|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster UNIX-2002c - 36 candidates
I am proposing cluster UNIX-2002c for review and voting by the Editorial Board. Name: UNIX-2002c Description: CANs in Linux advisories from December 2002 Size: 36 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2002-1158 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1158 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20020926 Category: SF Reference: REDHAT:RHSA-2002:246 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-246.html Buffer overflow in Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user. Analysis ---------------- ED_PRI CAN-2002-1158 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1159 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1159 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20020926 Category: SF Reference: REDHAT:RHSA-2002:246 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-246.html Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak. Analysis ---------------- ED_PRI CAN-2002-1159 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1160 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1160 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20020926 Category: CF Reference: BUGTRAQ:20021214 BDT_AV200212140001: Insecure default: Using pam_xauth for su from sh-utils package Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104431622818954&w=2 Reference: REDHAT:RHSA-2003:035 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-035.html Reference: MANDRAKE:MDKSA-2003:017 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:017 Reference: XF:linux-pamxauth-gain-privileges(11254) Reference: URL:http://www.iss.net/security_center/static/11254.php The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su. Analysis ---------------- ED_PRI CAN-2002-1160 1 Vendor Acknowledgement: unknown ACCURACY: while the post from Andreas Beck appears to be dated December 14, 2002, it was not actually published until February 3, 2002, as reflected in the Vendor Response section. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1341 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1341 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021205 Category: SF Reference: BUGTRAQ:20021203 SquirrelMail v1.2.9 XSS bugs Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103893844126484&w=2 Reference: MISC:http://f0kp.iplus.ru/bz/008.txt Reference: BUGTRAQ:20021203 Re: SquirrelMail v1.2.9 XSS bugs Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103911130503272&w=2 Reference: BUGTRAQ:20021215 GLSA: squirrelmail Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104004924002662&w=2 Reference: DEBIAN:DSA-220 Reference: URL:http://www.debian.org/security/2002/dsa-220 Reference: REDHAT:RHSA-2003:042 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-042.html Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlier allows remote attackers to insert script and HTML via the (1) mailbox and (2) passed_id parameters. Analysis ---------------- ED_PRI CAN-2002-1341 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1344 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021209 Category: SF Reference: BUGTRAQ:20021211 Directory Traversal Vulnerabilities in FTP Clients Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103962838628940&w=2 Reference: REDHAT:RHSA-2002:229 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-229.html Reference: CONECTIVA:CLA-2002:552 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000552 Reference: DEBIAN:DSA-209 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103973388702700&w=2 Reference: MANDRAKE:MDKSA-2002:086 Reference: URL:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-086.php Reference: BUGTRAQ:20021219 TSLSA-2002-0089 - wget Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104033016703851&w=2 Reference: BID:6352 Reference: URL:http://www.securityfocus.com/bid/6352 Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences. Analysis ---------------- ED_PRI CAN-2002-1344 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1348 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1348 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021210 Category: SF Reference: CONFIRM:http://sourceforge.net/project/shownotes.php?release_id=126233 Reference: REDHAT:RHSA-2003:044 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-044.html Reference: BUGTRAQ:20030217 GLSA: w3m Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104552193927323&w=2 Reference: XF:w3m-img-alt-xss(11266) Reference: URL:http://www.iss.net/security_center/static/11266.php w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. Analysis ---------------- ED_PRI CAN-2002-1348 1 Vendor Acknowledgement: yes advisory ACKNOWLEDGEMENT: The changelog for 0.3.2.2 describes "another security vulnerability in w3m 0.3.2.x that w3m will miss to escape html tag in img alt attribute, so malicious frame html may deceive you to access your local files, cookies and so on." NOTE: CAN-2002-1404 was also assigned to this issue. However, it is being rejected in favor of CAN-2002-1348. