Logo -Internet Security Systems

CVE
advICE :Concordance : CVE
This section contains a concordance between Mitre's CVE database (see http://cve.mitre.org/) and the list of intrusions that Network ICE's products detect. CVE is an attempt to "normalize" the naming of vulnerabilities and exploits in order to make it easier to compare products.

However, CVE is only one small step in product comparison. Even though two vendors support the same CVE item doesn't mean they support it in the same way. For example, Network ICE detects all instances of the rpc.statd overflow (CVE-1999-0018), regardless of IP fragmentation, TCP segmentation, RPC record fragging, or obfuscated program code. Many IDSs simply include a few patterns from well-known exploit scripts and hope that adversaries are not intelligent enough to make the modifications necessary to evade their IDSs.

CVETitleadvICE
CVE-2001-0500 2002608
CVE-2001-0333 2000645
CVE-2001-0247 2001330
CVE-2001-0241 2002607
CVE-2001-0236Buffer overflow in Solaris snmpXdmid 2001734
CVE-2000-0884 2000639
CVE-2000-0733 2000906
CVE-2000-0666 2001737
CVE-2000-0452Buffer overflow in Lotus Domino Server 5.0.1 MAIL FROM 2001009
CVE-2000-0432The calender.pl and calender_admin.pl scripts allow remote execution of commands 2002582
CVE-2000-0418Cayman 3220-H DSL router vulnerable to ping-of-death 2000012
CVE-2000-0417Cayman 3220-H DSL router allows remote DoS via long username or password 2000622
CVE-2000-0411FormMail CGI script allows remote attackers to obtain environment via the env_report parameter. 2002511
CVE-2000-0405DNS name buffer overflow in L0pht AntiSniff 2000403
CVE-2000-0399Buffer overflow in MDaemon POP server user command. 2000701
CVE-2000-0398Buffer overflow in Rockliffe wconsole.dll 2002583
CVE-2000-0394NetProwler 3.0 D0S exploit 2000319
CVE-2000-0305Jolt2 IP Fragment Reassembly Windows DoS 2000018
CVE-2000-0279BeOS remote DoS via malformed short packets 2000207
2000307
CVE-2000-0261The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. 2000603
CVE-2000-0207SGI infosrch.cgi allows remote attackers to execute commands via shell metacharacters. 2002578
CVE-2000-0174StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. 2000603
CVE-2000-0149Zeus null 2000628
CVE-2000-0139Internet Anywhere POP3 DoS 2000706
CVE-2000-0131Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. 2001308
2001312
CVE-2000-0097WebHits ISAPI read 2002568
2002575
CVE-2000-0091vchkpw/vpopmail POP buffer overflow 2000701
2000702
CVE-2000-0042Buffer overflow in CSM mail server allows remote attackers to cause a DoS or execute commands via a long HELO 2001003
CVE-2000-0040glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command. 2001316
2001320
CVE-2000-0039AltaVista query.cgi dotdot 9000
2000609
CVE-2000-0026UnixWare i2odialogd overflow in username/password authorization 360
2000622
CVE-2000-0023Lotus Domino overflow 2000601
CVE-2000-0011Buffer overflow in AnalogX SimpleServer:WWW HTTP 2000608
CVE-1999-1011Microsoft IIS RDS/MDAC 2002560
CVE-1999-0997wu-ftp tar/uncompress conversion command execution 2001315
CVE-1999-0996Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request. 2000601
CVE-1999-0991Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name. 2000902
CVE-1999-0977Buffer overflow in Solaris sadmind NETMGT_PROC_SERVICE. 2001722
CVE-1999-0973Buffer overflow in Solaris snoop program via a long domain name when running in verbose mode. 2000403
CVE-1999-0969snork 2000203
CVE-1999-0953WWWBoard password file is under the web root and accessible by remote attackers. 2002562
CVE-1999-0936BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters. 2002591
CVE-1999-0934classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. 2002590
CVE-1999-0933TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. 2000603
CVE-1999-0918Denial of service in various Windows systems via malformed, fragmented IGMP packets. 2002902
CVE-1999-0915URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. 2000603
CVE-1999-0911proftpd MKDIR overflow 2001312
CVE-1999-0905Denial of service in Axent Raptor firewall via malformed zero-length IP options. 2000014
CVE-1999-0904Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username. 2000902
CVE-1999-0897iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. 2000603
