[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PROPOSAL] Cluster RECENT-64 - 21 candidates



I have proposed cluster RECENT-64 for review and voting by the
Editorial Board.

Name: RECENT-64
Description: Candidates announced between 4/2/2001 and 4/21/2001
Size: 21

You may vote on candidates by modifying this email ballot and sending
it back to me, or by using the CVE voting web site.

The candidates are listed in order of priority.  Priority 1 and
Priority 2 candidates both deal with varying levels of vendor
confirmation, so they should be easy to review and it can be trusted
that the problems are real.

If you discover that any RECENT-XX cluster is incomplete with respect
to the problems discovered during the associated time frame, please
send that information to me so that candidates can be assigned.


Summary of votes to use (in ascending order of "severity")
----------------------------------------------------------

ACCEPT - voter accepts the candidate as proposed
NOOP - voter has no opinion on the candidate
MODIFY - voter wants to change some MINOR detail (e.g. reference/description)
REVIEWING - voter is reviewing/researching the candidate, or needs more info
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

1) Please write your vote on the line that starts with "VOTE: ".  If
   you want to add comments or details, add them to lines after the
   VOTE: line.

2) If you see any missing references, please mention them so that they
   can be included.  References help greatly during mapping.

3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes.
   So if you don't have sufficient information for a candidate but you
   don't want to NOOP, use a REVIEWING.

********** NOTE ********** NOTE ********** NOTE ********** NOTE **********

Please keep in mind that your vote and comments will be recorded and
publicly viewable in the mailing list archives or in other formats.

======================================================
Candidate: CAN-2001-0596
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0596
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010409 Netscape 4.76 gif comment flaw
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98685237415117&w=2
Reference: DEBIAN:DSA-051
Reference: URL:http://www.debian.org/security/2001/dsa-051
Reference: CONECTIVA:CLA-2001:393
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000393
Reference: REDHAT:RHSA-2001:046
Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-046.html
Reference: XF:netscape-javascript-access-data(6344)
Reference: URL:http://xforce.iss.net/static/6344.php

Netscape Communicator prior to 4.77 allows a remote attacker to execute
arbitrary javascript via specially crafted GIF images.  The javascript
is embedded in the GIF file as a comment.

Analysis
----------------
ED_PRI CAN-2001-0596 1
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0609
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0609
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010411 CFINGERD remote vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0202.html
Reference: DEBIAN:DSA-048
Reference: URL:http://www.debian.org/security/2001/dsa-048
Reference: BID:2576
Reference: URL:http://www.securityfocus.com/bid/2576
Reference: XF:cfingerd-remote-format-string(6364)
Reference: URL:http://xforce.iss.net/static/6364.php

Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier
allows a remote attacker to gain additional privileges via a malformed
ident reply that is passed to the syslog function.

Analysis
----------------
ED_PRI CAN-2001-0609 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0623
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0623
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: DEBIAN:DSA-052
Reference: URL:http://www.debian.org/security/2001/dsa-052
Reference: XF:saft-sendfiled-execute-code(6430)
Reference: URL:http://xforce.iss.net/static/6430.php

sendfiled, as included with Simple Asynchronous File Transfer (SAFT),
on various Linux systems does not properly drop privileges when
sending notification emails, which allows local attackers to gain
privileges.

Analysis
----------------
ED_PRI CAN-2001-0623 1
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0573
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0573
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: AIX-APAR:IY16909
Reference: URL:http://archives.neohapsis.com/archives/aix/2001-q2/0000.html

lsfs in AIX 4.x allows a local user to gain additional privileges by
creating Trojan horse programs named (1) grep or (2) lslv in a certain
directory that is under the user's control, which cause lsfs to access
the programs in that directory.

Analysis
----------------
ED_PRI CAN-2001-0573 2
Vendor Acknowledgement: yes advisory

The information does not mention a specific version for AIX or lsfs.