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1350 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1350 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021213 Category: SF Reference: DEBIAN:DSA-206 Reference: URL:http://www.debian.org/security/2002/dsa-206 Reference: BUGTRAQ:20021219 TSLSA-2002-0084 - tcpdump Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104032975103398&w=2 The BGP decoding routines in tcpdump before 3.6.2-2.2 do not properly copy data, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. Analysis ---------------- ED_PRI CAN-2002-1350 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1362 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1362 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021214 Category: SF Reference: DEBIAN:DSA-211 Reference: URL:http://www.debian.org/security/2002/dsa-211 mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character. Analysis ---------------- ED_PRI CAN-2002-1362 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1363 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1363 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021214 Category: SF Reference: DEBIAN:DSA-213 Reference: URL:http://www.debian.org/security/2002/dsa-213 Reference: REDHAT:RHSA-2003:006 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-006.html Portable Network Graphics (PNG) libraries (1) libpng 1.2.1 and earlier, and (2) libpng3 1.2.5 and earlier, do not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. Analysis ---------------- ED_PRI CAN-2002-1363 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1365 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1365 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021213 Advisory 05/2002: Another Fetchmail Remote Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103979751818638&w=2 Reference: MISC:http://security.e-matters.de/advisories/052002.html Reference: BUGTRAQ:20021215 GLSA: fetchmail Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104004858802000&w=2 Reference: CONECTIVA:CLA-2002:554 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000554 Reference: REDHAT:RHSA-2002:293 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-293.html Reference: SUSE:SuSE-SA:2003:001 Reference: CALDERA:CSSA-2003-001.0 Reference: MANDRAKE:MDKSA-2003:011 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:011 Reference: ENGARDE:ESA-20030127-002 Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. Analysis ---------------- ED_PRI CAN-2002-1365 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1366 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1366 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104032149026670&w=2 Reference: VULNWATCH:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html Reference: MISC:http://www.idefense.com/advisory/12.19.02.txt Reference: REDHAT:RHSA-2002:295 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-295.html Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. Analysis ---------------- ED_PRI CAN-2002-1366 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1367 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1367 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104032149026670&w=2 Reference: VULNWATCH:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html Reference: MISC:http://www.idefense.com/advisory/12.19.02.txt Reference: REDHAT:RHSA-2002:295 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-295.html Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke. Analysis ---------------- ED_PRI CAN-2002-1367 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1368 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1368 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104032149026670&w=2 Reference: VULNWATCH:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html Reference: MISC:http://www.idefense.com/advisory/12.19.02.txt Reference: REDHAT:RHSA-2002:295 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-295.html Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. Analysis ---------------- ED_PRI CAN-2002-1368 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1369 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1369 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104032149026670&w=2 Reference: VULNWATCH:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html Reference: MISC:http://www.idefense.com/advisory/12.19.02.txt Reference: REDHAT:RHSA-2002:295 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-295.html jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. Analysis ---------------- ED_PRI CAN-2002-1369 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1371 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1371 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104032149026670&w=2 Reference: VULNWATCH:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html Reference: MISC:http://www.idefense.com/advisory/12.19.02.txt Reference: REDHAT:RHSA-2002:295 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-295.html filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. Analysis ---------------- ED_PRI CAN-2002-1371 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1372 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1372 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF/CF/MP/SA/AN/unknown Reference: BUGTRAQ:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104032149026670&w=2 Reference: VULNWATCH:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html Reference: MISC:http://www.idefense.com/advisory/12.19.02.txt Reference: REDHAT:RHSA-2002:295 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-295.html Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. Analysis ---------------- ED_PRI CAN-2002-1372 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1373 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1373 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021212 Advisory 04/2002: Multiple MySQL vulnerabilities Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103971644013961&w=2 Reference: MISC:http://security.e-matters.de/advisories/042002.html Reference: BUGTRAQ:20021219 TSLSA-2002-0086 - mysql Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104033188706000&w=2 Reference: REDHAT:RHSA-2002:288 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-288.html Reference: ENGARDE:ESA-20030127-001 Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call. Analysis ---------------- ED_PRI CAN-2002-1373 1 Vendor Acknowledgement: unknown ACCURACY: a MySQL developer (Sergei Golubchik) confirmed via email that the only the 3.23 branch was affected. