|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-50 - 37 candidates
The following cluster contains 37 candidates that were announced between December 19, 2000 and January 31, 2001. (Candidates from late January were reserved by organizations for use in initial public vulnerability announcements. The remaining candidates from January will be proposed within a few weeks.) You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The voting web site will be updated with this cluster later today. Recent additions to the Editorial Board will also be notified about their account information at that time. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. - Steve Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-0003 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0003 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010104 Category: SF/CF/MP/SA/AN/unknown Reference: MS:MS01-001 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-001.asp Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0003 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0004 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0004 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010104 Category: SF/CF/MP/SA/AN/unknown Reference: BUGTRAQ:20010108 IIS 5.0 allows viewing files using %3F+.htr Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97897954625305&w=2 Reference: MS:MS01-004 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-004.asp IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0004 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0005 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0005 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010104 Category: SF Reference: ATSTAKE:A012301-1 Reference: URL:http://www.atstake.com/research/advisories/2001/a012301-1.txt Reference: MS:MS01-002 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-002.asp Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2001-0005 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0006 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0006 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010104 Category: SF/CF/MP/SA/AN/unknown Reference: BUGTRAQ:20010126 ntsecurity.nu advisory: Winsock Mutex Vulnerability in Windows NT 4.0 SP6 and below Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98075221915234&w=2 Reference: MS:MS01-003 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-003.asp The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0006 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0008 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0008 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010110 Category: SF Reference: CERT:CA-2001-01 Reference: URL:http://www.cert.org/advisories/CA-2001-01.html Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures. Analysis ---------------- ED_PRI CAN-2001-0008 1 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0010 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0010 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010118 Category: SF/CF/MP/SA/AN/unknown Reference: CERT:CA-2001-02 Reference: URL:http://www.cert.org/advisories/CA-2001-02.html Reference: NAI:20010129 Vulnerabilities in BIND 4 and 8 Reference: URL:http://www.pgp.com/research/covert/advisories/047.asp Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. Analysis ---------------- ED_PRI CAN-2001-0010 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0011 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0011 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010118 Category: SF/CF/MP/SA/AN/unknown Reference: CERT:CA-2001-02 Reference: URL:http://www.cert.org/advisories/CA-2001-02.html Reference: NAI:20010129 Vulnerabilities in BIND 4 and 8 Reference: URL:http://www.pgp.com/research/covert/advisories/047.asp Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. Analysis ---------------- ED_PRI CAN-2001-0011 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0012 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0012 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010119 Category: SF/CF/MP/SA/AN/unknown Reference: CERT:CA-2001-02 Reference: URL:http://www.cert.org/advisories/CA-2001-02.html Reference: NAI:20010129 Vulnerabilities in BIND 4 and 8 Reference: URL:http://www.pgp.com/research/covert/advisories/047.asp BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. Analysis ---------------- ED_PRI CAN-2001-0012 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0013 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0013 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010125 Category: SF/CF/MP/SA/AN/unknown Reference: CERT:CA-2001-02 Reference: URL:http://www.cert.org/advisories/CA-2001-02.html Reference: NAI:20010129 Vulnerabilities in BIND 4 and 8 Reference: URL:http://www.pgp.com/research/covert/advisories/047.asp Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. Analysis ---------------- ED_PRI CAN-2001-0013 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0014 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0014 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010127 Category: SF/CF/MP/SA/AN/unknown Reference: MS:MS01-006 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-006.asp Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0014 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0019 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0019 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010131 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A013101-1 Reference: URL:http://www.atstake.com/research/advisories/2001/a013101-1.txt Reference: CISCO:20010131 Cisco Content Services Switch Vulnerability Reference: URL:http://www.cisco.com/warp/public/707/arrowpoint-cli-filesystem-pub.shtml Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands. Analysis ---------------- ED_PRI CAN-2001-0019 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0020 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0020 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010131 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A013101-1 Reference: URL:http://www.atstake.com/research/advisories/2001/a013101-1.txt Reference: CISCO:20010131 Cisco Content Services Switch Vulnerability Reference: URL:http://www.cisco.com/warp/public/707/arrowpoint-cli-filesystem-pub.shtml Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. Analysis ---------------- ED_PRI CAN-2001-0020 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0069 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0069 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: DEBIAN:DSA-008-1 Reference: URL:http://www.debian.org/security/2000/20001225 Reference: BID:2151 Reference: URL:http://www.securityfocus.com/bid/2151 Reference: XF:dialog-symlink Reference: URL:http://xforce.iss.net/static/5809.php