[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PROPOSAL] Cluster RECENT-61 - 40 candidates

I have proposed cluster RECENT-61 for review and voting by the
Editorial Board.

Name: RECENT-61
Description: Candidates announced between 4/10/2001 and 4/20/2001
Size: 40

You may vote on candidates by modifying this email ballot and sending
it back to me, or by using the CVE voting web site.

The candidates are listed in order of priority.  Priority 1 and
Priority 2 candidates both deal with varying levels of vendor
confirmation, so they should be easy to review and it can be trusted
that the problems are real.

If you discover that any RECENT-XX cluster is incomplete with respect
to the problems discovered during the associated time frame, please
send that information to me so that candidates can be assigned.



Summary of votes to use (in ascending order of "severity")
----------------------------------------------------------

ACCEPT - voter accepts the candidate as proposed
NOOP - voter has no opinion on the candidate
MODIFY - voter wants to change some MINOR detail (e.g. reference/description)
REVIEWING - voter is reviewing/researching the candidate, or needs more info
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

1) Please write your vote on the line that starts with "VOTE: ".  If
   you want to add comments or details, add them to lines after the
   VOTE: line.

2) If you see any missing references, please mention them so that they
   can be included.  References help greatly during mapping.

3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes.
   So if you don't have sufficient information for a candidate but you
   don't want to NOOP, use a REVIEWING.

********** NOTE ********** NOTE ********** NOTE ********** NOTE **********

Please keep in mind that your vote and comments will be recorded and
publicly viewable in the mailing list archives or in other formats.

======================================================
Candidate: CAN-2001-0238
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0238
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010319
Category: SF
Reference: MS:MS01-022
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-022.asp

Microsoft Data Access Component Internet Publishing Provider
8.103.2519.0 and earlier allows remote attackers to bypass Security
Zone restrictions via WebDAV requests.

Analysis
----------------
ED_PRI CAN-2001-0238 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0239
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0239
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010319
Category: SF
Reference: BUGTRAQ:20010416 [SX-20010320-2] - Microsoft ISA Server Denial of Service
Reference: URL:http://www.securityfocus.com/archive/1/176912
Reference: BUGTRAQ:20010427 Microsoft ISA Server Vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/179986
Reference: BUGTRAQ:20010417 [SX-20010320-2b] - Followup re. Microsoft ISA Server Denial of Service
Reference: URL:http://www.securityfocus.com/archive/1/177160
Reference: MS:MS01-021
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-021.asp
Reference: BID:2600
Reference: URL:http://www.securityfocus.com/bid/2600

Microsoft Internet Security and Acceleration (ISA) Server 2000 Web
Proxy allows remote attackers to cause a denial of service, and
possibly execute arbitrary commands, via a long web request with a
specific type.

Analysis
----------------
ED_PRI CAN-2001-0239 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0387
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0387
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010412 HylaFAX vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/175963
Reference: BUGTRAQ:20010415 **SECURITY ADVISORY** - HylaFAX format string vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0236.html
Reference: FREEBSD:FreeBSD-SA-01:34
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-04/0606.html
Reference: SUSE:SuSE-SA:2001:15
Reference: URL:http://lists.suse.com/archives/suse-security-announce/2001-Apr/0005.html
Reference: MANDRAKE:MDKSA-2001:041
Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-041.php3
Reference: BID:2574
Reference: URL:http://www.securityfocus.com/bid/2574

Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows
local users to gain privileges via the -q command line argument.

Analysis
----------------
ED_PRI CAN-2001-0387 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0405
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0405
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010416 Tempest Security Techonologies -- Adivsory #01/2001 -- Linux IPTables
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0271.html
Reference: REDHAT:RHSA-2001:052
Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-052.html
Reference: BID:2602
Reference: URL:http://www.securityfocus.com/bid/2602

ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote
attackers to bypass access restrictions for an FTP server via a PORT
command that lists an arbitrary IP address and port number, which is
added to the RELATED table and allowed by the firewall.

