[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cluster 04: VEN-HP
- To: "Steven M. Christey" <coley@linus.mitre.org>, cve-review@linus.mitre.org
- Subject: Re: Cluster 04: VEN-HP
- From: Adam Shostack <adam@netect.com>
- Date: Fri, 18 Jun 1999 09:28:41 -0400
- In-Reply-To: <199906171909.PAA16460@basie.mitre.org>; from Steven M. Christey on Thu, Jun 17, 1999 at 03:09:25PM -0400
- References: <199906171909.PAA16460@basie.mitre.org>
- Reply-To: adam@netect.com
On Thu, Jun 17, 1999 at 03:09:25PM -0400, Steven M. Christey wrote: | Candidate: CAN-1999-0057 | Proposer: 001 | Assigned: 19990617 | Announced: 19990617 | Category: SF | Reference: SNI:SNI-19 | Reference: XF:vacation | Reference: HP:HPSBUX9811-087 | | Vacation program allows command execution by remote users through | a sendmail command. MODIFY Problem 1: SNI-19 is SNI-19.BSD.lpd.vulnerabilities update according to http://geek-girl.com/bugtraq/1997_4/0106.html Problem 2: Wording is unclear. Is this a vacation problem, a .vacation problem, or a sendmail problem? | Candidate: CAN-1999-0551 | Proposer: 001 | Assigned: 19990617 | Announced: 19990617 | Category: CF | Reference: HP:HPSBUX9804-078 | Reference: XF:hp-openmail | | HP OpenMail can be misconfigured to allow users to run arbitrary | commands using malicious print requests. Question: Is this run arbitrary commands as root...? I NOOP on the others in this subcluster.
- References:
- Cluster 04: VEN-HP
- From: "Steven M. Christey" <coley@linus.mitre.org>
- Cluster 04: VEN-HP
- Prev by Date: Administrivia
- Next by Date: Re: Cluster 05: VEN-SGI
- Prev by thread: Cluster 04: VEN-HP
- Next by thread: Cluster 05: VEN-SGI
- Index(es):
