 2211 | 2212 | 2213 | 2214 | 2215 | 2216 | 2217 | 2218 | 2219 next> last>>

Actions

List NVD

History
+
Request History
4 previous requests available
====
Session
+
Session
- 0(null)
====
Request
+
Request

Cake Params
- plugin(null)
- controllerjvninfos
- actionindex
- named(array)
  page2215
  sorttitle
  directionasc
- pass(empty)
- paging(array)
  Jvninfo(array)
  page2215
  current5
  count68839
  prevPage(true)
  nextPage(true)
  pageCount13768
  order(array)
  Jvninfo.titleasc
  limit5
  options(array)
  page2215
  order(array)
  Jvninfo.titleasc
  sorttitle
  directionasc
  conditions(empty)
  paramTypenamed
Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route
- keys(array)
  0controller
  1action
- options(array)
  defaultRoute(true)
- defaults(array)
  plugin(null)
- template/:controller/:action/*
====
Sql Log
+

Sql Logs

default
No query logs.

====

Timer

+

Memory

Peak Memory Use 3.85 MB

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.27 MB
View render complete	2.77 MB

Timers

Total Request Time: 219 (ms)

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.11
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	200.06
Event: Controller.beforeRender	4.48
» Processing toolbar data	4.39
Rendering View	6.52
» Event: View.beforeRender	0.03
» Rendering APP/View/Jvninfos/index.ctp	5.61
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.47
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.08
Event: View.afterLayout	0.00