Analysis
----------------
ED_PRI CAN-2001-0405 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0428
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0428
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: CISCO:20010412 VPN 3000 Concentrator IP Options Vulnerability
Reference: URL:http://www.cisco.com/warp/public/707/vpn3k-ipoptions-vuln-pub.shtml
Reference: BID:2573
Reference: URL:http://www.securityfocus.com/bid/2573

Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote
attackers to cause a denial of service via an IP packet with an
invalid IP option.

Analysis
----------------
ED_PRI CAN-2001-0428 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0429
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0429
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: CISCO:20010416 Catalyst 5000 Series 802.1x Vulnerability
Reference: URL:http://www.cisco.com/warp/public/707/cat5k-8021x-vuln-pub.shtml
Reference: BID:2604
Reference: URL:http://www.securityfocus.com/bid/2604

Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an
802.1x frame on a Spanning Tree Protocol (STP) blocked port, which
causes a network storm and a denial of service.

Analysis
----------------
ED_PRI CAN-2001-0429 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0430
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0430
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: DEBIAN:DSA-046
Reference: URL:http://archives.neohapsis.com/archives/vendor/2001-q2/0005.html

Vulnerability in exuberant-ctags before 3.2.4-0.1 creates temporary
files insecurely.

Analysis
----------------
ED_PRI CAN-2001-0430 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0434
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0434
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: COMPAQ:SSRT0716
Reference: URL:http://ftp.support.compaq.com/patches/.new/html/SSRT0716-01.shtml

The LogDataListToFile ActiveX function used in (1) Knowledge Center
and (2) Back web components of Compaq Presario computers allows remote
attackers to modify arbitrary files and cause a denial of service.

Analysis
----------------
ED_PRI CAN-2001-0434 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0439
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0439
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: CONECTIVA:CLA-2001:389
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000389
Reference: MANDRAKE:MDKSA-2001:032
Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3
Reference: FREEBSD:FreeBSD-SA-01:35
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html
Reference: XF:licq-url-execute-commands
Reference: URL:http://xforce.iss.net/static/6261.php

licq before 1.0.3 allows remote attackers to execute arbitrary
commands via shell metacharacters in a URL.

Analysis
----------------
ED_PRI CAN-2001-0439 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0440
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0440
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: CONECTIVA:CLA-2001:389
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000389
Reference: MANDRAKE:MDKSA-2001:032
Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3
Reference: FREEBSD:FreeBSD-SA-01:35
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html

Buffer overflow in logging functions of licq before 1.0.3 allows
remote attackers to cause a denial of service, and possibly execute
arbitrary commands.

Analysis
----------------
ED_PRI CAN-2001-0440 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0327
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0327
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010413
Category: SF/CF/MP/SA/AN/unknown
Reference: ATSTAKE:A041601-1
Reference: URL:http://www.atstake.com/research/advisories/2001/a041601-1.txt

Buffer overflow in iPlanet Web Server Enterprise Edition 4.1 and
earlier allows remote attackers to retrieve sensitive data from memory
allocation pools via a long Location: and Host: header in the HTTP
request.

Analysis
----------------
ED_PRI CAN-2001-0327 2
Vendor Acknowledgement: yes patch

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0386
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0386
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010417 Advisory for SimpleServer:WWW (analogX)
Reference: URL:http://www.securityfocus.com/archive/1/177156
Reference: BID:2608
Reference: URL:http://www.securityfocus.com/bid/2608

AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a
denial of service via an HTTP request to the /aux directory.

Analysis
----------------
ED_PRI CAN-2001-0386 2
Vendor Acknowledgement: yes patch

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0431
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0431
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010417 iPlanet Web Server 4.x Product Alert
Reference: URL:http://www.iplanet.com/products/iplanet_web_enterprise/iwsalert4.16.html
Reference: CONFIRM:http://www.iplanet.com/products/iplanet_web_enterprise/iwsalert4.16.html

Vulnerability in iPlanet Web Server Enterprise Edition 4.x.

Analysis
----------------
ED_PRI CAN-2001-0431 2
Vendor Acknowledgement: yes advisory

There is almost no information at all in the announcement by iPlanet,
so it is difficult to tell if this is associated with any recently
published vulnerabilities in the server.

