|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-08 - 27 candidates
The following cluster contains 27 candidates, all of which were announced between 2/1/2000 and 2/4/2000. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. - Steve Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ================================= Candidate: CAN-2000-0101 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0102 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0103 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0104 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0105 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000201 Outlook Express 5 vulnerability - Active Scripting may read email messages Reference: BID:962 Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client. VOTE: ================================= Candidate: CAN-2000-0106 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0107 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: DEBIAN:20000201 Reference: BID:958 Linux apcd program allows local attackers to modify arbitrary files via a symlink attack. VOTE: ================================= Candidate: CAN-2000-0108 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The Intellivend shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0109 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000201 Security issues with S&P ComStock multiCSP (Linux) The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with several accounts that have no passwords or easily guessable default passwords. VOTE: ================================= Candidate: CAN-2000-0110 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The WebSiteTool shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0112 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: CF Reference: BUGTRAQ:20000202 vulnerability in Linux Debian default boot configuration Reference: BID:960 The default installation of Debian Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation. VOTE: ================================= Candidate: CAN-2000-0114 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000203 2 MS Frontpage issues Cerberus Information Security Advisory (CISADV000203) Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory. VOTE: ================================= Candidate: CAN-2000-0121 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: NTBUGTRAQ:20000201 "Recycle Bin Creation" Vulnerability in Windows NT / Windows 2000 Reference: MS:MS00-007 Reference: MSKB:Q248399 Reference: BID:963 The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the ""Recycle Bin Creation" vulnerability. VOTE: ================================= Candidate: CAN-2000-0122 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: NTBUGTRAQ:20000203 2 MS Frontpage issues Cerberus Information Security Advisory (CISADV000203) Reference: BID:964 Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program. VOTE: ================================= Candidate: CAN-2000-0123 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000203 Re: [xforce@iss.net: ISSalert: ISS E-Security Alert: Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications] The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0124 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000203 surfCONTROL SuperScout v2.6.1.6 flaw Reference: BID:965 surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions. VOTE: ================================= Candidate: CAN-2000-0125 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000203 RFP2K01 - "How I hacked Packetstorm" (wwwthreads advisory) Reference: BID:967 wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums. VOTE: ================================= Candidate: CAN-2000-0126 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000202 Alert: IIS 4 / IS 2 IDQ Cerberus Information Security Advisory (CISADV000202) Reference: NTBUGTRAQ:20000202 Alert: IIS 4 / IS 2 IDQ Cerberus Information Security Advisory (CISADV000202) Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. VOTE: ================================= Candidate: CAN-2000-0127 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000203 Webspeed security issue Reference: BID:969 The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges. VOTE: ================================= Candidate: CAN-2000-0128 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000204 "The Finger Server" The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters. VOTE: ================================= Candidate: CAN-2000-0129 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: NTBUGTRAQ:20000204 Local / Remote D.o.S Attack in Serv-U FTP-Server v2.5b for Win9x/WinNT Vulnerability Reference: BUGTRAQ:20000204 Local / Remote D.o.S Attack in Serv-U FTP-Server v2.5b for Win9x/WinNT Vulnerability Reference: NTBUGTRAQ:20000204 Windows Api SHGetPathFromIDList Buffer Overflow Reference: BUGTRAQ:20000204 Windows Api SHGetPathFromIDList Buffer Overflow Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. VOTE: ================================= Candidate: CAN-2000-0131 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000201 war-ftpd 1.6x DoS Reference: BID:966 Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. VOTE: ================================= Candidate: CAN-2000-0133 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000201 Tiny FTPd 0.52 beta3 Buffer Overflow Reference: BID:961 Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands. VOTE: ================================= Candidate: CAN-2000-0134 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0135 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0136 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE: ================================= Candidate: CAN-2000-0137 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: ISS:20000201 Form Tampering Vulnerabilities in Several Web-Based Shopping Cart Applications The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. VOTE:
|
||||
