[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[VOTE] MOREVOTES-2000-B: Candidates from 2000 needing 1 more vote

Each of the following 25 candidates needs just one more ACCEPT vote.
If you can help out, it is appreciated.

There are 4 other messages similar to this one, with different
candidates.  Feel free to pick one at random if you don't have the
time to vote on them all.

It is strongly preferred that you get your votes in by October 9.

Thanks,
- Steve



Summary of votes to use (in ascending order of "severity")
----------------------------------------------------------

ACCEPT - voter accepts the candidate as proposed
NOOP - voter has no opinion on the candidate
MODIFY - voter wants to change some MINOR detail (e.g. reference/description)
REVIEWING - voter is reviewing/researching the candidate, or needs more info
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

1) Please write your vote on the line that starts with "VOTE: ".  If
   you want to add comments or details, add them to lines after the
   VOTE: line.

2) If you see any missing references, please mention them so that they
   can be included.  References help greatly during mapping.

3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes.
   So if you don't have sufficient information for a candidate but you
   don't want to NOOP, use a REVIEWING.

********** NOTE ********** NOTE ********** NOTE ********** NOTE **********

Please keep in mind that your vote and comments will be recorded and
publicly viewable in the mailing list archives or in other formats.

KEY FOR INFERRED ACTIONS
------------------------

Inferred actions capture the voting status of a candidate.  They may
be used by the Editor to determine whether or not a candidate is added
to CVE.  Where there is disagreement, the Editor must resolve the
issue and achieve consensus, or make the final decision if consensus
cannot be reached.

- ACCEPT = 3 non-MITRE votes to ACCEPT/MODIFY, and no REVIEWING or REJECT
- ACCEPT_ACK = 2 non-MITRE ACCEPT/MODIFY, and vendor acknowledgement
- MOREVOTES = needs more votes
- ACCEPT_REV = 3 non-MITRE ACCEPT's but is delayed due to a REVIEWING
- SMC_REJECT = REJECT by Steve Christey; likely to be rejected outright
- SMC_REVIEW = REVIEWING by Steve Christey; likely related to CD's
- REVIEWING = at least one member is REVIEWING
- REJECT = at least one member REJECTed
- REVOTE = members should review their vote on this candidate

======================================================
Candidate: CAN-2000-0340
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0340
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 20000511
Category: SF
Reference: BUGTRAQ:20000428 SuSE 6.3 Gnomelib buffer overflow
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=00042902575201.09597@wintermute-pub
Reference: BID:1155
Reference: URL:http://www.securityfocus.com/bid/1155

Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to
execute arbitrary commands via the DISPLAY environmental variable.

INFERRED ACTION: CAN-2000-0340 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, Cole, Armstrong

Comments:
 Frech> XF:linux-gnomelib-bo


VOTE:

======================================================
Candidate: CAN-2000-0341
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0341
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 20000511
Category: SF
Reference: NTBUGTRAQ:20000501 Remote DoS attack in CASSANDRA NNTPServer v1.10 from ATRIUM
Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=95736106504870&w=2
Reference: BID:1156
Reference: URL:http://www.securityfocus.com/bid/1156

ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a
denial of service via a long login name.

INFERRED ACTION: CAN-2000-0341 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, Cole, Armstrong

Comments:
 Frech> XF:nntpserver-cassandra-bo


VOTE:

======================================================
Candidate: CAN-2000-0344
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0344
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 20000511
Category: SF
Reference: BUGTRAQ:20000501 Linux knfsd DoS issue
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0005012042550.6419-100000@ferret.lmh.ox.ac.uk
Reference: BID:1160
Reference: URL:http://www.securityfocus.com/bid/1160

The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to
cause a denial of service via a negative size value.

INFERRED ACTION: CAN-2000-0344 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(4) Christey, Wall, Cole, Armstrong

Comments:
 Christey> ADDREF XF:linux-knfsd-dos
 Frech> XF:linux-knfsd-dos


VOTE:

======================================================
Candidate: CAN-2000-0458
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0458
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000615
Assigned: 20000614
Category: SF
Reference: BUGTRAQ:20000424 Two Problems in IMP 2
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=95672120116627&w=2
Reference: XF:imp-tmpfile-view

The MSWordView application in IMP creates world-readable files in the
/tmp directory, which allows other local users to read potentially
sensitive information.

