|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] FINAL DECISION: ACCEPT 45 various candidates
I have made a Final Decision to ACCEPT the following 45 candidates. 15 come from the CGI cluster, 21 from BUF, and 9 from MORELOW. These candidates are now assigned CVE names as noted below. Voting details and comments are provided afterwards. This brings our total to 185 validated CVE entries. The CVE names for candidates that reach Final Decision should be regarded as stable. In the case of these and all other candidates that reach Final Decision during this validation period, accepted candidates won't reach Publication phase until the CVE goes fully public. The only difference between Publication and Final Decision is that the CVE name is officially "announced" by MITRE during Publication. - Steve Candidate CVE Name --------- ---------- CAN-1999-0047 CVE-1999-0047 CAN-1999-0058 CVE-1999-0058 CAN-1999-0063 CVE-1999-0063 CAN-1999-0064 CVE-1999-0064 CAN-1999-0066 CVE-1999-0066 CAN-1999-0070 CVE-1999-0070 CAN-1999-0071 CVE-1999-0071 CAN-1999-0085 CVE-1999-0085 CAN-1999-0102 CVE-1999-0102 CAN-1999-0109 CVE-1999-0109 CAN-1999-0112 CVE-1999-0112 CAN-1999-0122 CVE-1999-0122 CAN-1999-0139 CVE-1999-0139 CAN-1999-0146 CVE-1999-0146 CAN-1999-0147 CVE-1999-0147 CAN-1999-0148 CVE-1999-0148 CAN-1999-0149 CVE-1999-0149 CAN-1999-0172 CVE-1999-0172 CAN-1999-0176 CVE-1999-0176 CAN-1999-0182 CVE-1999-0182 CAN-1999-0192 CVE-1999-0192 CAN-1999-0196 CVE-1999-0196 CAN-1999-0206 CVE-1999-0206 CAN-1999-0219 CVE-1999-0219 CAN-1999-0230 CVE-1999-0230 CAN-1999-0237 CVE-1999-0237 CAN-1999-0244 CVE-1999-0244 CAN-1999-0256 CVE-1999-0256 CAN-1999-0262 CVE-1999-0262 CAN-1999-0264 CVE-1999-0264 CAN-1999-0269 CVE-1999-0269 CAN-1999-0276 CVE-1999-0276 CAN-1999-0278 CVE-1999-0278 CAN-1999-0279 CVE-1999-0279 CAN-1999-0315 CVE-1999-0315 CAN-1999-0339 CVE-1999-0339 CAN-1999-0355 CVE-1999-0355 CAN-1999-0363 CVE-1999-0363 CAN-1999-0365 CVE-1999-0365 CAN-1999-0371 CVE-1999-0371 CAN-1999-0404 CVE-1999-0404 CAN-1999-0405 CVE-1999-0405 CAN-1999-0410 CVE-1999-0410 CAN-1999-0417 CVE-1999-0417 CAN-1999-0441 CVE-1999-0441 ================================= Candidate: CAN-1999-0047 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: CERT:CA-97.05.sendmail Reference: XF:sendmail-mime-bo2 MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. Modifications: ADDREF XF:sendmail-mime-bo2 VOTES: ACCEPT(3) Northcutt, Hill, Prosser MODIFY(1) Frech COMMENTS: Frech> XF:sendmail-mime-bo2 ================================= Candidate: CAN-1999-0058 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: NAI:NAI-12 Reference: XF:http-cgi-phpbo Buffer overflow in PHP cgi program, php.cgi allows shell access. Modifications: DELREF XF:http-phpbo VOTES: ACCEPT(3) Northcutt, Hill, Prosser MODIFY(1) Frech COMMENTS: Frech> Delete XF:http-phpbo ================================= Candidate: CAN-1999-0063 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990726 Assigned: 19990607 Category: SF Reference: AUSCERT:ESB-98.197 Reference: CISCO:http://www.cisco.com/warp/public/770/iossyslog-pub.shtml Reference: XF:cisco-syslog-crash Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. Modifications: ADDREF XF:cisco-syslog-crash DESC removed nmap, added UDP/syslog VOTES: ACCEPT(2) Wall, Ozancin MODIFY(1) Frech COMMENTS: Frech> XF:cisco-syslog-crash ================================= Candidate: CAN-1999-0064 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: BUGTRAQ:May28,1997 Reference: XF:lquerylv-bo Buffer overflow in AIX lquerylv program gives root access to local users. VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech COMMENTS: Prosser> additional source Prosser> AIX 4.2 lguerylv "Georgi Guninski" Prosser> http://www.securityfocus.com ================================= Candidate: CAN-1999-0066 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jul31,1995 Reference: XF:http-cgi-anyform AnyForm CGI remote execution Modifications: ADDREF BUGTRAQ:Jul31,1995 VOTES: ACCEPT(3) Northcutt, Prosser, Frech