DOVES Vulnerability Database

DOVES Project
Computer Security Laboratory
Department of Computer Science
University of California at Davis

Description

DOVES is a database used for various analysis projects at UC Davis. It is not intended to supplant any other database; we just needed to cast the data into a framework we could use to analyze the underlying causes of vulnerabilities.

The Data

AGlimpse meta-characters
AnyForm meta-characters
bind qinv
Open more than RLIMIT_NOFILE file descriptors
Protected Store Key Length
DTS Password Availability
Active setup download
Active setup download
Malformed E-Mail Header in Outlook
Absent Directory Browser Argument
Persistent Mail Browser Link
BIND NXT record buffer overflow
Vulnerability in NCSA/Apache CGI example code
Relative Shell Path Vulnerability

Sources

The data is gathered from a variety of places; interesting holes people tell us about, the SANS digests, and various other places. If you'd like to contribute, instructions for preparing the data into this format are available here. Don't worry if it's not perfect; we'll tweak it as needed.

Send email to doves@cs.ucdavis.edu

Department of Computer Science
University of California at Davis
One Shields Ave.
Davis, CA 95616-8562