|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PROPOSAL] Cluster RECENT-20 - 31 candidates
* Steven M. Christey (coley@LINUS.MITRE.ORG) [000615 02:55]: > The following cluster contains 31 candidates that were announced > between 5/11/2000 and 5/19/2000. > > The candidates are listed in order of priority. Priority 1 and > Priority 2 candidates both deal with varying levels of vendor > confirmation, so they should be easy to review and it can be trusted > that the problems are real. > > If you discover that any RECENT-XX cluster is incomplete with respect > to the problems discovered during the associated time frame, please > send that information to me so that candidates can be assigned. > > - Steve > > > Summary of votes to use (in ascending order of "severity") > ---------------------------------------------------------- > > ACCEPT - voter accepts the candidate as proposed > NOOP - voter has no opinion on the candidate > MODIFY - voter wants to change some MINOR detail (e.g. reference/description) > REVIEWING - voter is reviewing/researching the candidate, or needs more info > RECAST - candidate must be significantly modified, e.g. split or merged > REJECT - candidate is "not a vulnerability", or a duplicate, etc. > > 1) Please write your vote on the line that starts with "VOTE: ". If > you want to add comments or details, add them to lines after the > VOTE: line. > > 2) If you see any missing references, please mention them so that they > can be included. References help greatly during mapping. > > 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. > So if you don't have sufficient information for a candidate but you > don't want to NOOP, use a REVIEWING. > > ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** > > Please keep in mind that your vote and comments will be recorded and > publicly viewable in the mailing list archives or in other formats. > > ================================= > Candidate: CAN-2000-0305 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000509 > Category: SF > Reference: BINDVIEW:20000519 jolt2 - Remote DoS against NT, W2K, 9x > Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2240 > Reference: MS:MS00-029 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-029.asp > Reference: BID:1236 > Reference: URL:http://www.securityfocus.com/bid/1236 > Reference: XF:ip-fragment-reassembly-dos > > Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal > Server systems allow a remote attacker to cause a denial of service by > sending a large number of identical fragmented IP packets, aka jolt2 > or the "IP Fragment Reassembly" vulnerability. > > > ED_PRI CAN-2000-0305 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0389 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html > Reference: CERT:CA-2000-06 > Reference: URL:http://www.cert.org/advisories/CA-2000-06.html > Reference: FREEBSD:FreeBSD-SA-00:20 > Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html > Reference: XF:kerberos-krb-rd-req-bo > Reference: BID:1220 > Reference: URL:http://www.securityfocus.com/bid/1220 > > Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows > remote attackers to gain root privileges. > > > ED_PRI CAN-2000-0389 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0390 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html > Reference: CERT:CA-2000-06 > Reference: URL:http://www.cert.org/advisories/CA-2000-06.html > Reference: FREEBSD:FreeBSD-SA-00:20 > Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html > Reference: BID:1220 > Reference: URL:http://www.securityfocus.com/bid/1220 > Reference: XF:kerberos-krb425-conv-principal-bo > > Buffer overflow in krb425_conv_principal function in Kerberos 5 allows > remote attackers to gain root privileges. > > > ED_PRI CAN-2000-0390 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0391 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html > Reference: CERT:CA-2000-06 > Reference: URL:http://www.cert.org/advisories/CA-2000-06.html > Reference: FREEBSD:FreeBSD-SA-00:20 > Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html > Reference: BID:1220 > Reference: URL:http://www.securityfocus.com/bid/1220 > > Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain > root privileges. > > > ED_PRI CAN-2000-0391 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0392 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html > Reference: CERT:CA-2000-06 > Reference: URL:http://www.cert.org/advisories/CA-2000-06.html > Reference: FREEBSD:FreeBSD-SA-00:20 > Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html > Reference: XF:kerberos-ksu-bo > Reference: BID:1220 > Reference: URL:http://www.securityfocus.com/bid/1220 > > Buffer overflow in ksu in Kerberos 5 allows local users to gain root > privileges. > > > ED_PRI CAN-2000-0392 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0393 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000516 kscd vulnerability > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html > Reference: SUSE:20000529 kmulti <= 1.1.2 > Reference: URL:http://www.suse.de/de/support/security/suse_security_announce_50.txt > Reference: XF:kscd-shell-env-variable > Reference: BID:1206 > Reference: URL:http://www.securityfocus.com/bid/1206 > > The KDE kscd program does not drop privileges when executing a program > specified in a user's SHELL environmental variable, which allows the > user to gain privileges by specifying an alternate program to execute. > > > ED_PRI CAN-2000-0393 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0405 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: L0PHT:20000515 AntiSniff version 1.01 and Researchers version 1 DNS overflow > Reference: URL:http://www.l0pht.com/advisories/asniff_advisory.txt > Reference: BID:1207 > Reference: URL:http://www.securityfocus.com/bid/1207 > Reference: XF:antisniff-dns-overflow > > Buffer overflow in L0pht AntiSniff allows remote attackers to execute > arbitrary commands via a malformed DNS response packet. > > > ED_PRI CAN-2000-0405 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0406 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: XF:netscape-invalid-ssl-sessions > Reference: CERT:CA-2000-05 > Reference: URL:http://www.cert.org/advisories/CA-2000-05.html > Reference: REDHAT:RHSA-2000:028-02 > Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-028.html > Reference: BID:1188 > Reference: URL:http://www.securityfocus.com/bid/1188 > > Netscape Communicator before version 4.73 and Navigator 4.07 do not > properly validate SSL certificates, which allows remote attackers to > steal information by redirecting traffic from a legitimate web server > to their own malicious server, aka the "Acros-Suencksen SSL" > vulnerability. > > > ED_PRI CAN-2000-0406 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0408 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: MISC:http://www.ussrback.com/labs40.html > Reference: MS:MS00-030 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-030.asp > Reference: XF:iis-malformed-information-extension > Reference: XF:iis-url-extension-data-dos > Reference: BID:1190 > Reference: URL:http://www.securityfocus.com/bid/1190 > > IIS 4.05 and 5.0 allow remote attackers to cause a denial of service > via a long, complex URL that appears to contain a large number of file > extensions, aka the "Malformed Extension Data in URL" vulnerability. > > > ED_PRI CAN-2000-0408 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0419 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: MS:MS00-034 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-034.asp > Reference: BID:1197 > Reference: URL:http://www.securityfocus.com/bid/1197 > > The Office 2000 UA ActiveX Control is marked as "safe for scripting," > which allows remote attackers to conduct unauthorized activities via > the "Show Me" function in Office Help, aka the "Office 2000 UA > Control" vulnerability. > > > ED_PRI CAN-2000-0419 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0464 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: XF:ie-malformed-component-attribute > Reference: MS:MS00-033 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-033.asp > Reference: BID:1223 > Reference: URL:http://www.securityfocus.com/bid/1223 > > Internet Explorer 4.x and 5.x allows remote attackers to execute > arbitrary commands via a buffer overflow in the ActiveX parameter > parsing capability, aka the "Malformed Component Attribute" > vulnerability. > > > ED_PRI CAN-2000-0464 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0465 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: XF:ie-frame-domain-verification > Reference: MS:MS00-033 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-033.asp > Reference: BID:1224 > Reference: URL:http://www.securityfocus.com/bid/1224 > > Internet Explorer 4.x and 5.x does properly verify the domain of a > frame within a browser window, which allows a remote attacker to read > client files via the frame, aka the "Frame Domain Verification" > vulnerability. > > > ED_PRI CAN-2000-0465 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0394 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000519 RFP2K05: NetProwler vs. RFProwler > Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=95878603510835&w=2 > Reference: BUGTRAQ:20000522 RFP2K05 - NetProwler "Fragmentation" Issue > Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=392AD3B3.3E9BE3EA@axent.com > Reference: XF:axent-netprowler-ipfrag-dos > Reference: BID:1225 > Reference: URL:http://www.securityfocus.com/bid/1225 > > NetProwler 3.0 allows remote attackers to cause a denial of service by > sending malformed IP packets that trigger NetProwler's > Man-in-the-Middle signature. > > > ED_PRI CAN-2000-0394 2 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0407 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000512 New Solaris root exploit for /usr/lib/lp/bin/netpr > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0141.html > Reference: XF:sol-netpr-bo > Reference: BID:1200 > Reference: URL:http://www.securityfocus.com/bid/1200 > > Buffer overflow in Solaris netpr program allows local users to execute > arbitrary commands via a long -p option. > > > ED_PRI CAN-2000-0407 2 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0436 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000522 MetaProducts Offline Explorer Directory Traversal Vulnerability > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0254.html > Reference: CONFIRM:http://www.metaproducts.com/mpOE-HY.html > Reference: BID:1231 > Reference: URL:http://www.securityfocus.com/bid/1231 > > MetaProducts Offline Explorer 1.2 and earlier allows remote attackers > to access arbitrary files via a .. (dot dot) attack. > > > ED_PRI CAN-2000-0436 2 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0395 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000516 CProxy v3.3 SP 2 DoS > Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=007d01bfbf48$e44f0e40$01dc11ac@peopletel.org > Reference: XF:cproxy-http-dos > Reference: BID:1213 > Reference: URL:http://www.securityfocus.com/bid/1213 > > Buffer overflow in CProxy 3.3 allows remote users to cause a denial of > service via a long HTTP request. > > > ED_PRI CAN-2000-0395 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0397 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000515 Vulnerability in EMURL-based e-mail providers > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0160.html > Reference: XF:emurl-account-access > Reference: BID:1203 > Reference: URL:http://www.securityfocus.com/bid/1203 > > The EMURL web-based email account software encodes predictable > identifiers in user session URLs, which allows a remote attacker to > access a user's email account. > > > ED_PRI CAN-2000-0397 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0400 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000516 MICROSOFT SECURITY FLAW? > Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=95868514521257&w=2 > Reference: BID:1221 > Reference: URL:http://www.securityfocus.com/bid/1221 > Reference: XF:ie-active-movie-control > > The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does > not restrict which file types can be downloaded, which allows an > attacker to download any type of file to a user's system by encoding > it within an email message or news post. > > > ED_PRI CAN-2000-0400 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0415 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000512 Overflow in Outlook Express 4.