[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PROPOSAL: Cluster 11 - BUF (32 candidates)


The following cluster is a Low controversy cluster of vulnerabilities
for buffer overflows that occur in a single application.

- Steve


Summary of votes to use (in ascending order of "severity"):

ACCEPT - member accepts the candidate as proposed
NOOP - member has no opinion on the candidate
MODIFY - member wants to change some minor detail (e.g. reference/description)
REVIEWING - member is reviewing/researching the candidate
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

Please write your vote on the line that starts with "VOTE: ".  If you
want to add comments or details, add them to lines after the VOTE: line.


=================================
Candidate: CAN-1999-0047
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: CERT:CA-97.05.sendmail

MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.

VOTE: 

=================================
Candidate: CAN-1999-0058
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: NAI:NAI-12
Reference: XF:http-phpbo
Reference: XF:http-cgi-phpbo

Buffer overflow in PHP cgi program, php.cgi allows shell access.

VOTE: 

=================================
Candidate: CAN-1999-0064
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:lquerylv-bo

Buffer overflow in AIX lquerylv program gives root access to local users.

VOTE: 

=================================
Candidate: CAN-1999-0071
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-apache-cookie
Reference: NAI:NAI-2

Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.

VOTE: 

=================================
Candidate: CAN-1999-0085
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:rwhod
Reference: XF:rwhod-vuln

rwhod buffer overflow in AIX

VOTE: 

=================================
Candidate: CAN-1999-0102
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:slmail-fromheader-overflow

Buffer overflow in SLmail 3.x allows attackers to execute commands
using a large FROM line.

VOTE: 

=================================
Candidate: CAN-1999-0108
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

The printers program in IRIX has a buffer overflow that gives root
access to local users.

VOTE: 

=================================
Candidate: CAN-1999-0109
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

Buffer overflow in ffbconfig in Solaris 2.5.1

VOTE: 

=================================
Candidate: CAN-1999-0112
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

Buffer overflow in AIX dtterm program for the CDE

VOTE: 

=================================
Candidate: CAN-1999-0122
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

Buffer overflow in AIX lchangelv gives root access.

VOTE: 

=================================
Candidate: CAN-1999-0139
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: RSI:RSI.0012.12-03-98.SOLARIS.MKCOOKIE

Buffer overflow in Solaris x86 mkcookie allows local users to
obtain root access.

VOTE: 

=================================
Candidate: CAN-1999-0182
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: CIAC:H-110
Reference: XF:nt-samba-bo

Samba has a buffer overflow which allows a remote attacker to obtain
root access by specifying a long password.

VOTE: 

=================================
Candidate: CAN-1999-0187
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: SUN:00179

The rdist program in Solaris has some buffer overflows that allow
attackers to gain root access.

VOTE: 

=================================
Candidate: CAN-1999-0192
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: SNI:SNI-20
Reference: XF:bsd-tel-tgetent

Buffer overflow in telnet daemon tgetent routing allows remote
attackers to gain root access via the TERMCAP environmental variable.

VOTE: 

=================================
Candidate: CAN-1999-0206
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.

VOTE: 

=================================
Candidate: CAN-1999-0219
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:ftp-servu

Buffer overflow in Serv-U FTP server when user performs a cwd to a
directory with a long name.

VOTE: 

=================================
Candidate: CAN-1999-0230
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

Buffer overflow in Cisco 760 routers through the telnet service.

VOTE: 

=================================
Candidate: CAN-1999-0232
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

Buffer overflow in NCSA WebServer (version 1.5c) gives remote access.

VOTE: 

=================================
Candidate: CAN-1999-0235
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access.

VOTE: 

=================================
Candidate: CAN-1999-0244
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: NAI:NAI-23

Livingston RADIUS code has a buffer overflow which can allow remote
execution of commands as root.

VOTE: 

=================================
Candidate: CAN-1999-0255
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

Buffer overflow in ircd allows arbitrary command execution.

VOTE: 

=================================
Candidate: CAN-1999-0256
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:war-ftpd

Buffer overflow in War FTP allows remote execution of commands.

VOTE: 

=================================
Candidate: CAN-1999-0276
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF

mSQL v2.0.1 and below allows remote execution through a buffer overflow.

VOTE: 

=================================
Candidate: CAN-1999-0297
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: NAI:NAI-3

Buffer overflow in Vixie Cron 2.1 allows local users to obtain root
access.

VOTE: 

=================================
Candidate: CAN-1999-0315
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:fdformat-bo

Buffer overflow in Solaris fdformat command gives root access to local
users.

VOTE: 

=================================
Candidate: CAN-1999-0317
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:su-bo

Buffer overflow in Linux su command gives root access to local
users.

VOTE: 

=================================
Candidate: CAN-1999-0318
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:xmcd-envbo

Buffer overflow in xmcd 2.0p12 allows local users to gain access
through an environmental variable.

VOTE: 

=================================
Candidate: CAN-1999-0319
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:xmcd-tiflestr

Buffer overflow in xmcd 2.1 allows local users to gain access
through a user resource setting.

VOTE: 

=================================
Candidate: CAN-1999-0339
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: XF:sol-sun-libauth

Buffer overflow in the libauth library in Solaris allows local users
to gain additional privileges, possibly root access.

VOTE: 

=================================
Candidate: CAN-1999-0373
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: ISS:Buffer Overflow in "Super" package in Debian Linux

Buffer overflow in the "Super" utility in Debian Linux and other
operating systems allows local users to execute commands as root.

VOTE: 

=================================
Candidate: CAN-1999-0375
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: NAI:February 16, 1999
Reference: BUGTRAQ:Feb16,1999

Buffer overflow in webd in Network Flight Recorder (NFR)
2.0.2-Research allows remote attackers to execute commands.

VOTE: 

=================================
Candidate: CAN-1999-0405
Published: 
Final-Decision: 
Interim-Decision: 
Modified: 
Announced: 19990623
Assigned: 19990607
Category: SF
Reference: HERT:002
Reference: BUGTRAQ:Feb18,1999

A buffer overflow in lsof allows local users to obtain root
privilege.

VOTE:
Page Last Updated or Reviewed: May 22, 2007