dialog before 0.9a-20000118-3bis in Debian Linux allows local users to overwrite arbitrary files via a symlink attack. Analysis ---------------- ED_PRI CAN-2001-0069 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0071 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0071 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: REDHAT:RHSA-2000-131 Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-131.html Reference: MANDRAKE:MDKSA-2000-087 Reference: URL:http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-087.php3 Reference: DEBIAN:DSA-010-1 Reference: URL:http://www.debian.org/security/2000/20001225b Reference: XF:gnupg-detached-sig-modify Reference: URL:http://xforce.iss.net/static/5802.php Reference: CONECTIVA:CLA-2000:368 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000368 Reference: BID:2141 Reference: URL:http://www.securityfocus.com/bid/2141 Reference: BUGTRAQ:20001220 Trustix Security Advisory - gnupg, ftpd-BSD Reference: URL:http://www.securityfocus.com/archive/1/152197 gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection. Analysis ---------------- ED_PRI CAN-2001-0071 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0072 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0072 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: REDHAT:RHSA-2000-131 Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-131.html Reference: MANDRAKE:MDKSA-2000-087 Reference: URL:http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-087.php3 Reference: DEBIAN:DSA-010-1 Reference: URL:http://www.debian.org/security/2000/20001225b Reference: CONECTIVA:CLA-2000:368 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000368 Reference: BUGTRAQ:20001220 Trustix Security Advisory - gnupg, ftpd-BSD Reference: URL:http://www.securityfocus.com/archive/1/152197 Reference: BID:2153 Reference: URL:http://www.securityfocus.com/bid/2153 Reference: XF:gnupg-reveal-private Reference: URL:http://xforce.iss.net/static/5803.php gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust. Analysis ---------------- ED_PRI CAN-2001-0072 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0085 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0085 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: HP:HPSBUX0012-135 Reference: URL:http://archives.neohapsis.com/archives/hp/2000-q4/0083.html Reference: BID:2170 Reference: URL:http://www.securityfocus.com/bid/2170 Reference: XF:hpux-kermit-bo Reference: URL:http://xforce.iss.net/static/5793.php Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2001-0085 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0093 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0093 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: NETBSD:NetBSD-SA2000-017 Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-017.txt.asc Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. Analysis ---------------- ED_PRI CAN-2001-0093 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0094 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0094 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: NETBSD:NetBSD-SA2000-017 Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-017.txt.asc Buffer overflow in libkrb (Kerberos 4 library) in FreeBSD 1.5 may allow local users to gain root privileges. Analysis ---------------- ED_PRI CAN-2001-0094 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0096 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0096 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: MS:MS00-100 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS00-100.asp Reference: XF:iis-web-form-submit Reference: URL:http://xforce.iss.net/static/5823.php FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0096 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0101 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0101 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: Reference: TURBO:TLSA2000024-1 Reference: URL:http://www.turbolinux.com/pipermail/tl-security-announce/2000-December/000027.html Reference: REDHAT:RHBA-2000:106-04 Reference: URL:http://www.redhat.com/support/errata/RHBA-2000-106.html Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command. Analysis ---------------- ED_PRI CAN-2001-0101 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0106 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0106 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: HP:HPSBUX0101-136 Reference: URL:http://archives.neohapsis.com/archives/hp/2001-q1/0009.html Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server. Analysis ---------------- ED_PRI CAN-2001-0106 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0009 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0009 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010110 Category: SF/CF/MP/SA/AN/unknown Reference: BUGTRAQ:20010109 bugtraq id 2173 Lotus Domino Server Reference: URL:http://www.securityfocus.com/archive/1/155124 Reference: BID:2173 Reference: URL:http://www.securityfocus.com/bid/2173 Reference: BUGTRAQ:20010105 Lotus Domino 5.0.5 Web Server vulnerability - reading files outside the web root Reference: URL:http://www.securityfocus.com/archive/1/154537 Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack. Analysis ---------------- ED_PRI CAN-2001-0009 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0099 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0099 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001221 BS Scripts Vulnerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0390.html Reference: MISC:http://www.stanback.net/ Reference: XF:bsguest-cgi-execute-commands Reference: URL:http://xforce.iss.net/static/5796.php bsguest.cgi guestbook script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. Analysis ---------------- ED_PRI CAN-2001-0099 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0100 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0100 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001221 BS Scripts Vulnerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0390.html Reference: MISC:http://www.stanback.net/ Reference: XF:bslist-cgi-execute-commands Reference: URL:http://xforce.iss.net/static/5797.php bslist.cgi mailing list script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. Analysis ---------------- ED_PRI CAN-2001-0100 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0007 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0007 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010108 Category: SF/CF/MP/SA/AN/unknown Reference: BUGTRAQ:20000109 NSFOCUS SA2001-01: NetScreen Firewall WebUI Buffer Overflow vulnerability Reference: URL:http://www.securityfocus.com/archive/1/155149 Reference: BID:2176 Reference: URL:http://www.securityfocus.com/bid/2176 Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface. Analysis ---------------- ED_PRI CAN-2001-0007 3 Vendor Acknowledgement: unknown claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0048 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0048 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: CF Reference: MS:MS00-099 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS00-099.asp Reference: BID:2133 Reference: URL:http://www.securityfocus.com/bid/2133 The "Configure Your Server" tool in Microsoft 2000 domain controllers installs a blank password for the Directory Service Restore Mode, which allows attackers with physical access to the controller to install malicious programs, aka the "Directory Service Restore Mode Password" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0048 3 Vendor Acknowledgement: yes advisory Content Decisions: CF-REGISTRY Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0064 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0064 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001219 def-2000-03: MDaemon 3.5.0 DoS Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0315.html Reference: BID:2134 Reference: URL:http://www.securityfocus.com/bid/2134 Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string. Analysis ---------------- ED_PRI CAN-2001-0064 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0070 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0070 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001226 1st Up Mail Server v4.1 Buffer Overflow Vulnerability Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0143.html Reference: BID:2152 Reference: URL:http://www.securityfocus.com/bid/2152 Reference: XF:1stup-mail-server-bo Reference: URL:http://xforce.iss.net/static/5808.php Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long MAIL FROM command. Analysis ---------------- ED_PRI CAN-2001-0070 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0073 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0073 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001226 buffer overflow in libsecure (NSA Security-enhanced Linux) Reference: URL:http://www.securityfocus.com/archive/1/153188 Reference: BID:2154 Reference: URL:http://www.securityfocus.com/bid/2154 Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory. Analysis ---------------- ED_PRI CAN-2001-0073 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0074 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0074 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001223 Technote Reference: URL:http://www.securityfocus.com/archive/1/153007 Reference: BID:2155 Reference: URL:http://www.securityfocus.com/bid/2155 Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the board parameter. Analysis ---------------- ED_PRI CAN-2001-0074 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0075 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0075 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001227 [Ksecurity Advisory] main.cgi in technote Reference: URL:http://www.securityfocus.com/archive/1/153212 Reference: BID:2156 Reference: URL:http://www.securityfocus.com/bid/2156 Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter. Analysis ---------------- ED_PRI CAN-2001-0075 3 Vendor Acknowledgement: Content Decisions: SF-EXEC,SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0076 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0076 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001228 Remote vulnerability in Ikonboard upto version 2.1.7b Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0483.html Reference: BID:2157 Reference: URL:http://www.securityfocus.com/bid/2157 Reference: XF:http-cgi-ikonboard Reference: URL:http://xforce.iss.net/static/5819.php register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed. Analysis ---------------- ED_PRI CAN-2001-0076 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0084 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0084 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20010102 gtk+ security hole. Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0498.html Reference: BUGTRAQ:20010103 Claimed vulnerability in GTK_MODULES Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0027.html Reference: BID:2165 Reference: URL:http://www.securityfocus.com/bid/2165 Reference: MISC:http://www.gtk.org/setuid.html GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program. Analysis ---------------- ED_PRI CAN-2001-0084 3 Vendor Acknowledgement: no INCLUSION: The GTK+ team claims that using GTK+ in setuid/setgid programs is inherently risky, so the GTK_MODULES variable poses no additional risk, and thus it is not a vulnerability. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0087 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0087 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001219 itetris[v1.6.2] local root exploit (system()+../ protection) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0295.html Reference: BID:2139 Reference: URL:http://www.securityfocus.com/bid/2139 Reference: XF:itetris-svgalib-path Reference: URL:http://xforce.iss.net/static/5795.php itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program. Analysis ---------------- ED_PRI CAN-2001-0087 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0097 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0097 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001221 Infinite InterChange DoS Reference: URL:http://www.securityfocus.com/archive/1/152403 Reference: BID:2140 Reference: URL:http://www.securityfocus.com/bid/2140 Reference: XF:infinite-interchange-dos Reference: URL:http://xforce.iss.net/static/5798.php The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request. Analysis ---------------- ED_PRI CAN-2001-0097 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0098 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0098 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001219 def-2000-04: Bea WebLogic Server dotdot-overflow Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0331.html Reference: BID:2138 Reference: URL:http://www.securityfocus.com/bid/2138 Reference: XF:weblogic-dot-bo Reference: URL:http://xforce.iss.net/static/5782.php Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begins with a ".." string. Analysis ---------------- ED_PRI CAN-2001-0098 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0102 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0102 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001229 Mac OS 9 Multiple Users Control Panel Password Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0497.html Reference: XF:macos-multiple-users Reference: URL:http://xforce.iss.net/static/5830.php "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password. Analysis ---------------- ED_PRI CAN-2001-0102 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