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0437
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0437
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010416 qDefense Advisory: DCForum allows remote read/write/execute
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0269.html
Reference: BID:2611
Reference: URL:http://www.securityfocus.com/bid/2611
Reference: CONFIRM:http://www.dcscripts.com/FAQ/sec_2001_03_31.html

upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload
arbitrary files without authentication by setting the az parameter to
upload_file.

Analysis
----------------
ED_PRI CAN-2001-0437 2
Vendor Acknowledgement: yes patch

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0444
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0444
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010420 Bug in Cisco CBOS v2.3.0.053
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0380.html
Reference: BID:2635
Reference: URL:http://www.securityfocus.com/bid/2635

Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat")
command to the terminal of the next user who attempts to connect to
the router via telnet, which could allow that user to obtain sensitive
information.

Analysis
----------------
ED_PRI CAN-2001-0444 2
Vendor Acknowledgement: yes followup

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0486
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0486
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: VULN-DEV:20010402 (no subject)
Reference: URL:http://archives.neohapsis.com/archives/vuln-dev/2001-q2/0020.html
Reference: BUGTRAQ:20010420 Novell BorderManager 3.5 VPN Denial of Service
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98779821207867&w=2
Reference: CONFIRM:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2959062.htm
Reference: BUGTRAQ:20010429 Proof of concept DoS against novell border manager enterprise
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98865027328391&w=2
Reference: BUGTRAQ:20010501 Re: Proof of concept DoS against novell border manager enterprise edition 3.5
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0000.html
Reference: BID:2623
Reference: URL:http://www.securityfocus.com/bid/2623

Remote attackers can cause a denial of service in Novell BorderManager
3.6 and earlier by sending TCP SYN flood to port 353.

Analysis
----------------
ED_PRI CAN-2001-0486 2
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0262
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0262
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010402
Category: SF
Reference: ATSTAKE:A041301-1
Reference: URL:http://www.atstake.com/research/advisories/2001/a041301-1.txt

Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers
(malicious web pages) to execute arbitrary commands via a long URL.

Analysis
----------------
ED_PRI CAN-2001-0262 3
Vendor Acknowledgement: unknown
Content Decisions: SF-LOC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0354
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0354
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010420 CheckBO Win9x memo overflow
Reference: URL:http://www.securityfocus.com/archive/1/178061
Reference: BID:2634
Reference: URL:http://www.securityfocus.com/bid/2634

TheNet CheckBO 1.56 allows remote attackers to cause a denial of
service via a flood of characters to the TCP ports which it is
listening on.

Analysis
----------------
ED_PRI CAN-2001-0354 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0384
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0384
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010414 Re: Reliant Unix 5.43 / 5.44 ICMP port unreachable problem
Reference: URL:http://www.securityfocus.com/archive/1/176709
Reference: BID:2606
Reference: URL:http://www.securityfocus.com/bid/2606

ppd in Reliant Sinix allows local users to corrupt arbitrary files via
a symlink attack in the /tmp/ppd.trace file.

Analysis
----------------
ED_PRI CAN-2001-0384 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0385
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0385
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010417 Advisory for GoAhead Webserver v2.1
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0281.html
Reference: BID:2607
Reference: URL:http://www.securityfocus.com/bid/2607

GoAhead webserver 2.1 allows remote attackers to cause a denial of
service via an HTTP request to the /aux directory.

Analysis
----------------
ED_PRI CAN-2001-0385 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0389
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0389
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BID:2587
Reference: URL:http://www.securityfocus.com/bid/2587
Reference: BUGTRAQ:20010413 [LoWNOISE] IBM Websphere/NetCommerce3 DoS and one more.
Reference: URL:http://www.securityfocus.com/archive/1/176100

IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine
the real path of the server by directly calling the macro.d2w macro
with a NOEXISTINGHTMLBLOCK argument.

Analysis
----------------
ED_PRI CAN-2001-0389 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0390
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0390
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010413 [LoWNOISE] IBM Websphere/NetCommerce3 DoS and one more.
Reference: URL:http://www.securityfocus.com/archive/1/176100
Reference: BID:2588
Reference: URL:http://www.securityfocus.com/bid/2588

IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a
denial of service by directly calling the macro.d2w macro with a long
string of %0a characters.