====

Log
+

Logs

There were no log entries made this request

====
Variables
+
View Variables
- jvninfos(array)
  0(array)
  Jvninfo(array)
  id48301
  nameJVNDB-2008-003611
  titlecdcontrol の writtercontrol における任意のファイルを上書きされる脆弱性
  summarycdcontrol の writtercontrol には、任意のファイルを上書きされる脆弱性が存在します。
  cveinfo_nameCVE-2008-4944
  cveinfo_id35057
  nvdinfo_nameCVE-2008-4944
  nvdinfo_id4733
  cvssv26.9
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003611.html
  published_date2008-08-24
  registered_date2012-06-26
  last_updated_date2012-06-26
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id35057
  nameCVE-2008-4940
  statusCandidate
  descriptionxmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/aptoncd temporary file.
  phaseAssigned (20081105)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id4733
  nameCVE-2008-4944
  descriptionwrittercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files.
  reject(null)
  CVSS_version2
  CVSS_score6.9
  severityMedium
  CVSS_base_score6.9
  CVSS_impact_subscore10
  CVSS_exploit_subscore3.4
  nvd_xml_version(null)
  CVSS_vector(AV:L/AC:M/Au:N/C:C/I:C/A:C)
  sourcecve
  pub_date2017-01-03
  published2008-11-05
  modified_date2009-08-20
  typeCVE
  seq2008-4944
  deleted(null)
  created(null)
  modified(null)
  1(array)
  Jvninfo(array)
  id64389
  nameJVNDB-1999-000037
  titleCDE dtaction の AddSuLog() 関数におけるバッファオーバーフローの脆弱性
  summaryCDE dtaction には、"-user" に 1024 bytes 以上の引数を与えた場合、LogFailure() 関数によって呼び出される AddSuLog() 関数においてバッファオーバーフローが発生する脆弱性が存在します。
  cveinfo_nameCVE-1999-0691
  cveinfo_id672
  nvdinfo_nameCVE-1999-0691
  nvdinfo_id75342
  cvssv27.2
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/1999/JVNDB-1999-000037.html
  published_date1999-09-13
  registered_date2007-04-01
  last_updated_date2007-04-01
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id672
  nameCVE-1999-0691
  statusEntry
  descriptionBuffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
  phase(null)
  votes(null)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id75342
  nameCVE-1999-0691
  descriptionBuffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
  reject(null)
  CVSS_version2
  CVSS_score7.2
  severityHigh
  CVSS_base_score7.2
  CVSS_impact_subscore10
  CVSS_exploit_subscore3.9
  nvd_xml_version(null)
  CVSS_vector(AV:L/AC:L/Au:N/C:C/I:C/A:C)
  sourcecve
  pub_date2017-01-05
  published1999-09-13
  modified_date2008-09-09
  typeCVE
  seq1999-0691
  deleted(null)
  created(null)
  modified(null)
  2(array)
  Jvninfo(array)
  id64198
  nameJVNDB-2001-000172
  titleCDE dtspcd の libDtSvc ライブラリにバッファオーバーフローの脆弱性
  summaryCDE Subprocess Control Service (dtspcd) の libDtSvc ライブラリにバッファオーバーフローが発生する脆弱性が存在します。
  cveinfo_nameCVE-2001-0803
  cveinfo_id3609
  nvdinfo_nameCVE-2001-0803
  nvdinfo_id78251
  cvssv210
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2001/JVNDB-2001-000172.html
  published_date2001-11-06
  registered_date2007-04-01
  last_updated_date2007-04-01
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id3609
  nameCVE-2001-0803
  statusEntry
  descriptionBuffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands.
  phase(null)
  votes(null)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id78251
  nameCVE-2001-0803
  descriptionBuffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands.
  reject(null)
  CVSS_version2
  CVSS_score10
  severityHigh
  CVSS_base_score10
  CVSS_impact_subscore10
  CVSS_exploit_subscore10
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
  sourcecve
  pub_date2017-01-05
  published2001-12-06
  modified_date2008-09-05
  typeCVE
  seq2001-0803
  deleted(null)
  created(null)
  modified(null)
  3(array)
  Jvninfo(array)
  id64175
  nameJVNDB-2001-000149
  titleCDE ToolTalk database server におけるフォーマットストリングの脆弱性
  summaryCDE 環境において Tooltalk のコンポーネントは、バッファオーバーフローが発生する脆弱性が存在します。
  cveinfo_nameCVE-2001-0717
  cveinfo_id3525
  nvdinfo_nameCVE-2001-0717
  nvdinfo_id78170
  cvssv210
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2001/JVNDB-2001-000149.html
  published_date2001-10-01
  registered_date2007-04-01
  last_updated_date2007-04-01
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id3525
  nameCVE-2001-0717
  statusEntry
  descriptionFormat string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function.
  phase(null)
  votes(null)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id78170
  nameCVE-2001-0717
  descriptionFormat string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function.
  reject(null)
  CVSS_version2
  CVSS_score10
  severityHigh
  CVSS_base_score10
  CVSS_impact_subscore10
  CVSS_exploit_subscore10
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
  sourcecve
  pub_date2017-01-05
  published2001-10-30
  modified_date2008-09-05
  typeCVE
  seq2001-0717
  deleted(null)
  created(null)
  modified(null)
  4(array)
  Jvninfo(array)
  id63830
  nameJVNDB-2002-000157
  titleCDE ToolTalk の rpc.ttdbserverd における任意のファイルを上書きされる脆弱性
  summaryCDE ToolTalk には、TT_TRANSACTION プロシージャがログファイルを作成および書き込む場合に、ファイルのシンボリックリンクチェックが不適切であるため、ファイルを上書きされる脆弱性が存在します。
  cveinfo_nameCVE-2002-0678
  cveinfo_id5068
  nvdinfo_nameCVE-2002-0678
  nvdinfo_id79678
  cvssv27.2
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000157.html
  published_date2002-07-10
  registered_date2007-04-01
  last_updated_date2007-04-01
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id5068
  nameCVE-2002-0678
  statusEntry
  descriptionCDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
  phase(null)
  votes(null)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id79678
  nameCVE-2002-0678
  descriptionCDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
  reject(null)
  CVSS_version2
  CVSS_score7.2
  severityHigh
  CVSS_base_score7.2
  CVSS_impact_subscore10
  CVSS_exploit_subscore3.9
  nvd_xml_version(null)
  CVSS_vector(AV:L/AC:L/Au:N/C:C/I:C/A:C)
  sourcecve
  pub_date2017-01-05
  published2002-07-23
  modified_date2016-10-17
  typeCVE
  seq2002-0678
  deleted(null)
  created(null)
  modified(null)
- $request->data(empty)
- $this->validationErrors(array)
  Jvninfo(empty)
  Cveinfo(empty)
  Nvdinfo(empty)
- Loaded Helpers(array)
  0Number
  1SimpleGraph
  2Paginator
  3DebugTimer
  4Toolbar
  5Html
  6Text
  7Form
  8Session
  9HtmlToolbar
====

+

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:2215/sort:title/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:2215/sort:title/direction:asc
Remote Port	1579
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.217.10
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.80.175
Http Via	1.1 squid-proxy-5b5d847c96-wnrnx (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.217.10
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.217.10
Unique Id	aIDaSY8GbxAmFTrSABj-iQAAAb0
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.217.10
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.217.10
Redirect Unique Id	aIDaSY8GbxAmFTrSABj-iQAAAb0
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.217.10
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.217.10
Redirect Redirect Unique Id	aIDaSY8GbxAmFTrSABj-iQAAAb0
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1753274953.1507
Request Time	1753274953