INFERRED ACTION: CAN-2000-0458 ACCEPT (3 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(3) Frech, Levy, Ozancin
   NOOP(4) Prosser, Christey, Cole, Stracener

Comments:
 Christey> ADDREF BID:1360
 CHANGE> [Levy changed vote from REVIEWING to ACCEPT]


VOTE:

======================================================
Candidate: CAN-2000-0459
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0459
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000615
Assigned: 20000614
Category: SF
Reference: BUGTRAQ:20000424 Two Problems in IMP 2
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=95672120116627&w=2
Reference: XF:imp-wordfile-dos

IMP does not remove files properly if the MSWordView application
quits, which allows local users to cause a denial of service by
filling up the disk space by requesting a large number of documents
and prematurely stopping the request.

INFERRED ACTION: CAN-2000-0459 ACCEPT (3 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(3) Frech, Levy, Ozancin
   NOOP(4) Prosser, Christey, Cole, Stracener

Comments:
 Christey> ADDREF BID:1361
 CHANGE> [Levy changed vote from REVIEWING to ACCEPT]


VOTE:

======================================================
Candidate: CAN-2000-0470
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0470
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000601 Hardware Exploit - Gets network Down
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0398.html
Reference: BID:1290
Reference: URL:http://www.securityfocus.com/bid/1290

Allegro RomPager HTTP server allows remote attackers to cause a denial
of service via a malformed authentication request.

INFERRED ACTION: CAN-2000-0470 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, LeBlanc, Ozancin

Comments:
 Frech> XF:rompager-malformed-dos(4588)


VOTE:

======================================================
Candidate: CAN-2000-0471
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0471
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000614 Vulnerability in Solaris ufsrestore
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0114.html
Reference: BID:1348
Reference: URL:http://www.securityfocus.com/bid/1348

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local
users to gain root privileges via a long pathname.

INFERRED ACTION: CAN-2000-0471 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(1) Christey

Comments:
 Christey> XF:sol-ufsrestore-bo
 Frech> XF:sol-ufsrestore-bo(4711)


VOTE:

======================================================
Candidate: CAN-2000-0484
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0484
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000616 Remote DoS Attack in Small HTTP Server ver. 1.212 Vulnerability
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=96113651713414&w=2
Reference: NTBUGTRAQ:20000616 Remote DoS Attack in Small HTTP Server ver. 1.212 Vulnerability
Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=96151775004229&w=2
Reference: BID:1355
Reference: URL:http://www.securityfocus.com/bid/1355

Buffer overflow in Small HTTP Server allows remote attackers to cause
a denial of service via a long GET request.

INFERRED ACTION: CAN-2000-0484 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(1) Christey

Comments:
 Christey> XF:small-http-get-overflow-dos
 Frech> XF:small-http-get-overflow-dos(4692)


VOTE:

======================================================
Candidate: CAN-2000-0488
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0488
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000601 DST2K0007: Buffer Overrun in ITHouse Mail Server v1.04
Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q2/0148.html
Reference: BID:1285
Reference: URL:http://www.securityfocus.com/bid/1285

Buffer overflow in ITHouse mail server 1.04 allows remote attackers to
execute arbitrary commands via a long RCPT TO mail command.

INFERRED ACTION: CAN-2000-0488 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, LeBlanc, Ozancin

Comments:
 Frech> XF:ithouse-rcpt-overflow(4580)


VOTE:

======================================================
Candidate: CAN-2000-0490
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0490
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000601 Netwin's Dmail package
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0407.html
Reference: BID:1297
Reference: URL:http://www.securityfocus.com/bid/1297

Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package
allows remote attackers to execute arbitrary commands via a long ETRN
request.

INFERRED ACTION: CAN-2000-0490 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, LeBlanc, Ozancin

Comments:
 Frech> XFdmail-etrn-dos(4579)


VOTE:

======================================================
Candidate: CAN-2000-0494
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0494
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000616 Veritas Volume Manager 3.0.x hole
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0151.html
Reference: BID:1356
Reference: URL:http://www.securityfocus.com/bid/1356

Veritas Volume Manager creates a world writable .server_pids file,
which allows local users to add arbitrary commands into the file,
which is then executed by the vmsa_server script.

INFERRED ACTION: CAN-2000-0494 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech

Comments:
 Frech> XF:veritas-volume-manager(5009)


VOTE:

======================================================
Candidate: CAN-2000-0498
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0498
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: NTBUGTRAQ:20000608 Potential vulnerability in Unify eWave ServletExec
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0250.html
Reference: BID:1328
Reference: URL:http://www.securityfocus.com/bid/1328

Unify eWave ServletExec allows a remote attacker to view source code
of a JSP program by requesting a URL which provides the JSP extension
in upper case.

