|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: PROPOSAL: Cluster 21 - MORELOW (37 candidates)
================================= Candidate: CAN-1999-0012 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: CERT:CA-98.04.Win32.WebServers Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. VOTE: Accept ================================= Candidate: CAN-1999-0063 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: AUSCERT:ESB-98.197 Reference: CISCO:http://www.cisco.com/warp/public/770/iossyslog-pub.shtml Cisco IOS 12.0 and other versions can be crashed by nmap UDP scans VOTE: Accept ================================= Candidate: CAN-1999-0123 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: XF:linux-mailx Race condition in Linux mailx command allows local users to read user files. VOTE: Accept ================================= Candidate: CAN-1999-0125 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: XF:si-mailx-bo Reference: SGI:19980605-01-PX Buffer overflow in SGI IRIX mailx program. VOTE: Accept ================================= Candidate: CAN-1999-0234 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: XF:bash-cmd Bash treats any character with a value of 255 as a command separator. VOTE: Accept ================================= Candidate: CAN-1999-0275 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: XF:nt-dns-crash Reference: MS:Q169461 Denial of service in Windows NT DNS servers by flooding the server. VOTE: Accept ================================= Candidate: CAN-1999-0299 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: NAI:NAI-9 Buffer overflow in FreeBSD lpd through long DNS hostnames. VOTE: Accept ================================= Candidate: CAN-1999-0355 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: ISS:Multiple vulnerabilities in ControlIT(tm) (formerly Remotely Possible/32) enterprise management software Reference: XF:controlit-reboot Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. VOTE: Accept ================================= Candidate: CAN-1999-0362 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: EEYE:AD02021999 Reference: XF:wsftp-remote-dos Reference: SF:217 WS_FTP server remote denial of service through cwd command. VOTE: Accept ================================= Candidate: CAN-1999-0363 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb02,1999 Reference: XF:plp-lpc-bo Reference: SF:328 SuSe 5.2 PLP lpc program has a buffer overflow that leads to root compromise. VOTE: Accept ================================= Candidate: CAN-1999-0365 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb04,1999 Reference: XF:metamail-header-commands The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. VOTE: Accept ================================= Candidate: CAN-1999-0371 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb11,1999 Reference: XF:lynx-temp-files-race Lynx allows a local user to overwrite sensitive files through /tmp symlinks. VOTE: Accept ================================= Candidate: CAN-1999-0380 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb25,1999 Reference: SF:497 SLMail 3.2 or 3.1 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled. VOTE: Accept ================================= Candidate: CAN-1999-0381 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb26,1999 Reference: Sekure:SUPER's log function buffer overflow Reference: XF:linux-super-logging-bo Reference: SF:342 super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. VOTE: Accept ================================= Candidate: CAN-1999-0383 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb02,1999 Reference: XF:acc-tigris-login ACC Tigris allowed public access without a login. VOTE: Accept ================================= Candidate: CAN-1999-0392 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jan10,1999 Reference: XF:http-cgic-library-bo Buffer overflow in Thomas Boutell's cgic library version 1.05. VOTE: Accept ================================= Candidate: CAN-1999-0402 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb2,1999 Reference: XF:wget-permissions Reference: DEBIAN:19990220 wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. VOTE: Accept ================================= Candidate: CAN-1999-0404 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb14,1999 Reference: XF:mailmax-bo Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. VOTE: Accept ================================= Candidate: CAN-1999-0408 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb19,1999 Reference: XF:cobalt-raq-history-exposure Reference: SF:337 Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. VOTE: Accept ================================= Candidate: CAN-1999-0409 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Mar4,1999 Reference: XF:gnuplot-home-overflow Reference: SF:319 Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access. VOTE: Accept ================================= Candidate: CAN-1999-0410 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Mar5,1999 Reference: XF:sol-cancel Reference: SF:293 The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. VOTE: Accept ================================= Candidate: CAN-1999-0412 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb19,1999 Reference: XF:iis-isapi-execute Reference: SF:501 In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. VOTE: Noop ================================= Candidate: CAN-1999-0417 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Mar9,1999 Reference: XF:solaris-psinfo-crash Reference: SF:448 64 bit Solaris 7 procfs allows local users to perform a denial of service. VOTE: Accept ================================= Candidate: CAN-1999-0424 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: SUSE:Mar18,1999 Reference: XF:netscape-talkback-overwrite talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. VOTE: Accept ================================= Candidate: CAN-1999-0425 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: SUSE:Mar18,1999 Reference: XF:netscape-talkback-kill talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes. VOTE: Accept ================================= Candidate: CAN-1999-0429 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: CF Reference: BUGTRAQ:Mar23,1999 Reference: XF:lotus-client-encryption The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference. VOTE: Accept ================================= Candidate: CAN-1999-0439 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Apr4,1999 Reference: XF:procmail-overflow Buffer overflow in procmail before version 3.12 allows remote execution, or local attackers to gain privileges. VOTE: Accept ================================= Candidate: CAN-1999-0440 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Apr4,1999 Reference: XF:java-unverified-code The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. VOTE: Accept ================================= Candidate: CAN-1999-0441 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: EEYE:AD02221999 Reference: XF:wingate-redirector-dos Reference: SF:509 Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. VOTE: Accept ================================= Candidate: CAN-1999-0442 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jan7,1999 Reference: SF:327 Solaris ff.core allows local users to modify files. VOTE: Accept ================================= Candidate: CAN-1999-0448 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: XF:iis-http-request-logging IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. VOTE: Noop ================================= Candidate: CAN-1999-0450 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jan22,1999 Reference: SF:194 In IIS, an attacker could determine a real path using a request for a non-existent URLs that would be interpreted by Perl (perl.exe) . VOTE: Accept ================================= Candidate: CAN-1999-0451 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jan19,1999 Reference: SF:343 Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port. VOTE: Accept ================================= Candidate: CAN-1999-0455 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: ALLAIRE:ASB-001 Reference: XF:coldfusion-expression-evaluator Reference: SF:115 The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server. VOTE: Accept ================================= Candidate: CAN-1999-0457 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jan17,1999 Reference: DEBIAN:19990117 Reference: XF:ftpwatch-vuln Reference: SF:317 Linux ftpwatch program allows local users to gain root privileges. VOTE: Modify A little vague. ================================= Candidate: CAN-1999-0460 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb18,1999 Reference: SF:312 Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service. VOTE: Accept ================================= Candidate: CAN-1999-0477 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990726 Assigned: 19990607 Category: SF Reference: L0PHT:Cold Fusion App Server Reference: XF:coldfusion-expression-evaluator Reference: SF:115 The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to execute commands by uploading a file. VOTE: Accept
|
||||
