|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-59 - 38 candidates
I have proposed cluster RECENT-59 for review and voting by the Editorial Board. Name: RECENT-59 Description: Candidates announced between 2/5/2001 and 3/20/2001 Size: 38 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-0388 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0388 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: FREEBSD:FreeBSD-SA-01:28 Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:28.timed.asc Reference: MANDRAKE:MDKSA-2001:034 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-034.php3 Reference: SUSE:SuSE-SA:2001:07 Reference: URL:http://www.suse.de/de/support/security/2001_007_nkitserv.txt Reference: XF:timed-remote-dos Reference: URL:http://xforce.iss.net/static/6228.php time server daemon timed allows remote attackers to cause a denial of service via malformed packets. Analysis ---------------- ED_PRI CAN-2001-0388 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0416 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0416 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: DEBIAN:DSA-038 Reference: URL:http://www.debian.org/security/2001/dsa-038 Reference: REDHAT:RHSA-2001:027 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-027.html Reference: BUGTRAQ:20010316 Immunix OS Security update for sgml-tools Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98477491130367&w=2 Reference: MANDRAKE:MDKSA-2001:030 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-030.php3 Reference: CONECTIVA:CLA-2001:390 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000390 Reference: XF:sgmltools-symlink Reference: URL:http://xforce.iss.net/static/6201.php sgml-tools before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools. Analysis ---------------- ED_PRI CAN-2001-0416 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0417 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0417 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010307 Security advisory: Unsafe temporary file handling in krb4 Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0078.html Reference: REDHAT:RHSA-2001:025 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-025.htm Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files. Analysis ---------------- ED_PRI CAN-2001-0417 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0441 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0441 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: DEBIAN:DSA-040 Reference: URL:http://www.debian.org/security/2001/dsa-040 Reference: MANDRAKE:MDKSA-2001:028 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3 Reference: CONECTIVA:CLA-2001:383 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000383 Reference: REDHAT:RHSA-2001:028 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-028.html Reference: FREEBSD:FreeBSD-SA-01:37 Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html Reference: BUGTRAQ:20010316 Immunix OS Security update for slrn Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98471253131191&w=2 Reference: BID:2493 Reference: URL:http://www.securityfocus.com/bid/2493 Reference: XF:slrn-wrapping-bo Reference: URL:http://xforce.iss.net/static/6213.php Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header. Analysis ---------------- ED_PRI CAN-2001-0441 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0455 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0455 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: CISCO:20010307 Access to the Cisco Aironet 340 Series Wireless Bridge via Web Interface Reference: URL:http://www.cisco.com/warp/public/707/Aironet340-pub.shtml Reference: XF:cisco-aironet-web-access Reference: URL:http://xforce.iss.net/static/6200.php Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. Analysis ---------------- ED_PRI CAN-2001-0455 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0456 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0456 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: CF Reference: DEBIAN:DSA-032 Reference: URL:http://www.debian.org/security/2001/dsa-032 Reference: XF:proftpd-postinst-root Reference: URL:http://xforce.iss.net/static/6208.php postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended. Analysis ---------------- ED_PRI CAN-2001-0456 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0457 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0457 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: Reference: DEBIAN:DSA-035 Reference: URL:http://www.debian.org/security/2001/dsa-035 Reference: XF:man2html-remote-dos Reference: URL:http://xforce.iss.net/static/6211.php man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion). Analysis ---------------- ED_PRI CAN-2001-0457 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0469 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0469 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: FREEBSD:FreeBSD-SA-01:29 Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-03/0163.html Reference: BID:2473 Reference: URL:http://www.securityfocus.com/bid/2473 Reference: XF:rwhod-remote-dos Reference: URL:http://xforce.iss.net/static/6229.php rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length. Analysis ---------------- ED_PRI CAN-2001-0469 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0473 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0473 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: MANDRAKE:MDKSA-2001-031 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3 Reference: REDHAT:RHSA-2001:029 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-029.html Reference: BUGTRAQ:20010315 Immunix OS Security update for mutt Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98473109630421&w=2 Reference: CONECTIVA:CLA-2001:385 