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1374 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1374 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021212 Advisory 04/2002: Multiple MySQL vulnerabilities Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103971644013961&w=2 Reference: MISC:http://security.e-matters.de/advisories/042002.html Reference: ENGARDE:ESA-20021213-033 Reference: URL:http://www.linuxsecurity.com/advisories/engarde_advisory-2660.html Reference: BUGTRAQ:20021215 GLSA: mysql Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104004857201968&w=2 Reference: BUGTRAQ:20021216 [OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104005886114500&w=2 Reference: BUGTRAQ:20021219 TSLSA-2002-0086 - mysql Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104033188706000&w=2 Reference: REDHAT:RHSA-2002:288 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-288.html The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password. Analysis ---------------- ED_PRI CAN-2002-1374 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1375 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1375 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021212 Advisory 04/2002: Multiple MySQL vulnerabilities Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103971644013961&w=2 Reference: MISC:http://security.e-matters.de/advisories/042002.html Reference: ENGARDE:ESA-20021213-033 Reference: URL:http://www.linuxsecurity.com/advisories/engarde_advisory-2660.html Reference: BUGTRAQ:20021215 GLSA: mysql Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104004857201968&w=2 Reference: BUGTRAQ:20021216 [OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104005886114500&w=2 Reference: BUGTRAQ:20021219 TSLSA-2002-0086 - mysql Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104033188706000&w=2 Reference: REDHAT:RHSA-2002:288 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-288.html The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response. Analysis ---------------- ED_PRI CAN-2002-1375 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1376 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1376 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: BUGTRAQ:20021212 Advisory 04/2002: Multiple MySQL vulnerabilities Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103971644013961&w=2 Reference: MISC:http://security.e-matters.de/advisories/042002.html Reference: ENGARDE:ESA-20021213-033 Reference: URL:http://www.linuxsecurity.com/advisories/engarde_advisory-2660.html Reference: BUGTRAQ:20021215 GLSA: mysql Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104004857201968&w=2 Reference: BUGTRAQ:20021216 [OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104005886114500&w=2 Reference: BUGTRAQ:20021219 TSLSA-2002-0086 - mysql Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104033188706000&w=2 Reference: REDHAT:RHSA-2002:288 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-288.html libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. Analysis ---------------- ED_PRI CAN-2002-1376 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1377 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1377 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: MISC:http://lists.netsys.com/pipermail/full-disclosure/2002-December/003330.html Reference: MISC:http://www.guninski.com/vim1.html Reference: REDHAT:RHSA-2002:297 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-297.html Reference: MANDRAKE:MDKSA-2003:012 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:012 vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used as an editor for other products such as mutt. Analysis ---------------- ED_PRI CAN-2002-1377 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1383 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1383 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021218 Category: SF Reference: BUGTRAQ:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104032149026670&w=2 Reference: VULNWATCH:20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html Reference: MISC:http://www.idefense.com/advisory/12.19.02.txt Reference: REDHAT:RHSA-2002:295 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-295.html Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. Analysis ---------------- ED_PRI CAN-2002-1383 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1384 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1384 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021218 Category: SF Reference: VULNWATCH:20021223 iDEFENSE Security Advisory 12.23.02: Integer Overflow in pdftops Reference: MISC:http://www.idefense.com/advisory/12.23.02.txt Reference: DEBIAN:DSA-222 Reference: URL:http://www.debian.org/security/2003/dsa-222 Reference: DEBIAN:DSA-226 Reference: URL:http://www.debian.org/security/2003/dsa-226 Reference: BUGTRAQ:20030102 GLSA: xpdf Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104152282309980&w=2 Reference: REDHAT:RHSA-2002:295 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-295.html Reference: REDHAT:RHSA-2003:037 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-037.html Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. Analysis ---------------- ED_PRI CAN-2002-1384 1 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1388 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1388 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021230 Category: SF Reference: CONFIRM:http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180@mcguire.earlhood.com Reference: DEBIAN:DSA-221 Reference: URL:http://www.debian.org/security/2002/dsa-221 Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages. Analysis ---------------- ED_PRI CAN-2002-1388 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1389 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1389 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021230 Category: SF Reference: DEBIAN:DSA-217 Reference: URL:http://www.debian.org/security/2002/dsa-217 Buffer overflow in typespeed 0.4.2 and earlier allows local users to