Database Of Vulnerabilities, Exploits, and Signatures

This is the home for the public part of DOVES.

UNIX Vulnerabilities

  1. fingerd(8) Daemon Buffer Overflow
  2. mkdir(1) Race Condition
  3. loadmodule(1) Environment Variable Problem
  4. modload(1) Environment Variable Problem
  5. expreserve(1) IFS Environment Variable Problem
  6. expreserve(1) PATH Environment Variable Problem
  7. rdist(1) IFS Environment Variable Problem
  8. rdist(1) PATH Environment Variable Problem
  9. xterm(1) Race Condition
  10. Audio Eavesdropping

Burroughs B6700 Vulnerabilities

  1. Failure to Check Integrity of Program Labels

IBM KVM 360 Vulnerabilities

  1. Communications Channel Between Virtual Machines

Network Protocol and Implementation Vulnerabilities

  1. Same Source and Destination Addresses
  2. Maximum Size ICMP ECHO Packets

If you want to add something to this database, please download a copy of the Vulnerability Template File (below) and fill it out. The file contains instructions on how to do this. Then email it to us at bishop@cs.ucdavis.edu and indicate any restrictions on dissemination. We'll assign it a number and put your file into the database. If we edit it for consistency or because we have additional information, we'll send you a copy for approval before we put it into the database.

We ask you to mail it to us for two reasons:

  1. So we can assign it a unique number in the DOVES scheme
  2. So we can make a consistency check against other vulnerabilities