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000385 Reference: BUGTRAQ:20010320 Trustix Security Advisory - mutt Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html Reference: XF:mutt-imap-format-string Reference: URL:http://xforce.iss.net/static/6235.php Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2001-0473 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0361 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0361 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010207 CORE-20010116: SSH protocol 1.5 session key recovery Reference: URL:http://www.core-sdi.com/advisories/ssh1_sessionkey_recovery.htm Reference: BID:2344 Reference: URL:http://www.securityfocus.com/bid/2344 The SSH version 1.5 protocol allows a remote attacker to decrypt and/or alter traffic via an attack on PKCS#1 version 1.5 knows as a "Bleichenbacher attack". OpenSSH up to version 2.3.0, AppGate, and SSH Communications Security ssh-1 up to version 1.2.31 have the vulnerability present, although it may not be exploitable due to configurations. Analysis ---------------- ED_PRI CAN-2001-0361 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0364 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0364 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010315 Remote DoS attack against SSH Secure Shell for Windows Servers Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98467799732241&w=2 Reference: BID:2477 Reference: URL:http://www.securityfocus.com/bid/2477 Reference: XF:ssh-ssheloop-dos Reference: URL:http://xforce.iss.net/static/6241.php SSH Communications Security sshd versions 2.4 for Windows allows a remote attacker to create a denial of service via a large number of simultaneous connections. Analysis ---------------- ED_PRI CAN-2001-0364 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0365 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0365 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010318 feeble.you!dora.exploit Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98503741910995&w=2 Reference: XF:eudora-html-execute-code Reference: URL:http://xforce.iss.net/static/6262.php Reference: BID:2490 Reference: URL:http://www.securityfocus.com/bid/2490 Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags. Analysis ---------------- ED_PRI CAN-2001-0365 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0378 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0378 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010320 readline patch available Reference: URL:http://archives.neohapsis.com/archives/openbsd/2001-03/1627.html Reference: CONFIRM:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/024_readline.patch readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. Analysis ---------------- ED_PRI CAN-2001-0378 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0407 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0407 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010318 potential vulnerability of mysqld running with root privileges (can be used as good DoS or r00t expoloit) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0237.html Reference: BUGTRAQ:20010327 MySQL 3.23.36 is relased (fwd) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0396.html Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot). Analysis ---------------- ED_PRI CAN-2001-0407 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0461 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0461 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010309 Cgisecurity.com advisory #4 The Free On-line Dictionary of Computing Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0109.html Reference: CONFIRM:http://wombat.doc.ic.ac.uk/foldoc/index.html Reference: XF:foldoc-cgi-execute-commands Reference: URL:http://xforce.iss.net/static/6217.php template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows remote attackers to read files and execute commands via shell metacharacters in the argument to template.cgi. Analysis ---------------- ED_PRI CAN-2001-0461 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0474 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0474 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: MANDRAKE:MDKSA-2001:029 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-029.php3 Reference: XF:mesa-utahglx-symlink Reference: URL:http://xforce.iss.net/static/6231.php Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file. Analysis ---------------- ED_PRI CAN-2001-0474 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0475 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0475 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010315 vBulletin allows arbitrary code execution Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0180.html Reference: BID:2474 Reference: URL:http://www.securityfocus.com/bid/2474 Reference: CONFIRM:http://www.vbulletin.com/forum/showthread.php?s=b20af207b5b908ecf7a4ecf56fbe3cd3&threadid=10839 Reference: XF:vbulletin-php-elevate-privileges Reference: URL:http://xforce.iss.net/static/6237.php index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote attackers to execute arbitrary PHP code via special characters in the templatecache parameter. Analysis ---------------- ED_PRI CAN-2001-0475 2 Vendor Acknowledgement: yes bulletin-board Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0355 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0355 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010210 Novell Groupwise Client Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98185226715517&w=2 Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies. Analysis ---------------- ED_PRI CAN-2001-0355 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0358 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0358 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010309 