====

Include
+
Included Files

Include Paths
- 0/virtual/inogo77/public_html/jvn/lib
- 2/opt/remi/php56/root/usr/share/pear
- 3/opt/remi/php56/root/usr/share/php
- 4/usr/share/pear
- 5/usr/share/php
- 6-> /virtual/inogo77/public_html/jvn/lib/Cake/
Included Files
- core(array)
  Cache(array)
  0CORE/Cache/Cache.php
  1CORE/Cache/Engine/FileEngine.php
  2CORE/Cache/CacheEngine.php
  Component(array)
  0CORE/Controller/Component/SessionComponent.php
  1CORE/Controller/Component/PaginatorComponent.php
  Config(array)
  0CORE/Config/routes.php
  1CORE/Config/config.php
  Controller(array)
  0CORE/Controller/Controller.php
  1CORE/Controller/ComponentCollection.php
  2CORE/Controller/Component.php
  Datasource(array)
  0CORE/Model/Datasource/CakeSession.php
  1CORE/Model/Datasource/Database/Mysql.php
  2CORE/Model/Datasource/DboSource.php
  3CORE/Model/Datasource/DataSource.php
  Error(array)
  0CORE/Error/exceptions.php
  1CORE/Error/ErrorHandler.php
  I18n(array)
  0CORE/I18n/I18n.php
  1CORE/I18n/L10n.php
  Log(array)
  0CORE/Log/CakeLog.php
  1CORE/Log/LogEngineCollection.php
  2CORE/Log/Engine/FileLog.php
  3CORE/Log/Engine/BaseLog.php
  4CORE/Log/CakeLogInterface.php
  Model(array)
  0CORE/Model/Model.php
  1CORE/Model/BehaviorCollection.php
  2CORE/Model/ConnectionManager.php
  Network(array)
  0CORE/Network/CakeRequest.php
  1CORE/Network/CakeResponse.php
  Other(array)
  0CORE/bootstrap.php
  1CORE/basics.php
  2CORE/Core/App.php
  3CORE/Core/Configure.php
  4CORE/Core/CakePlugin.php
  5CORE/Event/CakeEventListener.php
  6CORE/Event/CakeEvent.php
  7CORE/Event/CakeEventManager.php
  8CORE/Core/Object.php
  Routing(array)
  0CORE/Routing/Dispatcher.php
  1CORE/Routing/Filter/AssetDispatcher.php
  2CORE/Routing/DispatcherFilter.php
  3CORE/Routing/Filter/CacheDispatcher.php
  4CORE/Routing/Router.php
  5CORE/Routing/Route/CakeRoute.php
  6CORE/Routing/Route/PluginShortRoute.php
  Utility(array)
  0CORE/Utility/Hash.php
  1CORE/Utility/Inflector.php
  2CORE/Utility/ObjectCollection.php
  3CORE/Utility/Debugger.php
  4CORE/Utility/String.php
  5CORE/Utility/ClassRegistry.php
  View(array)
  0CORE/View/HelperCollection.php
- app(array)
  Component(array)
  0APP/Controller/Component/CommonComponent.php
  Config(array)
  0APP/Config/core.php
  1APP/Config/bootstrap.php
  2APP/Config/routes.php
  3APP/Config/database.php
  Controller(array)
  0APP/Controller/JvninfosController.php
  1APP/Controller/AppController.php
  Model(array)
  0APP/Model/Jvninfo.php
  1APP/Model/AppModel.php
  2APP/Model/Cveinfo.php
  3APP/Model/Nvdinfo.php
  Other(array)
  0APP/webroot/index.php
- plugins(array)
  DebugKit(array)
  Component(array)
  0DebugKit/Controller/Component/ToolbarComponent.php
  Other(array)
  0DebugKit/Lib/DebugMemory.php
  1DebugKit/Lib/Panel/HistoryPanel.php
  2DebugKit/Lib/DebugPanel.php
  3DebugKit/Lib/Panel/SessionPanel.php
  4DebugKit/Lib/Panel/RequestPanel.php
  5DebugKit/Lib/Panel/SqlLogPanel.php
  6DebugKit/Lib/Panel/TimerPanel.php
  7DebugKit/Lib/Panel/LogPanel.php
  8DebugKit/Lib/Panel/VariablesPanel.php
  9DebugKit/Lib/Panel/EnvironmentPanel.php
  10DebugKit/Lib/Panel/IncludePanel.php
  11DebugKit/Lib/DebugTimer.php
  Log(array)
  0DebugKit/Lib/Log/Engine/DebugKitLog.php
====