CVE-1999-0896Buffer overflow in RealNetworks RealServer via a long username and password. 2000622
CVE-1999-0887FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack. 2000603
CVE-1999-0881Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. 2000603
CVE-1999-0875DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. 2000107
CVE-1999-0874Buffer overflow in IIS .HTR, .IDC, or .STM extensions. 2002559
CVE-1999-0873Buffer overflow in Skyfull mail server via MAIL FROM command. 2001009
CVE-1999-0868ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. 2002402
CVE-1999-0867Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers. 2000613
CVE-1999-0853Buffer overflow in Netscape Enterprise Server and Server HTTP Basic Authentication procedure. 2000622
CVE-1999-0842Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack. 2000603
CVE-1999-0833Buffer overflow in BIND 8.2 via NXT records. 2000415
CVE-1999-0819NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. 2001005
CVE-1999-0802Buffer overflow in Internet Explorer 5 Favorites icon. 2002555
CVE-1999-0789Buffer overflow in AIX ftpd in the libc library. 2001310
2001328
CVE-1999-0759Buffer overflow in FuseMAIL POP service via long USER and PASS commands. 2000702
CVE-1999-0725Double Byte Code Page vulnerability 2000612
CVE-1999-0710RedHat squid program installs cachemgr.cgi in a public web directory, allowing remote attackers to use it as an intermediary to connect to other systems. 2002594
CVE-1999-0704Buffer overflow in Berkeley automounter daemon (amd) logging facility 2001718
CVE-1999-0696Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd) 2001717
CVE-1999-0695Sybase PowerDynamo personal web server directory climbing 2000603
CVE-1999-0683Denial of service in Gauntlet Firewall via a malformed ICMP packet. 2000108
CVE-1999-0682MS Exchange 5.5 allows attacker to relay encapsulated email addresses 2001019
CVE-1999-0671Buffer overflow in ToxSoft NextFTP client through CWD command. 2001308
CVE-1999-0612A version of finger is running that exposes valid user information to any entity on the network. 2001101
CVE-1999-0514fraggle 2000205
CVE-1999-0513smurf 2000103
CVE-1999-0494Denial of service in WinGate proxy through a buffer overflow in POP3. 2000701
CVE-1999-0493rpc.statd forwarding 2001716
CVE-1999-0474ICQ Webserver allows remote directory climbing 2000603
CVE-1999-0454A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso. 2000314
2000321
CVE-1999-0408Cobalt RaQ interactive shells world readable 2002544
CVE-1999-0404Buffer overflow in the Mail-Max SMTP server for Windows 2001003
CVE-1999-0386MS PWS directory climbing 2000617
CVE-1999-0362WS_FTP server remote denial of service through cwd command. 2001308
CVE-1999-0349IIS NLST buffer overflow 2001319
CVE-1999-0346CGI PHP mlog script allows an attacker to read any file on the target server. 2002539
CVE-1999-0339libauth buffer overflow in Solaris 2000403
CVE-1999-0305BSD sysctl control does not properly restrict source routing. 2000013
CVE-1999-0303Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. 2000403
CVE-1999-0299Buffer overflow in FreeBSD lpd through long DNS hostnames. 2000403
CVE-1999-0294All records in a WINS database can be deleted through SNMP for a denial of service. 2002006
CVE-1999-0280Remote command execution in Microsoft Internet Explorer using .lnk and.url files. 2002546
CVE-1999-0278Attackers can obtain source code for ASP files by appending "::$DATA" to the URL. 2000607
CVE-1999-0272Denial of service in Slmail v2.5 through the POP3 port. 2000701
CVE-1999-0270pfdispaly CGI program for SGI's Performer API Search Tool allows read access to files. 2002523
2002610
2002611
CVE-1999-0266info2www CGI script allows remote file access or remote command execution. 2002518
CVE-1999-0264htmlscript CGI program allows remote read access to files. 2002517
CVE-1999-0262faxsurvey CGI script remote command execution via shell metacharacters. 2002509
CVE-1999-0260The jj CGI program allows command execution via shell metacharacters. 2002589
CVE-1999-0259 2001108
CVE-1999-0252Buffer overflow in listserv allows arbitrary command execution 2001034
CVE-1999-0244Livingston RADIUS buffer overflow in accounting code. 2000403
CVE-1999-0237Remote execution of arbitrary commands through Guestbook CGI program. 2002514
CVE-1999-0233IIS allows users to execute arbitrary commands using .bat or .cmd files. 2002501