Advisory: Half-life server buffer overflows and formatting vulnerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0111.html Reference: XF:halflife-config-file-bo Reference: URL:http://xforce.iss.net/static/6221.php Reference: XF:halflife-map-bo Reference: URL:http://xforce.iss.net/static/6218.php Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via (1) a long map command, (2) a long exec command, or (3) long input in a configuration file. Analysis ---------------- ED_PRI CAN-2001-0358 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0359 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0359 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010309 Advisory: Half-life server buffer overflows and formatting vulnerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0111.html Reference: XF:halflife-map-format-string Reference: URL:http://xforce.iss.net/static/6220.php Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command. Analysis ---------------- ED_PRI CAN-2001-0359 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0360 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0360 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010311 Ikonboard v2.1.7b "show files" vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0124.html Reference: BID:2471 Reference: URL:http://www.securityfocus.com/bid/2471 Reference: XF:ikonboard-cgi-read-files Reference: URL:http://xforce.iss.net/static/6216.php Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitary files via a .. (dot dot) attack in the helpon parameter. Analysis ---------------- ED_PRI CAN-2001-0360 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0369 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0369 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010319 DGUX lpsched buffer overflow Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98511407131984&w=2 Reference: XF:dgux-lpsched-bo Reference: URL:http://xforce.iss.net/static/6258.php Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name). Analysis ---------------- ED_PRI CAN-2001-0369 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0370 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0370 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010320 fcheck prior to 2.07.59 - vulnerability - improper use of perl 'magic open' Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98521301510554&w=2 Reference: XF:fcheck-open-execute-commands Reference: URL:http://xforce.iss.net/static/6256.php fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters. Analysis ---------------- ED_PRI CAN-2001-0370 3 Vendor Acknowledgement: unknown This is similar to CVE-2000-0296, but the affected source code looks different, and version 2.57.59 source code doesn't have the problem as reported in CVE-2000-0296. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0381 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0381 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010319 Have they found a serious PGP vulnerability?! Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0252.html Reference: BUGTRAQ:20010320 Yes, they have found a serious PGP vulnerability...sort of Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0274.html Reference: BUGTRAQ:20010322 Re: Yes, they have found a serious PGP vulnerability...sort of Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0311.html The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key. Analysis ---------------- ED_PRI CAN-2001-0381 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0415 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0415 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010320 Password stored in clear text vulnerability in real time stock trading program Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0275.html Reference: BID:2495 Reference: URL:http://www.securityfocus.com/bid/2495 Reference: XF:rediplus-weak-security Reference: URL:http://xforce.iss.net/static/6276.php REDIPlus program, REDI.exe, stores passwords and user names in cleartext in the StartLog.txt log file, which allows local users to gain access to other accounts. Analysis ---------------- ED_PRI CAN-2001-0415 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0425 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0425 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010219 Adcycle 0.78b Authentication Reference: URL:http://www.securityfocus.com/archive/1/163942 Reference: BID:2393 Reference: URL:http://www.securityfocus.com/bid/2393 AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information. Analysis ---------------- ED_PRI CAN-2001-0425 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0449 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0449 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010302 def-2001-09: Winzip32 zipandemail Buffer Overflow Reference: URL:http://www.securityfocus.com/archive/1/166211 Reference: XF:winzip-zipandemail-bo Reference: URL:http://xforce.iss.net/static/6191.php Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option. Analysis ---------------- ED_PRI CAN-2001-0449 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0450 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0450 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: Reference: BUGTRAQ:20010303 Broker Ftp Server 5.0 Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0533.html Reference: CONFIRM:http://www.ftp-broker.com/cgibin/Pageexe.exe?H=4143&P=0&C=0 Reference: XF:broker-ftp-delete-files Reference: URL:http://xforce.iss.net/static/6190.php Reference: XF:broker-ftp-list-directories Reference: URL:http://xforce.iss.net/static/6189.php Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name. Analysis ---------------- ED_PRI CAN-2001-0450 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0451 