Analysis
----------------
ED_PRI CAN-2001-0390 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0391
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0391
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010417 Advisory for Xitami 2.4d7, 2.5d4
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0277.html

Xitami 2.5d4 and earlier allows remote attackers to crash the server
via an HTTP request to the /aux directory.

Analysis
----------------
ED_PRI CAN-2001-0391 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0395
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0395
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010410 Console 3200 telnetd problem.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0170.html
Reference: BID:2578
Reference: URL:http://www.securityfocus.com/bid/2578

Lightwave ConsoleServer 3200 does not disconnect users after
unsuccessful login attempts, which could allow remote attackers to
conduct brute force password guessing.

Analysis
----------------
ED_PRI CAN-2001-0395 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0396
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0396
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010410 Console 3200 telnetd problem.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0170.html
Reference: BID:2578
Reference: URL:http://www.securityfocus.com/bid/2578

The pre-login mode in the System Administrator interface of Lightwave
ConsoleServer 3200 allows remote attackers to obtain sensitive
information such as system status, configuration, and users.

Analysis
----------------
ED_PRI CAN-2001-0396 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0400
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0400
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010410 CGI - nph-maillist.pl vulnerability...
Reference: URL:http://www.securityfocus.com/archive/1/175506
Reference: BID:2563
Reference: URL:http://www.securityfocus.com/bid/2563

nph-maillist.pl allows remote attackers to execute arbitrary commands
via shell metacharacters ("`") in the email address.

Analysis
----------------
ED_PRI CAN-2001-0400 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0406
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0406
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010417 Samba 2.0.8 security fix
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0305.html
Reference: DEBIAN:DSA-048
Reference: URL:http://www.debian.org/security/2001/dsa-048
Reference: CALDERA:CSSA-2001-015.0
Reference: URL:http://www.caldera.com/support/security/advisories/CSSA-2001-015.0.txt
Reference: BUGTRAQ:20010418 TSLSA-#2001-0005 - samba
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0319.html
Reference: BUGTRAQ:20010418 PROGENY-SA-2001-05: Samba /tmp vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0326.html
Reference: CONECTIVA:CLA-2001:395
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000395
Reference: FREEBSD:FreeBSD-SA-01:36
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-04/0608.html
Reference: MANDRAKE:MDKSA-2001:040
Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-040.php3

Samba before 2.2.0 allows local attackers to overwrite arbitrary files
via a symlink attack using (1) a printer queue query, (2) the more
command in smbclient, or (3) the mput command in smbclient.

Analysis
----------------
ED_PRI CAN-2001-0406 3
Vendor Acknowledgement: yes advisory
Content Decisions: SF-EXEC, SF-LOC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0418
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0418
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010413 Exploitable NCM.at - Content Management System
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0223.html
Reference: BID:2584
Reference: URL:http://www.securityfocus.com/bid/2584

content.pl script in NCM Content Management System allows remote
attackers to read arbitrary contents of the content database by
inserting SQL characters into the id parameter.

Analysis
----------------
ED_PRI CAN-2001-0418 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0419
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0419
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010410 Oracle Application Server shared library buffer overflow
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98692227816141&w=2
Reference: BID:2569
Reference: URL:http://www.securityfocus.com/bid/2569

Buffer overflow in shared library ndwfn4.so for iPlanet Web Server
(iWS) 4.1, when used as a web listener for Oracle application server
4.0.8.2, allows remote attackers to execute arbitrary commands via a
long HTTP request that is passed to the application server, such as
/jsp/.

Analysis
----------------
ED_PRI CAN-2001-0419 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0421
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0421
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010417 Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit !
Reference: URL:http://www.securityfocus.com/archive/1/177200
Reference: BID:2601
Reference: URL:http://www.securityfocus.com/bid/2601

FTP server in Solaris 8 and earlier allows local and remote attackers
to cause a core dump in the root directory, possibly with
world-readable permissions, by providing a valid username with an
invalid password followed by a CWD ~ command, which could release
sensitive information such as shadowed passwords, or fill the disk
partition.