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0590
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0590
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010403 Re: Tomcat may reveal script source code by URL trickery
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0031.html

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a
remote attacker to read the source code to arbitrary 'jsp' files via a
malformed URL request which does not end with an HTTP protocol
specification (i.e. HTTP/1.0)

Analysis
----------------
ED_PRI CAN-2001-0590 2
Vendor Acknowledgement: yes changelog

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0592
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0592
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010405 def-2001-18: Watchguard Firebox II Kernel DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0054.html
Reference: XF:firebox-kernel-dos(6327)
Reference: URL:http://xforce.iss.net/static/6327.php

Watchguard Firebox II prior to 4.6 allows a remote attacker to create
a denial of service in the kernel via a large stream (>10,000) of
malformed ICMP or TCP packets.

Analysis
----------------
ED_PRI CAN-2001-0592 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0594
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0594
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010409 Solaris kcms_configure vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0140.html
Reference: BID:2558
Reference: URL:http://www.securityfocus.com/bid/2558
Reference: XF:solaris-kcms-command-bo(6359)
Reference: URL:http://xforce.iss.net/static/6359.php

kcms_configure as included with Solaris 7 and 8 allows a local
attacker to gain additional privileges via a buffer overflow in a
command line argument.

Analysis
----------------
ED_PRI CAN-2001-0594 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0595
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0595
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010411 [LSD] Solaris kcsSUNWIOsolf.so and dtsession vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0203.html
Reference: XF:solaris-kcssunwiosolf-bo(6365)
Reference: URL:http://xforce.iss.net/static/6365.php

Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8
allows local attackers to execute arbitrary commands via the
KCMS_PROFILES environmental variable, e.g. in the kcms_configure
program.as with the kcms_configure program.

Analysis
----------------
ED_PRI CAN-2001-0595 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0597
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0597
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010410 Catastrophic failure of Strip password generation.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0169.html
Reference: BID:2567
Reference: URL:http://www.securityfocus.com/bid/2567
Reference: XF:strip-weak-passwords(6362)
Reference: URL:http://xforce.iss.net/static/6362.php

Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and
earlier for the PalmOS allows a local attacker to recover passwords
via a brute force attack.  This attack is made feasible by STRIP's use
of SysRandom, which is seeded by TimeGetTicks, and an implementation
flaw which vastly reduces the password 'search space'.

Analysis
----------------
ED_PRI CAN-2001-0597 3
Vendor Acknowledgement: unknown
Content Decisions: DESIGN-WEAK-ENCRYPTION

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0598
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0598
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010411 def-2001-21: Ghost Multiple DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0175.html
Reference: XF:ghost-configuration-server-dos(6357)
Reference: URL:http://xforce.iss.net/static/6357.php
Reference: BID:2570
Reference: URL:http://www.securityfocus.com/bid/2570

Symantec Ghost 6.5 and earlier allows a remote attacker to create a
denial of service by sending large (> 45Kb) amounts of data to the
Ghost Configuration Server on port 1347, which triggers an error that
is not properly handled.

Analysis
----------------
ED_PRI CAN-2001-0598 3
Vendor Acknowledgement: unknown
Content Decisions: SF-LOC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0599
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0599
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010411 def-2001-21: Ghost Multiple DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0175.html
Reference: XF:ghost-database-engine-dos(6356)
Reference: URL:http://xforce.iss.net/static/6356.php
Reference: BID:2572
Reference: URL:http://www.securityfocus.com/bid/2572

Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier
as included with Symantec Ghost 6.5 allows a remote attacker to create
a denial of service by sending large (> 45Kb) amounts of data to port
2638.

Analysis
----------------
ED_PRI CAN-2001-0599 3
Vendor Acknowledgement: unknown
Content Decisions: SF-LOC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0600
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0600
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010411 def-2001-20: Lotus Domino Multiple DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0174.html
Reference: XF:lotus-domino-header-dos(6347)
Reference: URL:http://xforce.iss.net/static/6347.php

Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a
denial of service via repeated URL requests with the same HTTP
headers, such as (1) Accept, (2) Accept-Charset, (3) Accept-Encoding,
(4) Accept-Language, and (5) Content-Type.