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0451 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010307 INDEXU Authentication By-Pass Reference: URL:http://www.securityfocus.com/archive/1/167172 Reference: XF:indexu-gain-access Reference: URL:http://xforce.iss.net/static/6202.php INDEXU 2.0 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the cookie_admin_authenticated cookie value to 1. Analysis ---------------- ED_PRI CAN-2001-0451 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0454 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0454 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010303 SlimServe HTTPd ver. 1.1a Directory Traversal Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0532.html Reference: XF:slimserve-httpd-directory-traversal Reference: URL:http://xforce.iss.net/static/6186.php Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request. Analysis ---------------- ED_PRI CAN-2001-0454 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0458 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0458 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: DEBIAN:DSA-034 Reference: URL:http://www.debian.org/security/2001/dsa-034 Reference: MANDRAKE:MDKSA-2001:027 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-027.php3 Reference: SUSE:SuSE-SA:2001:08 Reference: URL:http://www.suse.de/de/support/security/2001_008_eperl.txt Reference: BID:2464 Reference: URL:http://www.securityfocus.com/bid/2464 Reference: XF:linux-eperl-bo Reference: URL:http://xforce.iss.net/static/6198.php Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2001-0458 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0459 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0459 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: Reference: BUGTRAQ:20010308 ascdc Buffer Overflow Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98408897106411&w=2 Reference: XF:ascdc-afterstep-bo Reference: URL:http://xforce.iss.net/static/6204.php Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long (1) -d option, (2) -m option, or (3) -f option. Analysis ---------------- ED_PRI CAN-2001-0459 3 Vendor Acknowledgement: Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0460 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0460 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010308 def-2001-10: Websweeper Infinite HTTP Request DoS Reference: URL:http://www.securityfocus.com/archive/1/167406 Reference: XF:websweeper-http-dos Reference: URL:http://xforce.iss.net/static/6214.php Websweeper 4.0 does not limit the length of certain HTTP headers, which allows remote attackers to cause a denial of service (memory exhaustion) via an extremely large HTTP Referrer: header. Analysis ---------------- ED_PRI CAN-2001-0460 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0468 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0468 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010313 Buffer oveflow in FTPFS (linux kernel module) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0163.html Reference: XF:ftpfs-bo Reference: URL:http://xforce.iss.net/static/6234.php Buffer overflow in FTPFS allows local users to gain root privileges via a long user name. Analysis ---------------- ED_PRI CAN-2001-0468 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0470 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0470 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010313 Solaris 5.8 snmpd Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0160.html Reference: BUGTRAQ:20010315 Re: Solaris 5.8 snmpd Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0181.html Reference: XF:snmpd-argv-bo Reference: URL:http://xforce.iss.net/static/6239.php Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name. Analysis ---------------- ED_PRI CAN-2001-0470 3 Vendor Acknowledgement: unknown A followup indicates that this might not be exploitable, as a static variable is overflowed. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0471 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0471 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010205 SSHD-1 Logging Vulnerability Reference: URL:http://www.securityfocus.com/archive/1/160648 Reference: BID:2345 Reference: URL:http://www.securityfocus.com/bid/2345 SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack. Analysis ---------------- ED_PRI CAN-2001-0471 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0472 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0472 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010320 def-2001-12: Hursley Software Laboratories Consumer Transaction Framework DoS Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0243.html Reference: XF:hslctf-http-dos Reference: URL:http://xforce.iss.net/static/6250.php Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) HTTP object allows remote attackers to cause a denial of service (crash) via an extremely long HTTP request. Analysis ---------------- ED_PRI CAN-2001-0472 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0476 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0476 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010318 Aspseek Buffer Overflow Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0233.html Reference: BID:2492 Reference: URL:http://www.securityfocus.com/bid/2492 Reference: CONFIRM:http://www.aspseek.org/changes.html Reference: XF:aspseek-scgi-bo Reference: URL:http://xforce.iss.net/static/6248.php Multiple buffer overflows in s.cgi program in Aspseek search engine 1.03 and earlier allow remote attackers to execute arbitrary commands via (1) a long HTTP query string, or (2) a long tmpl paramater. Analysis ---------------- ED_PRI CAN-2001-0476 3 Vendor Acknowledgement: yes changelog Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