COMMENTS: Prosser> might want to add the reference BUGTRAG Prosser> "SECURITY HOLE: "AnyForm" CGI Prosser> http://www.securityfocus.com/bugtraq/ ================================= Candidate: CAN-1999-0070 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-cgi-test test-cgi program allows an attacker to list files on the server VOTES: ACCEPT(3) Northcutt, Prosser, Frech ================================= Candidate: CAN-1999-0071 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-apache-cookie Reference: NAI:NAI-2 Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech ================================= Candidate: CAN-1999-0085 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Aug21,1996 Reference: XF:rwhod Reference: XF:rwhod-vuln rwhod buffer overflow in AIX Modifications: ADDREF BUGTRAQ:Aug21,1996 VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech COMMENTS: Prosser> additional source Prosser> Bugtraq Prosser> " rwhod buffer overflow" David J. Meltzer Prosser> http://www.securityfocus.com/bugtraq/1996_3/0380.htm ================================= Candidate: CAN-1999-0102 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:slmail-fromheader-overflow Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line. VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech ================================= Candidate: CAN-1999-0109 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: SUN:00140 Reference: AUSCERT:AA-97.06 Reference: XF:ffbconfig-bo Buffer overflow in ffbconfig in Solaris 2.5.1 Modifications: ADDREF XF:ffbconfig-bo VOTES: ACCEPT(2) Northcutt, Hill MODIFY(2) Prosser, Frech COMMENTS: Prosser> according to Sun, affects both 2.5 and 2.5.1...add ref Prosser> Sun Security Bulletin 140 Prosser> http://sunsolve.sun.com Frech> XF:ffbconfig-bo ================================= Candidate: CAN-1999-0112 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: BUGTRAQ:May20,1997 Reference: XF:dtterm-bo Buffer overflow in AIX dtterm program for the CDE Modifications: ADDREF BUGTRAQ:May20,1997 ADDREF XF:dtterm-bo VOTES: ACCEPT(3) Northcutt, Hill, Prosser MODIFY(1) Frech COMMENTS: Prosser> add ref Prosser> Bugtraq Prosser> "AIX 4.2 dtterm exploit" Prosser> http://www.securityfocus.com Frech> XF:dtterm-bo ================================= Candidate: CAN-1999-0122 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jul21,1999 Reference: XF:lchangelv-bo Buffer overflow in AIX lchangelv gives root access. Modifications: ADDREF BUGTRAQ:Jul21,1999 ADDREF XF:lchangelv-bo VOTES: ACCEPT(3) Northcutt, Hill, Prosser MODIFY(1) Frech COMMENTS: Prosser> add ref Prosser> Bugtraq Prosser> "AIX lchangelv" Prosser> http://www.securityfocus.com/ Frech> XF:lchangelv-bo ================================= Candidate: CAN-1999-0139 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:sol-mkcookie Reference: RSI:RSI.0012.12-03-98.SOLARIS.MKCOOKIE Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. Modifications: ADDREF XF:sol-mkcookie VOTES: ACCEPT(3) Northcutt, Hill, Prosser MODIFY(1) Frech COMMENTS: Frech> XF:sol-mkcookie ================================= Candidate: CAN-1999-0146 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jul15,1997 Reference: XF:http-cgi-campas The campas CGI program provided with some NCSA web servers allows an attacker to read arbitrary files. Modifications: ADDREF BUGTRAQ:Jul15,1997 VOTES: ACCEPT(3) Northcutt, Prosser, Frech COMMENTS: Prosser> additional source, Prosser> Bugtraq Prosser> "Francisco Torres" Prosser> http://www.securityfocus.com ================================= Candidate: CAN-1999-0147 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-cgi-glimpse Reference: AUSCERT:AA-97.28 The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands Modifications: ADDREF AUSCERT:AA-97.28 VOTES: ACCEPT(3) Northcutt, Prosser, Frech COMMENTS: Prosser> additional source Prosser> AUSCERT Alert AA-97.28 Prosser> http://www.auscert.org.au ================================= Candidate: CAN-1999-0148 