[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PROPOSAL: Cluster 17 - MULT2 (14 candidates)



The following MULT2 cluster contains 14 candidates, most related to
the Same Codebase content decision.  A few are affected by the
Different Program, Same Code content decision.  These candidates were
discovered after I originally proposed the MULT cluster.

Scheduled Modification: 7/22
Scheduled Interim Decision: 7/19
Scheduled Final Decision: 7/23

- Steve



Summary of votes to use (in ascending order of "severity"):

ACCEPT - member accepts the candidate as proposed
NOOP - member has no opinion on the candidate
MODIFY - member wants to change some minor detail (e.g. reference/description)
REVIEWING - member is reviewing/researching the candidate
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

Please write your vote on the line that starts with "VOTE: ".  If you
want to add comments or details, add them to lines after the VOTE: line.


=================================
Candidate: CAN-1999-0048
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF
Reference: CERT:CA-97.04.talkd
Reference: FreeBSD:FreeBSD-SA-96:21
Reference: AUSCERT:AA-97.01
Reference: SUN:00147
Reference: XF:talkd-bo

Talkd, when given corrupt DNS information, can be used to execute
arbitrary commands with root privileges.

VOTE:

=================================
Candidate: CAN-1999-0079
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF
Reference: XF:ftp-pasv-dos
Reference: XF:ftp-pasvdos

Remote attackers can cause a denial of service in FTP by issuing
multiple PASV commands, causing the server to run out of available
ports.

VOTE:

=================================
Candidate: CAN-1999-0113
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF

Some implementations of rlogin would allow root access if given a
-froot parameter.

VOTE:

=================================
Candidate: CAN-1999-0166
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF
Reference: XF:nfs-cd

NFS allowed users to use a "cd .." command to access other directories
besides the exported file system.

VOTE:

=================================
Candidate: CAN-1999-0169
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF
Reference: XF:nfs-uid

NFS allows attackers to read and write any file on the system by
specifying a false UID.

VOTE:

=================================
Candidate: CAN-1999-0170
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF
Reference: XF:nfs-ultrix

Remote attackers can mount an NFS file system in Ultrix or OSF, even
if it is denied on the access list.

VOTE:

=================================
Candidate: CAN-1999-0171
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF
Reference: XF:syslog-flood

Denial of service in syslog by sending it a large number of
superfluous messages.

VOTE:

=================================
Candidate: CAN-1999-0180
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF

in.rshd allows users to login with a NULL username and execute commands.

VOTE:

=================================
Candidate: CAN-1999-0193
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF

Denial of service in Ascend and 3com routers, which can be rebooted by
sending a zero length TCP option.

VOTE:

=================================
Candidate: CAN-1999-0201
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF
Reference: XF:ftp-home

A quote cwd command on FTP servers can reveal the full path of the
home directory of the "ftp" user.

VOTE:

=================================
Candidate: CAN-1999-0211
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF

Extra long export lists over 256 characters in some mount daemons
allowed remote intruders to mount NFS directories.

VOTE:

=================================
Candidate: CAN-1999-0251
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF
Reference: XF:talkd-flash

Denial of service in talk program allows remote attackers to
disrupt a user's display.

VOTE:

=================================
Candidate: CAN-1999-0266
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF

The info2www CGI script allows remote file access or remote
command execution.

VOTE:

=================================
Candidate: CAN-1999-0298
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990714
Assigned: 19990607
Category: SF
Reference: NAI:NAI-6

ypbind with -ypset and -ypsetme options activated
in Linux Slackware and SunOS allows local and remote attackers to
overwrite files.

VOTE:

 
Page Last Updated: May 22, 2007