INFERRED ACTION: CAN-2000-0498 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, LeBlanc, Ozancin

Comments:
 Frech> XF:ewave-servletexec-jsp-source-read(4649)


VOTE:

======================================================
Candidate: CAN-2000-0501
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0501
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: NTBUGTRAQ:20000616 mdaemon 2.8.5.0 WinNT and Win9x remote DoS
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0277.html
Reference: BID:1366
Reference: URL:http://www.securityfocus.com/bid/1366

Race condition in MDaemon 2.8.5.0 POP server allows local users to
cause a denial of service by entering a UIDL command and quickly
exiting the server.

INFERRED ACTION: CAN-2000-0501 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(1) Christey

Comments:
 Christey> XF:mdaemon-pass-dos
 Frech> XF:mdaemon-pass-dos(4745)


VOTE:

======================================================
Candidate: CAN-2000-0504
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0504
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000619 XFree86: libICE DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0170.html
Reference: BID:1369
Reference: URL:http://www.securityfocus.com/bid/1369

libICE in XFree86 allows remote attackers to cause a denial of service
by specifying a large value which is not properly checked by the
SKIP_STRING macro.

INFERRED ACTION: CAN-2000-0504 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(1) Christey

Comments:
 Christey> XF:linux-libice-dos
 Frech> XF:linux-libice-dos(4761)


VOTE:

======================================================
Candidate: CAN-2000-0507
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0507
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000601 DST2K0006: Denial of Service Possibility in Imate WebMail Server
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=95990195708509&w=2
Reference: BID:1286
Reference: URL:http://www.securityfocus.com/bid/1286

Imate Webmail Server 2.5 allows remote attackers to cause a denial of
service via a long HELO command.

INFERRED ACTION: CAN-2000-0507 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, LeBlanc, Ozancin

Comments:
 Frech> XF:nt-webmail-dos(4586)


VOTE:

======================================================
Candidate: CAN-2000-0523
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0523
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF/CF/MP/SA/AN/unknown
Reference: BUGTRAQ:20000606 MDMA Advisory #6: EServ Logging Heap Overflow Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0009.html
Reference: BID:1315
Reference: URL:http://www.securityfocus.com/bid/1315

Buffer overflow in the logging feature of EServ 2.9.2 and earlier
allows an attacker to execute arbitrary commands via a long MKD
command.

INFERRED ACTION: CAN-2000-0523 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, LeBlanc, Ozancin

Comments:
 Frech> XF:eserv-logging-overflow(4614)


VOTE:

======================================================
Candidate: CAN-2000-0541
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0541
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000617 Infosec.20000617.panda.a
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html
Reference: BID:1359
Reference: URL:http://www.securityfocus.com/bid/1359

The Panda Antivirus console on port 2001 allows local users to execute
arbitrary commands without authentication via the CMD command.

INFERRED ACTION: CAN-2000-0541 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(1) Christey

Comments:
 Christey> XF:panda-antivirus-remote-admin
 Frech> XF:panda-antivirus-remote-admin(4707)


VOTE:

======================================================
Candidate: CAN-2000-0542
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0542
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000612 ACC/Ericsson Tigris Accounting Failure
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0104.html
Reference: BID:1345
Reference: URL:http://www.securityfocus.com/bid/1345

Tigris remote access server before 11.5.4.22 does not properly record
Radius accounting information when a user fails the initial login
authentication but subsequently succeeds.

INFERRED ACTION: CAN-2000-0542 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(4) Christey, Wall, LeBlanc, Ozancin

Comments:
 Christey> XF:tigris-radius-login-failure
 Frech> XF:tigris-radius-login-failure(4705)


VOTE:

======================================================
Candidate: CAN-2000-0543
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0543
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000614 Remote DoS attack in Networks Associates PGP Certificate Server Version 2.5 Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0107.html
Reference: BID:1343
Reference: URL:http://www.securityfocus.com/bid/1343

The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows
remote attackers to cause a denial of service if their hostname does
not have a reverse DNS entry and they connect to port 4000.

INFERRED ACTION: CAN-2000-0543 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(1) Christey

Comments:
 Christey> XF:pgp-cert-server-dos
 Frech> XF:pgp-cert-server-dos(4695)


VOTE:

======================================================
Candidate: CAN-2000-0557
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0557
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: NTBUGTRAQ:20000608 DST2K0011: DoS & BufferOverrun in CMail v2.4.7 WebMail
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0248.html
Reference: BID:1318
Reference: URL:http://www.securityfocus.com/bid/1318

Buffer overflow in the web interface for Cmail 2.4.7 allows remote
attackers to execute arbitrary commands via a long GET request.

