|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster LEGACY-MISC-1998-A - 44 candidates
I am proposing cluster LEGACY-MISC-1998-A for review and voting by the Editorial Board. Name: LEGACY-MISC-1998-A Description: Legacy candidates announced between 1/1/1998 and 6/30/1998 Size: 44 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-1999-1037 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1037 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980626 vulnerability in satan, cops & tiger Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221103125976&w=2 Reference: BUGTRAQ:19980627 Re: vulnerability in satan, cops & tiger Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221103125986&w=2 rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rex.$$ file. Analysis ---------------- ED_PRI CAN-1999-1037 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1085 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1085 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980612 CORE-SDI-04: SSH insertion attack Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221103125884&w=2 Reference: BUGTRAQ:19980703 UPDATE: SSH insertion attack Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221104525878&w=2 SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum for the packet, aka the "SSH insertion attack." Analysis ---------------- ED_PRI CAN-1999-1085 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1204 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1204 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980511 Firewall-1 Reserved Keywords Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925912&w=2 Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator. Analysis ---------------- ED_PRI CAN-1999-1204 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1407 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1407 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980309 *sigh* another RH5 /tmp problem Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88950856416985&w=2 Reference: BID:368 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=368 ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. Analysis ---------------- ED_PRI CAN-1999-1407 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1015 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1015 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: Reference: BUGTRAQ:19980408 AppleShare IP Mail Server Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=89200657216213&w=2 Reference: BID:61 Reference: URL:http://www.securityfocus.com/bid/61 Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command. Analysis ---------------- ED_PRI CAN-1999-1015 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1027 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1027 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: CF Reference: BUGTRAQ:19980507 admintool mode 0777 in Solaris 2.6 HW3/98 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925880&w=2 Reference: BID:290 Reference: URL:http://www.securityfocus.com/bid/290 Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. Analysis ---------------- ED_PRI CAN-1999-1027 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1036 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1036 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980626 vulnerability in satan, cops & tiger Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221103125976&w=2 COPS 1.04 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files in (1) res_diff, (2) ca.src, and (3) mail.chk. Analysis ---------------- ED_PRI CAN-1999-1036 3 Vendor Acknowledgement: Content Decisions: SF-LOC ABSTRACTION: CD:SF-LOC suggests combining the same type of problem into the same entry for the same affected software version. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1038 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1038 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980626 vulnerability in satan, cops & tiger Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221103125976&w=2 Tiger 2.2.3 allows local users to overwrite arbitrary files via a symlink attack on various temporary files in Tiger's default working directory, as defined by the WORKDIR variable. Analysis ---------------- ED_PRI CAN-1999-1038 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1045 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1045 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980115 pnserver exploit.. Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88492978527261&w=2 Reference: BUGTRAQ:19980115 [rootshell] Security Bulletin #7 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88490880523890&w=2 Reference: BUGTRAQ:19980817 Re: Real Audio Server Version 5 bug? Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90338245305236&w=2 Reference: MISC:http://service.real.com/help/faq/serv501.html pnserver in RealServer 5.0 and earlier allowsd remote attackers to cause a denial of service by sending a short, malformed request. Analysis ---------------- ED_PRI CAN-1999-1045 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1075 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1075 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980318 AIX 4.1.5 DoS attack (aka "Port 1025 problem") Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=89025820612530&w=2 inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd. Analysis ---------------- ED_PRI CAN-1999-1075 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1096 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1096 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980516 kde exploit Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925954&w=2 Reference: BUGTRAQ:19980517 simple kde exploit fix Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925959&w=2 Reference: XF:kde-klock-home-bo(1644) Reference: URL:http://xforce.iss.net/static/1644.php Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. Analysis ---------------- ED_PRI CAN-1999-1096 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1106 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1106 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980429 Security hole in kppp Reference: URL:http://www.securityfocus.com/archive/1/9121 Reference: XF:kde-kppp-account-bo(1643) Reference: URL:http://xforce.iss.net/static/1643.php Reference: BID:92 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=92 Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. Analysis ---------------- ED_PRI CAN-1999-1106 3 Vendor Acknowledgement: Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1113 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1113 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980414 MacOS based buffer overflows... Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=89258194718577&w=2 Reference: BID:75 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=75 Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier on MacOS systems allows remote attackers to cause a denial of service via a long USER command to port 106. Analysis ---------------- ED_PRI CAN-1999-1113 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1150 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1150 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980630 Livingston Portmaster - ISN generation is loosy! Reference: URL:http://www.securityfocus.com/archive/1/9723 Reference: XF:portmaster-fixed-isn(1882) Reference: URL:http://xforce.iss.net/static/1882.php Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions. Analysis ---------------- ED_PRI CAN-1999-1150 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1151 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1151 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980603 Compaq/Microcom 6000 DoS + more Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90296493106214&w=2 Reference: XF:microcom-dos(2089) Reference: URL:http://xforce.iss.net/static/2089.php Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password. Analysis ---------------- ED_PRI CAN-1999-1151 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1152 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1152 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980603 Compaq/Microcom 6000 DoS + more Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90296493106214&w=2 Compaq/Microcom 6000 Access Integrator does not disconnect a client after a certain number of failed login attempts, which allows remote attackers to guess usernames or passwords via a brute force attack. Analysis ---------------- ED_PRI CAN-1999-1152 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1176 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1176 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980110 Cidentd Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88466930416716&w=2 Reference: BUGTRAQ:19980911 Re: security problems with jidentd Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90554230925545&w=2 Reference: MISC:http://spisa.act.uji.es/spi/progs/codigo/www.hack.co.za/exploits/daemon/ident/cidentd.c Buffer overflow in cidentd ident daemon allows local users to gain root privileges via a long line in the .authlie script. Analysis ---------------- ED_PRI CAN-1999-1176 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1178 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1178 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: XF:sambar-dump-env(3223) Reference: URL:http://xforce.iss.net/static/3223.php Reference: BUGTRAQ:19980610 Sambar Server Beta BUG.. Reference: URL:http://www.securityfocus.com/archive/1/9505 Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script. Analysis ---------------- ED_PRI CAN-1999-1178 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1179 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1179 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980515 May SysAdmin man.sh security hole Reference: URL:http://www.securityfocus.com/archive/1/9330 Vulnerability in man.sh CGI script, included in May 1998 issue of SysAdmin Magazine, allows remote attackers to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-1999-1179 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1207 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1207 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: MISC:http://www.efri.hr/~crv/security/bugs/NT/netxtray.html Reference: XF:netxray-bo(907) Reference: URL:http://xforce.iss.net/static/907.php Buffer overflow in web-admin tool in NetXRay 2.6 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request. Analysis ---------------- ED_PRI CAN-1999-1207 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1229 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1229 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980225 Quake 2 Linux 3.13 (and lower) allow users to read arbitrary files Reference: URL:http://www.securityfocus.com/archive/1/8590 Reference: XF:linux-quake2(733) Reference: URL:http://xforce.iss.net/static/733.php Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file. Analysis ---------------- ED_PRI CAN-1999-1229 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1269 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1269 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980206 serious security hole in KDE Beta 3 Reference: URL:http://www.securityfocus.com/archive/1/8506 Reference: XF:kde-kss-file-clobber(1641) Reference: URL:http://xforce.iss.net/static/1641.php Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. Analysis ---------------- ED_PRI CAN-1999-1269 3 Vendor Acknowledgement: Content Decisions: EX-BETA, SF-EXEC CD:EX-BETA suggests that bugs in beta software should not be included in CVE, unless the software has been distributed widely. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1271 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1271 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980611 Unsecure passwords in Macromedia Dreamweaver Reference: URL:http://www.securityfocus.com/archive/1/9511 Reference: XF:dreamweaver-weak-passwords(1636) Reference: URL:http://xforce.iss.net/static/1636.php Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users. Analysis ---------------- ED_PRI CAN-1999-1271 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1273 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1273 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980220 Simple way to bypass squid ACLs Reference: URL:http://www.securityfocus.com/archive/1/8551 Reference: XF:squid-regexp-acl(1627) Reference: URL:http://xforce.iss.net/static/1627.php Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences. Analysis ---------------- ED_PRI CAN-1999-1273 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1361 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1361 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980509 coke.c Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925891&w=2 Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages. Analysis ---------------- ED_PRI CAN-1999-1361 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1389 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1389 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980511 3Com/USR Total Control Chassis dialup port access filters Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925916&w=2 Reference: BID:99 Reference: URL:http://www.securityfocus.com/bid/99 US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt. Analysis ---------------- ED_PRI CAN-1999-1389 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1390 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1390 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980428 [Debian 2.0] /usr/bin/suidexec gives root access Reference: URL:http://darwin.bio.uci.edu/~mcoogan/bugtraq/msg00890.html Reference: BID:94 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=94 suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line. Analysis ---------------- ED_PRI CAN-1999-1390 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1429 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1429 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980105 Security flaw in either DIT TransferPro or Solaris Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88419633507543&w=2 Reference: BID:204 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=204 DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver. Analysis ---------------- ED_PRI CAN-1999-1429 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1439 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1439 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980102 Symlink bug with GCC 2.7.2 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88419592307388&w=2 Reference: BUGTRAQ:19980108 GCC Exploit Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88524071002939&w=2 Reference: BUGTRAQ:19980115 GCC 2.7.? /tmp files Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88492937727193&w=2 Reference: BID:146 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=146 gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files. Analysis ---------------- ED_PRI CAN-1999-1439 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1441 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1441 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980630 Serious Linux 2.0.34 security problem Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221103126047&w=2 Reference: BID:111 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=111 Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it. Analysis ---------------- ED_PRI CAN-1999-1441 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1442 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1442 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: MISC:http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html Reference: MISC:http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html Reference: BID:105 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=105 Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments. Analysis ---------------- ED_PRI CAN-1999-1442 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1443 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1443 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980602 Full Armor.... Fool Proof etc... bugs Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221103125889&w=2 Reference: BUGTRAQ:19980609 Full Armor Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221103125869&w=2 Reference: BID:103 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=103 Micah Software Full Armor Network Configurator and Zero Administration allow local users with physical access to bypass the desktop protection by (1) using <CTRL><ALT><DEL> and kill the process using the task manager, (2) booting the system from a separate disk, or (3) interrupting certain processes that execute while the system is booting. Analysis ---------------- ED_PRI CAN-1999-1443 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1445 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1445 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980202 imapd/ipop3d coredump in slackware 3.4 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88637951600184&w=2 Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords. Analysis ---------------- ED_PRI CAN-1999-1445 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1479 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1479 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980624 textcounter.pl SECURITY HOLE Reference: URL:http://www.securityfocus.com/archive/1/9609 Reference: XF:http-cgi-textcounter(2052) Reference: URL:http://xforce.iss.net/static/2052.php The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters. Analysis ---------------- ED_PRI CAN-1999-1479 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1480 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1480 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BID:429 Reference: URL:http://www.securityfocus.com/bid/429 (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. Analysis ---------------- ED_PRI CAN-1999-1480 3 Vendor Acknowledgement: unknown Content Decisions: SF-EXEC CD:SF-EXEC suggests combining multiple affected executables in the same package/capability into a single entry. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1498 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1498 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980406 insecure tmp file creation Reference: BID:82 Reference: URL:http://www.securityfocus.com/bid/82 Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file. Analysis ---------------- ED_PRI CAN-1999-1498 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1499 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1499 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980410 BIND 4.9.7 named follows symlinks, clobbers anything Reference: URL:http://www.securityfocus.com/archive/1/8966 Reference: BID:80 Reference: URL:http://www.securityfocus.com/bid/80 named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. Analysis ---------------- ED_PRI CAN-1999-1499 3 Vendor Acknowledgement: no Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1501 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1501 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980408 SGI O2 ipx security issue Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=19980408184855.12506@math.princeton.edu Reference: BID:70 Reference: URL:http://www.securityfocus.com/bid/70 Reference: BID:71 Reference: URL:http://www.securityfocus.com/bid/71 (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-1999-1501 3 Vendor Acknowledgement: unknown Content Decisions: SF-EXEC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1502 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1502 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980408 QuakeI client: serious holes. Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=89205623028934&w=2 Reference: BID:68 Reference: URL:http://www.securityfocus.com/bid/68 Reference: BID:69 Reference: URL:http://www.securityfocus.com/bid/69 Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command. Analysis ---------------- ED_PRI CAN-1999-1502 3 Vendor Acknowledgement: Content Decisions: SF-EXEC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1503 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1503 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BID:63 Reference: URL:http://www.securityfocus.com/bid/63 Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field. Analysis ---------------- ED_PRI CAN-1999-1503 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1504 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1504 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980408 Re: AppleShare IP Mail Server Reference: URL:http://www.securityfocus.com/archive/1/8951 Reference: BID:62 Reference: URL:http://www.securityfocus.com/bid/62 Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command. Analysis ---------------- ED_PRI CAN-1999-1504 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1505 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1505 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980407 QW vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=89200537415923&w=2 Reference: BID:60 Reference: URL:http://www.securityfocus.com/bid/60 Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. Analysis ---------------- ED_PRI CAN-1999-1505 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1555 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1555 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: CF Reference: BUGTRAQ:19980611 Cheyenne Inoculan vulnerability on NT Reference: URL:http://www.securityfocus.com/archive/1/9515 Reference: BID:106 Reference: XF:inoculan-bad-permissions(1536) Reference: URL:http://xforce.iss.net/static/1536.php Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with "EVERYONE FULL CONTROL" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll. Analysis ---------------- ED_PRI CAN-1999-1555 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1556 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1556 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19980629 MS SQL Server 6.5 stores password in unprotected registry keys Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=90222453431645&w=2 Reference: BID:109 Reference: URL:http://www.securityfocus.com/bid/109 Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading andd decrypting the CmdExecAccount value. Analysis ---------------- ED_PRI CAN-1999-1556 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