Analysis
----------------
ED_PRI CAN-2001-0421 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0422
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0422
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010410 Solaris Xsun buffer overflow vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0158.html
Reference: BID:2561
Reference: URL:http://www.securityfocus.com/bid/2561

Buffer overflow in Xsun in Solaris 8 and earlier allows local users to
execute arbitrary commands via a long HOME environmental variable.

Analysis
----------------
ED_PRI CAN-2001-0422 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0423
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0423
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010412 Solaris ipcs vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0217.html
Reference: BID:2581
Reference: URL:http://www.securityfocus.com/bid/2581

Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute
arbitrary commands via a long TZ (timezone) environmental variable.

Analysis
----------------
ED_PRI CAN-2001-0423 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0424
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0424
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010415 BubbleMon 1.31
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98744422105430&w=2
Reference: BID:2609
Reference: URL:http://www.securityfocus.com/bid/2609

BubbleMon 1.31 does not properly drop group privileges before
executing programs, which allows local users to execute arbitrary
commands with the kmem group id.

Analysis
----------------
ED_PRI CAN-2001-0424 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0426
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0426
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010411 [LSD] Solaris kcsSUNWIOsolf.so and dtsession vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0203.html

Buffer overflow in dtsession on Solaris, and possibly other operating
systems, allows local users to gain privileges via a long LANG
environmental variable.

Analysis
----------------
ED_PRI CAN-2001-0426 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0432
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0432
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010413 Trend Micro Interscan VirusWall 3.01 vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0218.html
Reference: BID:2579
Reference: URL:http://www.securityfocus.com/bid/2579

Buffer overflows in various CGI programs in the remote administration
service for Trend Micro Interscan VirusWall 3.01 allow remote
attackers to execute arbitrary commands.

Analysis
----------------
ED_PRI CAN-2001-0432 3
Vendor Acknowledgement: unknown discloser-claimed

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0435
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0435
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010410 [wsir-01/02-03] PGP 7.0 Split Key/Cached Passphrase Vulnerability
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98691775527457&w=2

The split key mechanism used by PGP 7.0 allows a key share holder to
obtain access to the entire key by setting the "Cache passphrase while
logged on" option and capturing the passphrases of other share holders
as they authenticate.

Analysis
----------------
ED_PRI CAN-2001-0435 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0436
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0436
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010416 qDefense Advisory: DCForum allows remote read/write/execute
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0269.html
Reference: CONFIRM:http://www.dcscripts.com/FAQ/sec_2001_03_31.html
Reference: BID:2611
Reference: URL:http://www.securityfocus.com/bid/2611

dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute
arbitrary commands by uploading a Perl program to the server and using
a .. (dot dot) in the AZ parameter to reference the program.

Analysis
----------------
ED_PRI CAN-2001-0436 3
Vendor Acknowledgement:

The patches suggested by DCScripts indicate that other programs may
have been affected, but it's not certain if the AZ parameter, or a
different one, is to blame.

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0438
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0438
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010418 Hole in Netopia's Mac OS X Timbuktu
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0337.html

Preview version of Timbuktu for Mac OS X allows local users to modify
System Preferences without logging in via the About Timbuktu menu.

Analysis
----------------
ED_PRI CAN-2001-0438 3
Vendor Acknowledgement:
Content Decisions: EX-BETA

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0443
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0443
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010413 QPC POPd Buffer Overflow Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0227.html

Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote
attackers to cause a denial of service, and possibly execute arbitrary
commands, via (1) a long username, or (2) a long password.

Analysis
----------------
ED_PRI CAN-2001-0443 3
Vendor Acknowledgement:
Content Decisions: SF-LOC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0464
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0464
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010524
Assigned: 20010524
Category: SF
Reference: BUGTRAQ:20010417 Cyberscheduler remote root compromise
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98761402029302&w=2

Buffer overflow in websync.exe in Cyberscheduler allows remote
attackers to execute arbitrary commands via a long tzs (timezone)
parameter.

Analysis
----------------
ED_PRI CAN-2001-0464 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:
Page Last Updated or Reviewed: May 22, 2007