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: SGI:19970501-02-PX Reference: XF:http-sgi-handler The handler CGI program in IRIX allows arbitrary command execution. Modifications: ADDREF SGI:19970501-02-PX VOTES: ACCEPT(3) Northcutt, Prosser, Frech COMMENTS: Prosser> additional source Prosser> SGI Security Advisory 19970501-02-PX Prosser> http://www.sgi.com/Support/security/advisories.html ================================= Candidate: CAN-1999-0149 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-sgi-wrap Reference: SGI:19970501-02-PX The wrap CGI program in IRIX allows arbitrary command execution from remote users. Modifications: ADDREF SGI:19970501-02-PX VOTES: ACCEPT(3) Northcutt, Prosser, Frech COMMENTS: Prosser> additional source Prosser> SGI Security Advisory 19970501-02-PX Prosser> http://www.sgi.com/Support/security/advisories.html ================================= Candidate: CAN-1999-0172 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-cgi-formmail-exe Reference: BUGTRAQ:Aug02,1995 FormMail CGI program allows remote execution of commands. Modifications: ADDREF BUGTRAQ:Aug02,1995 VOTES: ACCEPT(3) Northcutt, Prosser, Frech COMMENTS: Prosser> additional source Prosser> BUGTRAQ Prosser> "Security Hole: FormMail" Prosser> http://www.securityfocus.com/bugtraq/1995 ================================= Candidate: CAN-1999-0176 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jul10,1997 Reference: XF:http-webgais-query The Webgais program allows a remote user to execute arbitrary commands. Modifications: ADDREF BUGTRAQ:Jul10,1997 VOTES: ACCEPT(3) Northcutt, Prosser, Frech COMMENTS: Prosser> additional source Prosser> BUGTRAQ Prosser> "Vulnerability in WEBgais" Razvan Dragomirescu Prosser> http://www.securityfocus.com/bugtraq/1997_3/0057.html ================================= Candidate: CAN-1999-0182 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: CIAC:H-110 Reference: CERT:VB-97.10.samba Reference: XF:nt-samba-bo Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. Modifications: ADDREF CERT:VB-97.10.samba VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech COMMENTS: Prosser> additional ref Prosser> VB-97.10.samba Prosser> ftp://info.cert.org/pub/cert_bulletins/VB-97.10.sanba ================================= Candidate: CAN-1999-0192 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: SNI:SNI-20 Reference: XF:bsd-tel-tgetent Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech ================================= Candidate: CAN-1999-0196 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-webgais-smail Reference: BUGTRAQ:Jul08,1997 The websendmail program in the Webgais program allows a remote user to access arbitrary files. Modifications: ADDREF BUGTRAQ:Jul08,1997 VOTES: ACCEPT(3) Northcutt, Prosser, Frech NOOP(1) Christey COMMENTS: Prosser> additional source Prosser> BUGTRAQ Prosser> "Vulnerability in WEBgais" Razvan Dragomirescu Prosser> http://www.securityfocus.com/bugtraq/1997_3/0057.htm Christey> Actually, the proper reference is "Vulnerability in Christey> websendmail" by Razvan Dragomirescu, as forwarded to Bugtraq Christey> by Julian Assange on July 8, 1997 ================================= Candidate: CAN-1999-0206 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:sendmail-mime-bo Reference: AUSCERT:AA-96.06a MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. Modifications: ADDREF XF:sendmail-mime-bo ADDREF AUSCERT:AA-96.06a VOTES: ACCEPT(3) Northcutt, Hill, Prosser MODIFY(1) Frech COMMENTS: Prosser> additional ref Prosser> AUSCERT Advisory AA-96.06a Prosser> http://www.auscert.org.au/ Frech> XF:sendmail-mime-bo ================================= Candidate: CAN-1999-0219 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:ftp-servu Buffer overflow in Serv-U FTP server when user performs a cwd to a directory with a long name. VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech ================================= Candidate: CAN-1999-0230 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: