|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] INTERIM DECISION: ACCEPT 6 candidates from VEN-SGI (Final 7/5)
I have ACCEPTed the following candidates from VEN-SGI and will make a Final Decision on 7/5. The only candidate not accepted in the VEN-SGI cluster involved a minor description change suggested by Adam Shostack, which has a small but potentially controversial effect on content decisions with respect to what goes into descriptive text. I am delaying that candidate to avoid diluting the current content decision discussions with a side issue. - Steve ================================= Candidate: CAN-1999-0044 Published: Final-Decision: Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19970301-01-P Reference: XF:sgi-fsdump fsdump command in IRIX allows local users to obtain root access by modifying sensitive files. Modifications: CHANGEREF HP:19970301-01-P SGI:19970301-01-P CHANGEREF ISS:sgi-fsdump XF:sgi-fsdump VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> HP reference should probably be SGI Frech> ISS reference should be XF ================================= Candidate: CAN-1999-0215 Published: Final-Decision: Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19981004-01-PX Reference: CIAC:J-012 Reference: XF:ripapp Routed allows attackers to append data to files. Modifications: ADDREF XF:ripapp VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:ripapp ================================= Candidate: CAN-1999-0327 Published: Final-Decision: Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19971103-01-PX Reference: XF:sgi-syserr SGI syserr program allows local users to corrupt files. Modifications: ADDREF XF:sgi-syserr VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:sgi-syserr ================================= Candidate: CAN-1999-0329 Published: Final-Decision: Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19980602-01-PX Reference: XF:sgi-mediad SGI mediad program allows local users to gain root access. Modifications: ADDREF XF:sgi-mediad VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:sgi-mediad ================================= Candidate: CAN-1999-0413 Published: Final-Decision: Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19990301-01-PX Reference: XF:irix-font-path-overflow A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. Modifications: ADDREF XF:irix-font-path-overflow VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:irix-font-path-overflow ================================= Candidate: CAN-1999-0463 Published: Final-Decision: Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19981201-01-PX Reference: XF:sgi-fcagent-dos Remote attackers can perform a denial of service using IRIX fcagent. Modifications: ADDREF XF:sgi-fcagent-dos VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:sgi-fcagent-dos
|
||||
