|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-52 - 21 candidates
The following cluster contains 21 candidates that were anounced between January 11, 2001 and February 13, 2001. (With the exception of several reserved candidates, most were announced between January 11 and January 17). You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. - Steve Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-0015 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0015 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010127 Category: SF Reference: MS:MS01-007 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-007.asp Reference: ATSTAKE:A020501-1 Reference: URL:http://www.atstake.com/research/advisories/2001/a020501-1.txt Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process. Analysis ---------------- ED_PRI CAN-2001-0015 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0016 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0016 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010127 Category: SF/CF/MP/SA/AN/unknown Reference: BINDVIEW:20010207 Local promotion vulnerability in NT4's NTLM Security Support Provider Reference: URL:http://razor.bindview.com/publish/advisories/adv_NTLMSSP.html Reference: MS:MS01-008 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-008.asp NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access. Analysis ---------------- ED_PRI CAN-2001-0016 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0017 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0017 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010127 Category: SF Reference: MS:MS01-009 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-009.asp Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0017 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0110 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0110 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010114 Vulnerability in jaZip. Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0228.html Reference: DEBIAN:DSA-017-1 Reference: URL:http://www.debian.org/security/2001/dsa-017 Reference: BID:2209 Reference: URL:http://www.securityfocus.com/bid/2209 Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable. Analysis ---------------- ED_PRI CAN-2001-0110 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0111 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0111 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010114 [MSY] Multiple vulnerabilities in splitvt Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97958269320974&w=2 Reference: DEBIAN:DSA-014-1 Reference: URL:http://www.debian.org/security/2001/dsa-014 Reference: BID:2210 Reference: URL:http://www.securityfocus.com/bid/2210 Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. Analysis ---------------- ED_PRI CAN-2001-0111 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0115 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0115 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010111 Solaris Arp Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97934312727101&w=2 Reference: BUGTRAQ:20010112 arp exploit Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97957435729702&w=2 Reference: SUN:00200 Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/200&type=0&nav=sec.sba Reference: BID:2193 Reference: URL:http://www.securityfocus.com/bid/2193 Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter. Analysis ---------------- ED_PRI CAN-2001-0115 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0129 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0129 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010117 [pkc] remote heap overflow in tinyproxy Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97975486527750&w=2 Reference: DEBIAN:DSA-018-1 Reference: URL:http://www.debian.org/security/2001/dsa-018 Reference: FREEBSD:FreeBSD-SA-01:15 Reference: BID:2217 Reference: URL:http://www.securityfocus.com/bid/2217 Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. Analysis ---------------- ED_PRI CAN-2001-0129 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0144 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0144 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010208 Category: SF Reference: BINDVIEW:20010208 Remote vulnerability in SSH daemon crc32 compensation attack detector Reference: URL:http://razor.bindview.com/publish/advisories/adv_ssh1crc.html Reference: BUGTRAQ:20010208 [CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98168366406903&w=2 Reference: BID:2347 Reference: URL:http://www.securityfocus.com/bid/2347 CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. Analysis ---------------- ED_PRI CAN-2001-0144 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0130 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0130 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF/CF/MP/SA/AN/unknown Reference: MISC:http://service1.symantec.com/sarc/sarc.nsf/info/html/Lotus.Domino.Denial.of.Service.Malformed.HTML.Email.html Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier. Analysis ---------------- ED_PRI CAN-2001-0130 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0107 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0107 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010115 Veritas BackupExec (remote DoS) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97958921407182&w=2 Reference: BID:2204 Reference: URL:http://www.securityfocus.com/bid/2204 Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang. Analysis ---------------- ED_PRI CAN-2001-0107 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0108 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0108 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010112 PHP Security Advisory - Apache Module bugs Reference: URL:http://www.securityfocus.com/archive/1/156202 Reference: BID:2206 Reference: URL:http://www.securityfocus.com/bid/2206 PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested. Analysis ---------------- ED_PRI CAN-2001-0108 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0109 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0109 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010113 Serious security flaw in SuSE rctab Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0226.html Reference: BID:2207 Reference: URL:http://www.securityfocus.com/bid/2207 rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. Analysis ---------------- ED_PRI CAN-2001-0109 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0112 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0112 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010114 [MSY] Multiple vulnerabilities in splitvt Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97958269320974&w=2 Reference: DEBIAN:DSA-014-2 Reference: URL:http://www.debian.org/security/2001/dsa-014 Reference: BID:2210 Reference: URL:http://www.securityfocus.com/bid/2210 Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2001-0112 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0113 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0113 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010116 Vulnerabilities in OmniHTTPd default installation Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0248.html Reference: BID:2211 Reference: URL:http://www.securityfocus.com/bid/2211 statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script. Analysis ---------------- ED_PRI CAN-2001-0113 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0114 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0114 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010116 Vulnerabilities in OmniHTTPd default installation Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0248.html Reference: BID:2211 Reference: URL:http://www.securityfocus.com/bid/2211 statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite arbitrary files via the cgidir parameter. Analysis ---------------- ED_PRI CAN-2001-0114 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0127 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0127 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010115 Flash plugin write-overflow Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0236.html Reference: BID:2214 Reference: URL:http://www.securityfocus.com/bid/2214 Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag. Analysis ---------------- ED_PRI CAN-2001-0127 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0132 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0132 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010114 Trend Micro's VirusWall: Multiple vunerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0235.html Reference: BID:2213 Reference: URL:http://www.securityfocus.com/bid/2213 Interscan VirusWall 3.6.x and earlier follows symbolic links when uninstalling the product, which allows local users to overwrite arbitrary files via a symlink attack. Analysis ---------------- ED_PRI CAN-2001-0132 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0133 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0133 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010114 Trend Micro's VirusWall: Multiple vunerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0235.html Reference: BID:2212 Reference: URL:http://www.securityfocus.com/bid/2212 The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords. Analysis ---------------- ED_PRI CAN-2001-0133 3 Vendor Acknowledgement: Content Decisions: DESIGN-NO-ENCRYPTION Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0134 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0134 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010116 iXsecurity.20001120.compaq-authbo.a Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97967435023835&w=2 Reference: COMPAQ:SSRT0705 Reference: URL:http://www5.compaq.com/products/servers/management/agentsecurity.html Reference: BID:2200 Reference: URL:http://www.securityfocus.com/bid/2200 Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name. Analysis ---------------- ED_PRI CAN-2001-0134 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-CODEBASE Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0135 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0135 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: CF Reference: BUGTRAQ:20010112 UltraBoard cgi directory permission problem Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97933458505857&w=2 Reference: BID:2197 Reference: URL:http://www.securityfocus.com/bid/2197 The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs. Analysis ---------------- ED_PRI CAN-2001-0135 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0137 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0137 Final-Decision: Interim-Decision: Modified: Proposed: 20010214 Assigned: 20010206 Category: SF Reference: BUGTRAQ:20010115 Windows Media Player 7 and IE java vulnerability - executing arbitrary programs Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97958100816503&w=2 Reference: BID:2203 Reference: URL:http://www.securityfocus.com/bid/2203 Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag. Analysis ---------------- ED_PRI CAN-2001-0137 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