Analysis
----------------
ED_PRI CAN-2001-0600 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0601
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0601
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010411 def-2001-20: Lotus Domino Multiple DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0174.html
Reference: XF:lotus-domino-unicode-dos(6349)
Reference: URL:http://xforce.iss.net/static/6349.php

Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a
denial of service via HTTP requests containing certain combinations of
UNICODE characters.

Analysis
----------------
ED_PRI CAN-2001-0601 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0602
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0602
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010411 def-2001-20: Lotus Domino Multiple DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0174.html
Reference: XF:lotus-domino-device-dos(6348)
Reference: URL:http://xforce.iss.net/static/6348.php

Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a
denial of service via repeated (>400) URL requests for DOS devices.

Analysis
----------------
ED_PRI CAN-2001-0602 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0603
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0603
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010411 def-2001-20: Lotus Domino Multiple DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0174.html
Reference: XF:lotus-domino-corba-dos(6350)
Reference: URL:http://xforce.iss.net/static/6350.php

Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a
denial of service via repeatedly sending large (> 10Kb) amounts of
data to the DIIOP - CORBA service on TCP port 63148.

Analysis
----------------
ED_PRI CAN-2001-0603 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0604
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0604
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010411 def-2001-20: Lotus Domino Multiple DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0174.html
Reference: XF:lotus-domino-url-dos(6351)
Reference: URL:http://xforce.iss.net/static/6351.php

Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a
denial of service via URL requests (>8Kb) containing a large number of
'/' characters.

Analysis
----------------
ED_PRI CAN-2001-0604 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0610
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0610
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010418 Insecure directory handling in KFM file manager
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html
Reference: XF:kfm-tmpfile-symlink(6428)
Reference: URL:http://xforce.iss.net/static/6428.php

kfm as included with KDE 1.x can allow a local attacker to gain
additional privileges via a symlink attack in the kfm cache directory
in /tmp.

Analysis
----------------
ED_PRI CAN-2001-0610 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0618
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0618
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: CF
Reference: BUGTRAQ:20010402 RG-1000 802.11 Residential Gateway default WEP key disclosure flaw
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0020.html
Reference: XF:orinoco-rg1000-wep-key(6328)
Reference: URL:http://xforce.iss.net/static/6328.php

Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of
the 'Network Name' or SSID as the default Wired Equivalent Privacy
(WEP) encryption key.  Since the SSID occurs in the clear during
communications, a remote attacker could determine the WEP key and
decrypt RG-1000 traffic.

Analysis
----------------
ED_PRI CAN-2001-0618 3
Vendor Acknowledgement: unknown
Content Decisions: CF-PASS

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0619
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0619
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: unknown
Reference: BUGTRAQ:20010402 Design Flaw in Lucent/Orinoco 802.11 proprietary access control- closed network
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0015.html

The Lucent Closed Network protocol can allow remote attackers to join
Closed Network networks which they do not have access to.  The 'Network Name'
or SSID, which is used as a shared secret to join the network, is transmitted
in the clear.

Analysis
----------------
ED_PRI CAN-2001-0619 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0620
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0620
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: BUGTRAQ:20010418 iplanet calendar server 5.0p2 exposes Netscape Admin Server master password
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0320.html
Reference: XF:iplanet-calendar-plaintext-password(6402)
Reference: URL:http://xforce.iss.net/static/6402.php

iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to
gain access to the Netscape Admin Server (NAS) LDAP database and read
arbitrary files by obtaining the cleartext administrator username and
password from the configuration file, which has insecure permissions.

Analysis
----------------
ED_PRI CAN-2001-0620 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0624
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0624
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010727
Assigned: 20010727
Category: SF
Reference: VULN-DEV:20010421 QNX FIle Read Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/vuln-dev/2001-q2/0266.html
Reference: XF:qnx-fat-file-read
Reference: URL:http://xforce.iss.net/static/6437.php

QNX 2.4 allows a local user to read arbitrary files by directly
accessing the mount point for the FAT disk partition, e.g. /fs-dos.

Analysis
----------------
ED_PRI CAN-2001-0624 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

Page Last Updated or Reviewed: May 22, 2007