INFERRED ACTION: CAN-2000-0557 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, LeBlanc, Ozancin

Comments:
 Frech> XF:cmail-get-overflow-execute(4626)


VOTE:

======================================================
Candidate: CAN-2000-0561
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0561
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000620 DST2K0018: Multiple BufferOverruns in WebBBS HTTP Server v1.15
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0175.html
Reference: BID:1365
Reference: URL:http://www.securityfocus.com/bid/1365

Buffer overflow in WebBBS 1.15 allows remote attackers to execute
arbitrary commands via a long HTTP GET request.

INFERRED ACTION: CAN-2000-0561 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(1) Christey

Comments:
 Christey> XF:webbbs-get-request-overflow
 Frech> XF:webbbs-get-request-overflow(4742)


VOTE:

======================================================
Candidate: CAN-2000-0562
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0562
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000620 BlackICE by Network ICE Corp vulnerability against Back Orifice 1.2
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0190.html

BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and
earlier, do not properly block Back Orifice traffic when the security
setting is Nervous or lower.

INFERRED ACTION: CAN-2000-0562 ACCEPT_ACK (2 accept, 1 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(1) Christey

Comments:
 Levy> What do others think? Should this be a vuln? I can see the argument
   that some features are simply not available unless you use the maximum
   security settings.
 Christey> At the very least, this needs to be modified to state that
   this problem/concern applies to high ports in general, not
   just Back orifice.

   The Bugtraq poster claims that BlackICE "shuts down" the port,
   but only *after* some initial traffic "leaks" out.  This may
   be by design, but it does mean that there is a small window
   of opportunity in which BlackICE may not work "as
   advertised," even at lower security settings.
 Christey> XF:blackice-security-level-nervous
   BID:1389
 Frech> XF:blackice-security-level-nervous(4777)
 CHANGE> [Levy changed vote from REVIEWING to ACCEPT]


VOTE:

======================================================
Candidate: CAN-2000-0565
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0565
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000712
Assigned: 20000711
Category: SF
Reference: BUGTRAQ:20000613 SmartFTP Daemon v0.2 Beta Build 9 - Remote Exploit
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0100.html
Reference: BID:1344
Reference: URL:http://www.securityfocus.com/bid/1344

SmartFTP Daemon 0.2 allows a local user to access arbitrary files by
uploading and specifying an alternate user configuration file via a
.. (dot dot) attack.

INFERRED ACTION: CAN-2000-0565 MOREVOTES-1 (2 accept, 0 ack, 0 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(4) Christey, Wall, LeBlanc, Ozancin

Comments:
 Christey> XF:smartftp-directory-traversal
 Frech> XF:smartftp-directory-traversal(4706)


VOTE:

======================================================
Candidate: CAN-2000-0568
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0568
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000719
Assigned: 20000719
Category: SF
Reference: BUGTRAQ:20000630 Multiple vulnerabilities in Sybergen Secure Desktop
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=4125690E.00524395.00@guardianit.se
Reference: XF:sybergen-routing-table-modify
Reference: BID:1417
Reference: URL:http://www.securityfocus.com/bid/1417

Sybergen Secure Desktop 2.1 does not properly protect against false
router advertisements (ICMP type 9), which allows remote attackers to
modify default routes.

INFERRED ACTION: CAN-2000-0568 MOREVOTES-1 (2 accept, 0 ack, 1 review)

Current Votes:
   ACCEPT(2) Frech, Levy
   NOOP(3) Wall, Cole, LeBlanc
   REVIEWING(1) Magdych


VOTE:

======================================================
Candidate: CAN-2000-0569
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0569
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000719
Assigned: 20000719
Category: SF
Reference: MISC:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q2/0189.html
Reference: BID:1420
Reference: URL:http://www.securityfocus.com/bid/1420

Sybergen Sygate allows remote attackers to cause a denial of service
by sending a malformed DNS UDP packet to its internal interface.

INFERRED ACTION: CAN-2000-0569 MOREVOTES-1 (2 accept, 0 ack, 1 review)

Current Votes:
   ACCEPT(1) Levy
   MODIFY(1) Frech
   NOOP(3) Wall, Cole, LeBlanc
   REVIEWING(1) Magdych

Comments:
 Frech> XF:sygate-udp-packet-dos(5049)


VOTE:
Page Last Updated or Reviewed: May 22, 2007