CISCO:http://www.cisco.com/warp/public/770/pwbuf-pub.shtml Buffer overflow in Cisco 7xx routers through the telnet service. Modifications: DESC Change to 7xx ADDREF CISCO:http://www.cisco.com/warp/public/770/pwbuf-pub.shtml VOTES: ACCEPT(2) Northcutt, Hill MODIFY(2) Prosser, Frech NOOP(1) Christey COMMENTS: Prosser> the BO affect any 7xx router running a vulnerable version of Prosser> IOS/700 OS. Addtional ref Prosser> Field Notice: Prosser> 7xx Router Password Buffer Overflow Prosser> http://www.cisco.com/warp/public/770/pwbuf-pub.shtml#summary Frech> We indicate that this can occur on 7xx routers. It would be wise to verify Frech> before changing it, since I don't have the entire database in front of me. Frech> XF:cisco-7xxcrash Christey> Verified the 7xx versions ================================= Candidate: CAN-1999-0237 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-cgi-guestbook Reference: CERT:VB-97.02 Remote execution of arbitrary commands through Guestbook CGI program. Modifications: ADDREF CERT:VB-97.02 VOTES: ACCEPT(3) Northcutt, Prosser, Frech COMMENTS: Prosser> additional source Prosser> CERT Vendor Bulletin VB-97-02 Prosser> http://www.cert.org ================================= Candidate: CAN-1999-0244 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: NAI:NAI-23 Reference: XF:radius-accounting-overflow Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root. Modifications: ADDREF XF:radius-accounting-overflow VOTES: ACCEPT(3) Northcutt, Hill, Prosser MODIFY(1) Frech COMMENTS: Frech> XF:radius-accounting-overflow ================================= Candidate: CAN-1999-0256 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:war-ftpd Buffer overflow in War FTP allows remote execution of commands. VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech ================================= Candidate: CAN-1999-0262 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-cgi-faxsurvey Reference: BUGTRAQ:Aug04,1998 faxsurvey CGI script on Linux allows remote command execution via shell metacharacters. Modifications: ADDREF XF:http-cgi-faxsurvey ADDREF BUGTRAQ:Aug04,1998 VOTES: ACCEPT(2) Northcutt, Prosser MODIFY(1) Frech COMMENTS: Frech> XF:http-cgi-faxsurvey ================================= Candidate: CAN-1999-0264 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-htmlscript-file-access Reference: BUGTRAQ:Jan27,1998 htmlscript CGI program allows remote read access to files. Modifications: ADDREF XF:http-htmlscript-file-access ADDREF BUGTRAQ:Jan27,1998 VOTES: ACCEPT(2) Northcutt, Prosser MODIFY(1) Frech COMMENTS: Frech> XF:http-htmlscript-file-access ================================= Candidate: CAN-1999-0269 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:netscape-server-pageservices Netscape Enterprise servers may list files through the PageServices query. Modifications: ADDREF XF:netscape-server-pageservices VOTES: ACCEPT(2) Northcutt, Prosser MODIFY(1) Frech COMMENTS: Frech> XF:netscape-server-pageservices ================================= Candidate: CAN-1999-0276 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:msql-debug-bo Reference: SEKURE:sekure.01-99.msql mSQL v2.0.1 and below allows remote execution through a buffer overflow. Modifications: ADDREF XF:msql-debug-bo ADDREF SEKURE:sekure.01-99.msql VOTES: ACCEPT(3) Northcutt, Hill, Prosser MODIFY(1) Frech COMMENTS: Prosser> additional ref Prosser> Sekure SDI Advisory sekure.01-99.msql Prosser> http://www.sekure.org Frech> XF:msql-debug-bo ================================= Candidate: CAN-1999-0278 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: MS:MS98-003 Reference: XF:iis-asp-data-check In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. Modifications: ADDREF MS:MS98-003 ADDREF XF:iis-asp-data-check VOTES: ACCEPT(2) Northcutt, Prosser MODIFY(1) Frech COMMENTS: Prosser> additional source Prosser> Microsoft Security Bulletin MS98-003 Prosser> http://www.microsoft.com/security Frech> XF:iis-asp-data-check ================================= Candidate: CAN-1999-0279 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: CERT:VB-98.01.excite Reference: XF:excite-cgi-search-vuln Excite for Web Servers (EWS) allows remote command execution via shell metacharacters. Modifications: ADDREF XF:excite-cgi-search-vuln VOTES: ACCEPT(2) Northcutt, Prosser MODIFY(1) Frech COMMENTS: Frech> XF:excite-cgi-search-vuln ================================= Candidate: CAN-1999-0315 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:fdformat-bo Reference: SUN:00138 Buffer overflow in Solaris fdformat command gives root access to local users. VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech COMMENTS: Prosser> add ref Prosser> Sun Security Bulletin 00138 Prosser> http://sunsolve.sun.com/ ================================= Candidate: CAN-1999-0339 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:sol-sun-libauth Reference: RSI:RSI.0007.05-26-98 Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. Modifications: ADDREF RSI:RSI.0007.05-26-98 VOTES: ACCEPT(4) Northcutt, Hill, Prosser, Frech COMMENTS: Prosser> Sun never did release a bulletin for this BO but did release Prosser> patches for affected systems.add ref, Prosser> RSI Alert Advisory RSI.0007.05-26-98 Prosser> www.repsec.com ================================= Candidate: CAN-1999-0355 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: ISS:Multiple vulnerabilities in ControlIT(tm) (formerly Remotely Possible/32) enterprise management software Reference: XF:controlit-reboot Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. VOTES: ACCEPT(3) Wall, Ozancin, Frech ================================= Candidate: CAN-1999-0363 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb02,1999 Reference: XF:plp-lpc-bo Reference: SF:328 SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. Modifications: DESC Change SuSe to SuSE VOTES: ACCEPT(2) Wall, Ozancin MODIFY(1) Frech COMMENTS: Frech> Change SuSe to SuSE. ================================= Candidate: CAN-1999-0365 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb04,1999 Reference: XF:metamail-header-commands The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. VOTES: ACCEPT(3) Wall, Ozancin, Frech ================================= Candidate: CAN-1999-0371 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb11,1999 Reference: XF:lynx-temp-files-race Lynx allows a local user to overwrite sensitive files through /tmp symlinks. VOTES: ACCEPT(3) Wall, Ozancin, Frech ================================= Candidate: CAN-1999-0404 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb14,1999 Reference: XF:mailmax-bo Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. VOTES: ACCEPT(3) Wall, Ozancin, Frech ================================= Candidate: CAN-1999-0405 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: HERT:002 Reference: BUGTRAQ:Feb18,1999 Reference: XF:lsof-bo A buffer overflow in lsof allows local users to obtain root privilege. Modifications: ADDREF XF:lsof-bo VOTES: ACCEPT(3) Northcutt, Hill, Prosser MODIFY(1) Frech COMMENTS: Frech> XF:lsof-bo ================================= Candidate: CAN-1999-0410 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Mar5,1999 Reference: XF:sol-cancel Reference: SF:293 The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. VOTES: ACCEPT(3) Wall, Ozancin, Frech ================================= Candidate: CAN-1999-0417 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Mar9,1999 Reference: XF:solaris-psinfo-crash Reference: SF:448 64 bit Solaris 7 procfs allows local users to perform a denial of service. VOTES: ACCEPT(3) Wall, Ozancin, Frech ================================= Candidate: CAN-1999-0441 Published: Final-Decision: 19990911 Interim-Decision: 19990906 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: EEYE:AD02221999 Reference: XF:wingate-redirector-dos Reference: SF:509 Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. VOTES: ACCEPT(3) Wall, Ozancin, Frech
|
||||
