|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster 52 - RECENT-03 (19 candidates)
This cluster includes recently announced problems from 12/13/1999 through 12/20/1999. "Recent" clusters will be proposed on a weekly basis for the foreseeable future as we consider issues related to going live with candidate assignment. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. Proposed: 12/21 Scheduled Proposed: 12/20 Scheduled Interim Decision: 1/3 Scheduled Final Decision: 1/7 - Steve Summary of votes to use (in ascending order of "severity"): ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ================================= Candidate: CAN-1999-0992 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: HP:HPSBUX9912-107 HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). VOTE: ================================= Candidate: CAN-1999-0993 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: unknown Reference: NTBUGTRAQ:19991213 Changing ACL's in Exchange Server Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. VOTE: ================================= Candidate: CAN-1999-0994 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: BINDVIEW:19991216 Windows NT's SYSKEY feature Reference: MS:MS99-056 Reference: MSKB:Q248183 Reference: BID:873 Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. VOTE: ================================= Candidate: CAN-1999-0995 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: NAI:19991216 Windows NT LSA Remote Denial of Service Reference: MS:MS99-057 Reference: MSKB:Q248185 Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request." VOTE: ================================= Candidate: CAN-1999-0996 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: EEYE:AD19991215 Reference: BUGTRAQ:19991216 Infoseek Ultraseek Remote Buffer Overflow Reference: NTBUGTRAQ:19991216 Infoseek Ultraseek Remote Buffer Overflow Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request. VOTE: ================================= Candidate: CAN-1999-0997 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: unknown Reference: BUGTRAQ:19991220 Security vulnerability in certain wu-ftpd (and derivitives) configurations (fwd) wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress. VOTE: ================================= Candidate: CAN-1999-0998 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: CISCO:19991216 Cisco Cache Engine Authentication Vulnerabilities Reference: BUGTRAQ:19991216 Cisco Security Advisory: Cisco Cache Engine Authentication Vulnerabilities Cisco Cache Engine allows an attacker to replace content in the cache. VOTE: ================================= Candidate: CAN-1999-0999 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: MS:MS99-059 Reference: MSKB:Q248749 Microsoft SQL server allows a remote attacker to cause a denial of service via a malformed TDS packet. VOTE: ================================= Candidate: CAN-1999-1000 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: CISCO:19991216 Cisco Cache Engine Authentication Vulnerabilities Reference: BUGTRAQ:19991216 Cisco Security Advisory: Cisco Cache Engine Authentication Vulnerabilities The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. VOTE: ================================= Candidate: CAN-1999-1001 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: CISCO:19991216 Cisco Cache Engine Authentication Vulnerabilities Reference: BUGTRAQ:19991216 Cisco Security Advisory: Cisco Cache Engine Authentication Vulnerabilities Cisco Cache Engine allows a remote attacker to gain access via a null username and password. VOTE: ================================= Candidate: CAN-1999-1002 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: http://www.rstcorp.com/news/bad-crypto.html Reference: BUGTRAQ:19991216 Reinventing the wheel (aka "Decoding Netscape Mail passwords") Reference: BUGTRAQ:19991220 Netscape password scrambling Netscape Navigator uses weak encryption for storing a user's Netscape mail password. VOTE: ================================= Candidate: CAN-1999-1003 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: BUGTRAQ:19991214 Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Reference: BUGTRAQ:19991216 Statement: Local / Remote D.o.S Attack in War FTP Daemon 1.70 War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections. VOTE: ================================= Candidate: CAN-1999-1004 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: BUGTRAQ:19991217 NAV2000 Email Protection DoS Reference: BUGTRAQ:19991220 Norton Email Protection Remote Overflow (Addendum) Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command. VOTE: ================================= Candidate: CAN-1999-1005 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: BUGTRAQ:19991219 Groupewise Web Interface Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. VOTE: ================================= Candidate: CAN-1999-1006 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: BUGTRAQ:19991219 Groupewise Web Interface Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. VOTE: ================================= Candidate: CAN-1999-1007 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: BUGTRAQ:19991213 VDO Live Player 3.02 Buffer Overflow Reference: BID:872 Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file. VOTE: ================================= Candidate: CAN-1999-1008 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: BUGTRAQ:19991215 FreeBSD 3.3 xsoldier root exploit Reference: BID:871 xsoldier program allows local users to gain root access via a long argument. VOTE: ================================= Candidate: CAN-1999-1009 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: unknown Reference: BUGTRAQ:19991213 Privacy hole in Go Express Search The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. VOTE: ================================= Candidate: CAN-1999-1010 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991222 Assigned: 19991221 Category: SF Reference: BUGTRAQ:19991214 sshd1 allows unencrypted sessions regardless of server policy An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. VOTE:
|
||||
