|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-73 - 24 candidates
I am proposing cluster RECENT-73 for review and voting by the Editorial Board. Name: RECENT-73 Description: Candidates announced between 9/1/2001 and 10/31/2001 Size: 24 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. - Steve Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-0663 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0663 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20010815 Category: SF Reference: MS:MS01-052 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-052.asp Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Data Protocol (RDP) packets. Analysis ---------------- ED_PRI CAN-2001-0663 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0671 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0671 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20010828 Category: SF Reference: CERT:CA-2001-30 Reference: URL:http://www.cert.org/advisories/CA-2001-30.html Reference: AIXAPAR:IY23037 Reference: AIXAPAR:IY23041 Reference: CERT-VN:VU#466239 Reference: URL:http://www.kb.cert.org/vuls/id/466239 Reference: CERT-VN:VU#388183 Reference: URL:http://www.kb.cert.org/vuls/id/388183 Reference: CERT-VN:VU#722143 Reference: URL:http://www.kb.cert.org/vuls/id/722143 Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges. Analysis ---------------- ED_PRI CAN-2001-0671 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0716 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0716 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20010926 Category: SF Reference: ISS:20011016 Citrix MetaFrame Remote Denial of Service Vulnerability Reference: URL:http://xforce.iss.net/alerts/advise99.php Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server. Analysis ---------------- ED_PRI CAN-2001-0716 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0720 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0720 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20010927 Category: SF Reference: MS:MS01-053 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-053.asp Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. Analysis ---------------- ED_PRI CAN-2001-0720 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0796 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0796 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011023 Category: SF Reference: SGI:20011001-01-P Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/20011001-01-P Reference: CONFIRM:http://www.freebsd.org/cgi/query-pr.cgi?pr=8990 SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. Analysis ---------------- ED_PRI CAN-2001-0796 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0834 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0834 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: MISC:http://sourceforge.net/tracker/index.php?func=detail&aid=458013&group_id=4593&atid=104593 Reference: BUGTRAQ:20011007 Re: Bug found in ht://Dig htsearch CGI Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100260195401753&w=2 Reference: CONECTIVA:CLA-2001:429 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000429 Reference: SUSE:SuSE-SA:2001:035 Reference: URL:http://www.suse.com/de/support/security/2001_035_htdig_txt.txt Reference: DEBIAN:DSA-080 Reference: URL:http://www.debian.org/security/2001/dsa-080 htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. Analysis ---------------- ED_PRI CAN-2001-0834 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0835 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0835 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011024 Cross-site Scripting Flaw in webalizer Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100394630702875&w=2 Reference: CONFIRM:http://www.mrunix.net/webalizer/news.html Reference: SUSE:SuSE-SA:2001:040 Reference: URL:http://lists.suse.com/archives/suse-security-announce/2001-Nov/0001.html Reference: REDHAT:RHSA-2001:141 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-141.html Reference: ENGARDE:ESA-20011101-01 Reference: URL:http://www.linuxsecurity.com/advisories/other_advisory-1677.html Reference: BID:3473 Reference: URL:http://www.securityfocus.com/bid/3473 Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly other versions, allows remote attackers to inject arbitrary HTML tags by specifying them in (1) search keywords embedded in HTTP referrer information, or (2) host names that are retrieved via a reverse DNS lookup. Analysis ---------------- ED_PRI CAN-2001-0835 1 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0843 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0843 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20010921 squid DoS Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100109679010256&w=2 Reference: REDHAT:RHSA-2001:113 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-113.html Reference: SUSE:SuSE-SA:2001:037 Reference: URL:http://www.suse.de/de/support/security/2001_037_squid_txt.txt Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request. Analysis ---------------- ED_PRI CAN-2001-0843 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0845 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0845 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: Reference: COMPAQ:SSRT0738 Reference: URL:http://ftp.support.compaq.com/patches/.new/html/SSRT0738.shtml Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources. Analysis ---------------- ED_PRI CAN-2001-0845 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0816 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0816 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011113 Category: SF Reference: BUGTRAQ:20010918 OpenSSH: sftp & bypassing keypair auth restrictions Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-09/0153.html OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands. Analysis ---------------- ED_PRI CAN-2001-0816 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0832 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0832 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011023 FW: ASI Oracle Security Alert: 3 new security alerts Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100386756715645&w=2 Reference: CONFIRM:http://otn.oracle.com/deploy/security/pdf/oracle_race.pdf Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability." Analysis ---------------- ED_PRI CAN-2001-0832 2 Vendor Acknowledgement: yes advisory The advisory is vague as to the cause of the problem, but the URL includes "oracle_race.pdf" which indicates a race condition, and the issue is exploitable by local users, and the fix is to change directory permissions. This, combined with other clues in the advisory, makes it seem like a symlink problem. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0833 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0833 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: CF Reference: BUGTRAQ:20011023 FW: ASI Oracle Security Alert: 3 new security alerts Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100386756715645&w=2 Reference: CONFIRM:http://otn.oracle.com/deploy/security/pdf/otrcrep.pdf Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." Analysis ---------------- ED_PRI CAN-2001-0833 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0836 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0836 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: Reference: BUGTRAQ:20011018 def-2001-30 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100342151132277&w=2 Reference: BUGTRAQ:20011024 Oracle9iAS Web Cache Overflow Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100395487007578&w=2 Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. Analysis ---------------- ED_PRI CAN-2001-0836 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0830 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0830 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011023 Remote DoS in 6tunnel Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100386451702966&w=2 Reference: CONFIRM:ftp://213.146.38.146/pub/wojtekka/6tunnel-0.09.tar.gz 6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to and disconnecting from the server. Analysis ---------------- ED_PRI CAN-2001-0830 3 Vendor Acknowledgement: unknown discloser-claimed ACKNOWLEDGEMENT: In the CHANGELOG forr 6tunnel-0.08, dated 2000-12-12, the author states "fixed dos condition thanks to awayzzz," who is the poster. For 0.09, dated 2001-10-18, the author credits awayzzz for "fixing the fix." Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0831 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0831 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: unknown Reference: BUGTRAQ:20011023 FW: ASI Oracle Security Alert: 3 new security alerts Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100386756715645&w=2 Reference: CONFIRM:http://otn.oracle.com/deploy/security/pdf/OLS817alert.pdf Vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access. Analysis ---------------- ED_PRI CAN-2001-0831 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0837 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0837 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011025 Pc-to-Phone vulnerability - broken by design Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100403691432052&w=2 DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder. Analysis ---------------- ED_PRI CAN-2001-0837 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0838 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0838 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011025 RWhoisd remote format string vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100402652724815&w=2 Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers execute arbitrary code via format string specifiers in the -soa command. Analysis ---------------- ED_PRI CAN-2001-0838 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0839 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0839 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: Reference: BUGTRAQ:20011025 Weak authentication in iBill's Password Management CGI Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100404371423927&w=2 ibillpm.pl in iBill password management system generates weak passwords based on a client's MASTER_ACCOUNT, which allows remote attackers to modify account information in the .htpasswd file via brute force password guessing. Analysis ---------------- ED_PRI CAN-2001-0839 3 Vendor Acknowledgement: unknown Content Decisions: EX-ONLINE-SVC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0840 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0840 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: COMPAQ:SSRT0766 Reference: URL:http://www.compaq.com/products/servers/management/mgtsw-advisory.html Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI. Analysis ---------------- ED_PRI CAN-2001-0840 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC, SF-EXEC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0841 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0841 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011030 Ikonboard Cookie filter vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100446445208739&w=2 Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie. Analysis ---------------- ED_PRI CAN-2001-0841 3 Vendor Acknowledgement: unknown Content Decisions: SF-CODEBASE ABSTRACTION: LB5000 and Ikonboard both exhibit the same problem, are offered by the same vendor, and clearly use the same source code. CD:SF-CODEBASE might suggest combining these. But if the programs are distributed separately, then maybe they should be SPLIT. However, since the vendor's site is in Chinese, it is difficult to determine whether these products are combined or not. In the face of this uncertainty, these issues will be SPLIT. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0842 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0842 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011030 LB5000 Cookie filter vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100446455809273&w=2 Directory traversal vulnerability in Search.cgi in LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie. Analysis ---------------- ED_PRI CAN-2001-0842 3 Vendor Acknowledgement: unknown Content Decisions: SF-CODEBASE ABSTRACTION: LB5000 and Ikonboard both exhibit the same problem, are offered by the same vendor, and clearly use the same source code. CD:SF-CODEBASE might suggest combining these. But if the programs are distributed separately, then maybe they should be SPLIT. However, since the vendor's site is in Chinese, it is difficult to determine whether these products are combined or not. In the face of this uncertainty, these issues will be SPLIT. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0844 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0844 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011030 cgi vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100446263601021&w=2 Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter. Analysis ---------------- ED_PRI CAN-2001-0844 3 Vendor Acknowledgement: unknown Content Decisions: SF-EXEC It is not clear from the post whether these are 2 separate programs or one. The vendor URL, as reported by the discloser, does not work. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0846 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0846 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011030 Lotus Domino Web Administrator Template ReplicaID Access (#NISR29102001A) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100448721830960&w=2 Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf). Analysis ---------------- ED_PRI CAN-2001-0846 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0847 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0847 Final-Decision: Interim-Decision: Modified: Proposed: 20011122 Assigned: 20011122 Category: SF Reference: BUGTRAQ:20011031 Lotus Domino Default Navigator Protection By-pass (#NISR29102001B) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=100448726831108&w=2 Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID. Analysis ---------------- ED_PRI CAN-2001-0847 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