* - too long filenames with graphic format extension > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0140.html > Reference: BID:1195 > Reference: URL:http://www.securityfocus.com/bid/1195 > > Buffer overflow in Outlook Express 4.x allows attackers to cause a > denial of service via a mail or news message that has a .jpg or .bmp > attachment with a long file name. > > > ED_PRI CAN-2000-0415 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0416 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000511 NTMail Proxy Exploit > Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=NABBJLKKPKIHDIMKFKGCMEFANMAB.georger@nls.net > Reference: BID:1196 > Reference: URL:http://www.securityfocus.com/bid/1196 > > NTMail 5.x allows network users to bypass the NTMail proxy > restrictions by redirecting their requests to NTMail's web > configuration server. > > > ED_PRI CAN-2000-0416 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0420 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: CF > Reference: NTBUGTRAQ:20000511 ISS SAVANT Advisory 00/26 > Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0112.html > Reference: BID:1198 > Reference: URL:http://www.securityfocus.com/bid/1198 > > The default configuration of SYSKEY in Windows 2000 stores the startup > key in the registry, which could allow an attacker tor ecover it and > use it to decrypt Encrypted File System (EFS) data. > > > ED_PRI CAN-2000-0420 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0421 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000510 Advisory: Unchecked system(blaat $var blaat) call in Bugzilla 2.8 > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0128.html > Reference: BID:1199 > Reference: URL:http://www.securityfocus.com/bid/1199 > > The process_bug.cgi script in Bugzilla allows remote attackers to > execute arbitrary commands via sehll metacharacters. > > > ED_PRI CAN-2000-0421 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0424 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000514 > Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200005151024.aa01811@blaze.arl.mil > Reference: BID:1202 > Reference: URL:http://www.securityfocus.com/bid/1202 > > The CGI counter 4.0.7 by George Burgyan allows remote attackers to > execute arbitrary commands via shell metacharacters. > > > ED_PRI CAN-2000-0424 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0432 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000516 Vuln in calender.pl (Matt Kruse calender script) > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0173.html > Reference: BID:1215 > Reference: URL:http://www.securityfocus.com/bid/1215 > > The calender.pl and the calendar_admin.pl calendar scripts by Matt > Kruse allow remote attackers to execute arbitrary commands via shell > metacharacters. > > > ED_PRI CAN-2000-0432 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0434 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: CF > Reference: BUGTRAQ:20000516 Allmanage.pl Vulnerabilities > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0167.html > Reference: BID:1217 > Reference: URL:http://www.securityfocus.com/bid/1217 > > The administrative password for the Allmanage web site administration > software is stored in plaintext in a file which could be accessed by > remote attackers. > > > ED_PRI CAN-2000-0434 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0435 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000516 Allmanage.pl Vulnerabilities > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0167.html > Reference: BID:1217 > Reference: URL:http://www.securityfocus.com/bid/1217 > > The allmanageup.pl file upload CGI script in the Allmanage Website > administration software 2.6 can be called directly by remote > attackers, which allows them to modify user accounts or web pages. > > > ED_PRI CAN-2000-0435 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0450 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000518 FW: Security Notice: Big Brother System and Network Monitor > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0216.html > Reference: BID:1257 > Reference: URL:http://www.securityfocus.com/bid/1257 > > Vulnerability in bbd server in Big Brother System and Network Monitor > allows an attacker to execute arbitrary commands. > > > ED_PRI CAN-2000-0450 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0451 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000518 Remote Dos attack against Intel express 8100 router > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0229.html > Reference: BID:1228 > Reference: URL:http://www.securityfocus.com/bid/1228 > > The Intel express 8100 ISDN router allows remote attackers to cause a > denial of service via oversized or fragmented ICMP packets. > > > ED_PRI CAN-2000-0451 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0452 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000518 Lotus ESMTP Service (Lotus Domino Release 5.0.1 (Intl)) > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0219.html > Reference: XF:lotus-domino-esmtp-bo > Reference: BID:1229 > Reference: URL:http://www.securityfocus.com/bid/1229 > > Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 > allows remote attackers to cause a denial of service via a long MAIL > FROM command. > > > ED_PRI CAN-2000-0452 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0453 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000518 Nasty XFree Xserver DoS > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0223.html > Reference: BID:1235 > Reference: URL:http://www.securityfocus.com/bid/1235 > > XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a > negative counter value in a malformed TCP packet that is sent to port > 6000. > > > ED_PRI CAN-2000-0453 3 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0463 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000615 > Assigned: 20000614 > Category: SF > Reference: BUGTRAQ:20000517 AUX Security Advisory on Be/OS 5.0 (DoS) > Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0197.html > Reference: XF:beos-tcp-frag-dos > Reference: BID:1222 > Reference: URL:http://www.securityfocus.com/bid/1222 > > BeOS 5.0 allows remote attackers to cause a denial of service via > fragmented TCP packets. > > > ED_PRI CAN-2000-0463 3 > > > VOTE: ACCEPT -- Elias Levy SecurityFocus.com http://www.securityfocus.com/ Si vis pacem, para bellum
|
||||
