[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

INTERIM DECISION: ACCEPT 16 candidates from MODIFY-01 cluster




All:

I have made an Interim Decision to ACCEPT the following 16 candidates
from the MODIFY-01 cluster.  I made some extremely small modifications
to some descriptions, as noted.

I will make a Final Decision on these candidates on this Friday, July
2nd, unless there is objection.  Members who have already voted on
these clusters need not respond unless they wish to change their
votes.

Note that there are still 9 active candidates from MODIFY-01 that
remain in the Modification phase: CAN-1999-0004, CAN-1999-0018,
CAN-1999-0035, CAN-1999-0046, CAN-1999-0078, CAN-1999-0099,
CAN-1999-0128, CAN-1999-0132, and CAN-1999-0208.  Most of these
candidates are affected by the current discussion on "Same Attack"
versus "Same Codebase" content decisions, since each vulnerability
occurs on a range of OSes or applications.

- Steve


=================================
Candidate: CAN-1999-0003
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:aix-ttdbserver
Reference: XF:tooltalk
Reference: CERT:CA-98.11.tooltalk
Reference: NAI:NAI-29
Reference: SGI:19981101-01-A
Reference: SGI:19981101-01-PX

Execute commands as root via buffer overflow in Tooltalk database
server (rpc.ttdbserverd)

Modifications:
  ADDREF XF:aix-ttdbserver
  ADDREF XF:tooltalk

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0049
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:sgi-csetup
Reference: CERT:CA-97.03.csetup

Csetup under IRIX allows arbitrary file creation or overwriting.

Modifications:
  ADDREF XF:sgi-csetup

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0051
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:sgi-licensemanager
Reference: CERT:CA-97.01.flex_lm
Reference: AUSCERT:AA-96.03

Arbitrary file creation and program execution using FLEXlm
LicenseManager, from versions 4.0 to 5.0, in IRIX.

Modifications:
  ADDREF XF:sgi-licensemanager

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0117
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:ibm-passwd
Reference: CERT:CA-92:07.AIX.passwd.vulnerability

AIX passwd allows local users to gain root access.

Modifications:
  ADDREF XF:ibm-passwd

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0130
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:sendmail-daemon-mode
Reference: CERT:CA-96.24.sendmail.daemon.mode

Local users can start Sendmail in daemon mode and gain root privileges.

Modifications:
  ADDREF XF:sendmail-daemon-mode

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0131
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:smtp-875bo
Reference: CERT:CA-96.20.sendmail_vul

Buffer overflow and denial of service in Sendmail 8.7.5 and
earlier through GECOS field gives root access to local users.

Modifications:
  ADDREF XF:smtp-875bo

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0134
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990628-02
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:sol-voldtmp
Reference: CERT:CA-96.17.Solaris_vold_vul
Reference: AUSCERT:AL-96.04

vold in Solaris 2.x allows local users to gain root access.

Modifications:
  DESC added period at end of sentence
  ADDREF XF:sol-voldtmp

VOTES:
ACCEPT (3) Shostack, Landfield, Northcutt
MODIFY (1) Frech

COMMENTS:
 Frech> Period follows the end of a sentence in the description.


=================================
Candidate: CAN-1999-0135
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:sun-admintool
Reference: CERT:CA-96.16.Solaris_admintool_vul
Reference: AUSCERT:AL-96.03

admintool in Solaris allows a local user to write to arbitrary files
and gain root access.

Modifications:
  ADDREF XF:sun-admintool

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0136
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:sol-KCMSvuln
Reference: AUSCERT:AL-96.02
Reference: CERT:CA-96.15.Solaris_KCMS_vul

Kodak Color Management System (KCMS) on Solaris allows a local user to
write to arbitrary files and gain root access.

Modifications:
  ADDREF XF:sol-KCMSvuln

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0137
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:linux-dipbo
Reference: CERT:CA-96.13.dip_vul
Reference: XF:dip-bo

The dip program on many Linux systems allows local users to gain root
access via a buffer overflow.

Modifications:
  ADDREF XF:linux-dipbo

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0141
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990628-02
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:http-java-applet
Reference: CERT:CA-96.07.java_bytecode_verifier
Reference: SUN:00134

Java Bytecode Verifier allows malicious applets to execute
arbitrary commands as the user of the applet.

Modifications:
  DESC changed to present tense
  ADDREF XF:http-java-applet

VOTES:
ACCEPT (3) Shostack, Landfield, Northcutt
MODIFY (1) Frech

COMMENTS:
 Frech> "allows malicious applets..." since this vuln relates to the time
 Frech> when this vulnerability existed.


=================================
Candidate: CAN-1999-0155
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:gscript-dsafer
Reference: CERT:CA-95.10.ghostscript

The ghostscript command with the -dSAFER option allows remote
attackers to execute commands.

Modifications:
  ADDREF XF:gscript-dsafer

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0164
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:sol-pstmprace
Reference: AUSCERT:AA-95.07
Reference: CERT:CA-95.09.Solaris.ps.vul

A race condition in the Solaris ps command allows an attacker to
overwrite critical files.

Modifications:
  ADDREF XF:sol-pstmprace

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0209
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:selsvc
Reference: CERT:CA-90.05.sunselection.vulnerability

The SunView (SunTools) selection_svc facility allows remote users to
read files.

Modifications:
  ADDREF XF:selsvc

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

=================================
Candidate: CAN-1999-0267
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990628-02
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:http-port
Reference: CERT:CA-95.04.NCSA.http.daemon.for.unix.vulnerability

Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution.

Modifications:
  DESC changed to present tense
  ADDREF XF:http-port

VOTES:
ACCEPT (3) Shostack, Landfield, Northcutt
MODIFY (1) Frech

COMMENTS:
 Frech> "allows remote..." (keeping it in present tense)


=================================
Candidate: CAN-1999-0277
Published: 
Final-Decision: 
Interim-Decision: 19990628
Modified: 19990621-01
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:workman
Reference: CERT:CA-96.23.workman_vul

The WorkMan program can be used to overwrite any file to get root access.

Modifications:
  ADDREF XF:workman

VOTES:
ACCEPT (4) Shostack, Landfield, Frech, Northcutt

Page Last Updated or Reviewed: May 22, 2007