[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PROPOSAL: Cluster 22 - CDEC (15 candidates)



These candidates are affected by various content decisions that are
being discussed by the Board.

Dot Notation: most of these candidates will be affected by a content
decision that has to do with a Level of Abstraction choice, so a Dot
Notation approach might be used in some cases, if Dot Notation is
adopted.

Same Codebase: CAN-1999-0002, CAN-1999-0098, CAN-1999-0265,
  CAN-1999-0428

Different Functionality/Multiple Executables - CAN-1999-0042,
  CAN-1999-0411, CAN-1999-0449

Different Attack or Time of Discovery - CAN-1999-0015, CAN-1999-0104,
   CAN-1999-0257, CAN-1999-0258

Default Passwords - CAN-1999-0186, CAN-1999-0254, CAN-1999-0452

Same Checkbox/Different Functionality - CAN-1999-0537


Note that either CAN-1999-0186/CAN-1999-0254 or CAN-1999-0452 *must*
be REJECTed once that content decision is decided, due to the
requirement that the CVE should not contain any overlapping
vulnerabilities.

- Steve




CDEC (15 candidates)
--------------------
Proposed: 7/26
Scheduled Interim Decision: 8/23
Scheduled Final Decision: 8/27

Candidates affected by current content decision debates



Summary of votes to use (in ascending order of "severity"):

ACCEPT - member accepts the candidate as proposed
NOOP - member has no opinion on the candidate
MODIFY - member wants to change some minor detail (e.g. reference/description)
REVIEWING - member is reviewing/researching the candidate
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

Please write your vote on the line that starts with "VOTE: ".  If you
want to add comments or details, add them to lines after the VOTE: line.


=================================
Candidate: CAN-1999-0002
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: CERT:CA-98.12.mountd
Reference: XF:linux-mountd-bo

Buffer overflow in NFS mountd gives root access to remote attackers,
mostly in Linux systems.

VOTE:

=================================
Candidate: CAN-1999-0015
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: CERT:CA-97.28.Teardrop_Land
Reference: XF:teardrop

Teardrop IP denial of service.

VOTE:

=================================
Candidate: CAN-1999-0042
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: NAI:NAI-21
Reference: CERT:CA-97.09.imap_pop
Reference: XF:popimap-bo

Buffer overflow in University of Washington's implementation of
IMAP and POP servers.

VOTE:

=================================
Candidate: CAN-1999-0098
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: XF:smtp-helo-bo

Buffer overflow in SMTP HELO command in Sendmail allows a remote
attacker to hide activities.

VOTE:

=================================
Candidate: CAN-1999-0104
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: CERT:CA-97.28.Teardrop_Land
Reference: XF:teardrop-mod

A later variation on the Teardrop IP denial of service attack,
a.k.a. Teardrop-2

VOTE:

=================================
Candidate: CAN-1999-0186
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: SUN:00178
Reference: XF:snmp-backdoor-access

In Solaris, an SNMP subagent has a default community string that allows remote
attackers to execute arbitrary commands as root, or modify system
parameters.

VOTE:

=================================
Candidate: CAN-1999-0254
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: ISS:Hidden SNMP community in HP OpenView
Reference: XF:hpov-hidden-snmp-comm

A hidden SNMP community string in HP OpenView allows remote attackers
to modify MIB tables and obtain sensitive information.

VOTE:

=================================
Candidate: CAN-1999-0257
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF

Nestea variation of teardrop IP fragmentation denial of service.

VOTE:

=================================
Candidate: CAN-1999-0258
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF

Bonk variation of teardrop IP fragmentation denial of service.

VOTE:

=================================
Candidate: CAN-1999-0265
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: XF:icmp-redirect
Reference: XF:icmp-redirects

ICMP redirect messages may crash or lock up a host.

VOTE:

=================================
Candidate: CAN-1999-0411
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:Feb19,1999
Reference: XF:sco-startup-scripts

Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p,
including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a
symlink attack, allowing a local user to gain root access.

VOTE:

=================================
Candidate: CAN-1999-0428
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:Mar22,1999
Reference: XF:ssl-session-reuse

OpenSSL and SSLeay allows remote attackers to reuse SSL sessions.

VOTE:

=================================
Candidate: CAN-1999-0449
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:Jan26,1999
Reference: XF:iis-exair-dos
Reference: SF:193

Denial of service in IIS 4 with scripts from the ExAir sample site.

VOTE:

=================================
Candidate: CAN-1999-0452
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: SF

A service or application has a backdoor password that was placed there
by the developer.

VOTE:

=================================
Candidate: CAN-1999-0537
Published:
Final-Decision:
Interim-Decision:
Modified:
Announced: 19990726
Assigned: 19990607
Category: CF

A configuration in a web browser such as Internet Explorer or Netscape
Navigator allows execution of active content such as ActiveX, Java,
Javascript, etc.

VOTE:

Page Last Updated or Reviewed: May 22, 2007