CVE-1999-0219Serv-U FTP buffer overflow when user performs a cwd to a directory with a long name. 2001308
CVE-1999-0214Denial of service by sending forged ICMP unreachable packets. 2000104
CVE-1999-0209The SunView (SunTools) selection_svc facility allows remote users to read files. 2001732
CVE-1999-0208rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. 2001712
CVE-1999-0207Remote attacker runs through Reply-To field and a "lists" command. 2001028
CVE-1999-0204Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. 2001901
CVE-1999-0196The websendmail program in the Webgais program allows a remote user to access arbitrary files. 2002535
CVE-1999-0191IIS newdsn.exe CGI script allows remote users to overwrite files. 2002542
CVE-1999-0183Linux implementations of TFTP would allow access to files outside the restricted directory. 2001203
2003701
CVE-1999-0182Samba password buffer overflow allows root access. 2000504
CVE-1999-0178WebSite's win-c-sample buffer overflow. 2002536
CVE-1999-0177WebSite's uploader.exe CGI script allows remote execution of arbitrary commands. 2002538
CVE-1999-0176Webgais allows a remote execution of arbitrary commands. 2002534
CVE-1999-0175Novell's convert.bas allows reading of any file on system. 2002507
CVE-1999-0174The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. 2002532
CVE-1999-0173FormMail can be used by web servers other than the host server that the program resides on. 2002511
CVE-1999-0172FormMail CGI program allows remote execution of commands. 2002511
CVE-1999-0168NFS RPC portmap proxy 2001726
CVE-1999-0157Cisco PIX firewall and CBAC IP fragmentation DoS attack 2000011
CVE-1999-0153Windows NetBIOS TCP OOB aka WinNuke 2000303
CVE-1999-0152DG/UX fingerd command execution 2001104
CVE-1999-0150Perl fingerd command execution 2001104
CVE-1999-0149IRIX wrap CGI dotdot 2000609
CVE-1999-0148The handler CGI program in IRIX allows arbitrary command execution. 2002516
CVE-1999-0147CGI aglimpse 2002503
CVE-1999-0146NCSA campas CGI program 2002506
CVE-1999-0145Sendmail WIZ command enabled, allowing root access. SMTP
CVE-1999-0128Ping o' Death 2000012
CVE-1999-0116SYN flood 2000302
CVE-1999-0113Rlogin root access through -froot parameter 2002101
CVE-1999-0103echo/chargen can be used flood, bomb, storm target 2000202
2000210
2000211
CVE-1999-0102Buffer overflow in SLmail 3.x MAIL FROM 2001009
CVE-1999-0101Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names. 2000406
CVE-1999-0100Remote access in AIX innd 1.5.1, using control messages. 2002402
CVE-1999-0096Sendmail decode alias can be used to overwrite sensitive files 2001013
CVE-1999-0095DEBUG command in Sendmail allows attackers to execute commands as root 2001002
CVE-1999-0085rwhod buffer overflow in AIX 2001401
CVE-1999-0084NFS mknod bug 2001714
CVE-1999-0082CWD ~root command in ftpd allows root access. 2001304
CVE-1999-0080wu-ftp FTP server allows root access via "site exec" command. 2001305
CVE-1999-0079 2001331
CVE-1999-0073Client specifies environment variables like LD_LIBRARY_PATH 2000906
CVE-1999-0068CGI PHP mylog script reads any file on the target server. 2002540
CVE-1999-0067CGI phf 2002524
CVE-1999-0066AnyForm 2002504
CVE-1999-0060Ascend MAX and Pipeline DoS using discard packets. 2000204
CVE-1999-0059IRIX fam service allows listing of all files 2001723
CVE-1999-0058Buffer overflow in php.cgi 2000602
CVE-1999-0048Buffer overflow in talkd using corrupt DNS 2000403
CVE-1999-0046Buffer overflow of rlogin program using TERM environmental variable 2002104
CVE-1999-0045npg-test-cgi arbitrary file list 2002520
CVE-1999-0043innd newgroup and rmgroup overflows 2002402
CVE-1999-0042UW's POP/IMAP 2000701
2000702
CVE-1999-0039webdist CGI overflow 2002533
CVE-1999-0024DNS cache poisoning via BIND, by predictable query IDs. 2000402
CVE-1999-0021Count.cgi 2000608
2002588
CVE-1999-0018statd root compromise 2001702
CVE-1999-0017FTP bounce 2001302
CVE-1999-0016Land IP DoS 2000001
CVE-1999-0012bypass long filenames 2000614
CVE-1999-0010Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. 2000405
CVE-1999-0009BIND IQUERY overflow 2000410
CVE-1999-0008NIS+ buffer overflow 2001715
CVE-1999-0006qpopper pass overflow 2000701
CVE-1999-0005IMAP auth overflow 2000803
CVE-1999-0003tooltalk overflow 2001703
CVE-1999-0002mountd overflow 2001706

Privacy Policy |  Copyright Info