gain privileges via long input. Analysis ---------------- ED_PRI CAN-2002-1389 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1390 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1390 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20030106 Category: SF Reference: CONFIRM:http://cristal.inria.fr/~ddr/GeneWeb/en/version/4.09.html Reference: DEBIAN:DSA-223 Reference: URL:http://www.debian.org/security/2003/dsa-223 The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL. Analysis ---------------- ED_PRI CAN-2002-1390 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1396 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20030107 Category: SF Reference: BUGTRAQ:20021227 Buffer overflow in PHP "wordwrap" function Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104102689503192&w=2 Reference: CONFIRM:http://bugs.php.net/bug.php?id=20927 Reference: REDHAT:RHSA-2003:017 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-017.html Reference: ENGARDE:ESA-20030219-003 Reference: SUSE:SuSE-SA:2003:0009 Reference: MANDRAKE:MDKSA-2003:019 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:019 Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. Analysis ---------------- ED_PRI CAN-2002-1396 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1342 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1342 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021205 Category: SF/CF/MP/SA/AN/unknown Reference: DEBIAN:DSA-203 Reference: URL:http://www.debian.org/security/2002/dsa-203 Unknown vulnerability in smb2www 980804-16 and earlier allows remote attackers to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2002-1342 3 Vendor Acknowledgement: yes advisory Content Decisions: VAGUE Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1347 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1347 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021210 Category: SF Reference: BUGTRAQ:20021209 Cyrus SASL library buffer overflows Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103946297703402&w=2 Reference: REDHAT:RHSA-2002:283 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-283.html Buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. Analysis ---------------- ED_PRI CAN-2002-1347 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1355 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1355 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021213 Category: SF Reference: CONFIRM:http://www.ethereal.com/appnotes/enpa-sa-00007.html Reference: CONFIRM:http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-bgp.c.diff?r1=1.68&r2=1.69 Reference: REDHAT:RHSA-2002:290 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-290.html Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service (infinite loop) via malformed messages. Analysis ---------------- ED_PRI CAN-2002-1355 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1356 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1356 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021213 Category: SF Reference: CONFIRM:http://www.ethereal.com/appnotes/enpa-sa-00007.html Reference: CONFIRM:http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-lmp.c#rev1.13 Reference: REDHAT:RHSA-2002:290 Reference: URL:http://www.redhat.com/support/errata/RHSA-2002-290.html Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages. Analysis ---------------- ED_PRI CAN-2002-1356 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1378 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1378 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: SUSE:SuSE-SA:2002:047 Reference: URL:http://www.suse.de/de/security/2002_047_openldap2.html Reference: DEBIAN:DSA-227 Reference: URL:http://www.debian.org/security/2003/dsa-227 Reference: REDHAT:RHSA-2003:040 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-040.html Reference: MANDRAKE:MDKSA-2003:006 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:006 Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. Analysis ---------------- ED_PRI CAN-2002-1378 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC, VAGUE Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1379 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1379 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20021216 Category: SF Reference: SUSE:SuSE-SA:2002:047 Reference: URL:http://www.suse.de/de/security/2002_047_openldap2.html Reference: DEBIAN:DSA-227 Reference: URL:http://www.debian.org/security/2003/dsa-227 Reference: REDHAT:RHSA-2003:040 Reference: MANDRAKE:MDKSA-2003:006 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:006 OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. Analysis ---------------- ED_PRI CAN-2002-1379 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC, VAGUE Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1393 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1393 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20030106 Category: SF Reference: BUGTRAQ:20021221 KDE Security Advisory: Multiple vulnerabilities in KDE Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104049734911544&w=2 Reference: BUGTRAQ:20021222 GLSA: kde-3.0.x Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=104066520330397&w=2 Reference: CONFIRM:http://www.kde.org/info/security/advisory-20021220-1.txt Reference: DEBIAN:DSA-237 Reference: URL:http://www.debian.org/security/2003/dsa-237 Reference: DEBIAN:DSA-238 Reference: URL:http://www.debian.org/security/2003/dsa-238 Reference: DEBIAN:DSA-239 Reference: URL:http://www.debian.org/security/2003/dsa-239 Reference: DEBIAN:DSA-240 Reference: URL:http://www.debian.org/security/2003/dsa-240 Reference: DEBIAN:DSA-241 Reference: URL:http://www.debian.org/security/2003/dsa-241 Reference: DEBIAN:DSA-242 Reference: URL:http://www.debian.org/security/2003/dsa-242 Reference: DEBIAN:DSA-243 Reference: URL:http://www.debian.org/security/2003/dsa-243 Reference: CONECTIVA:CLA-2003:569 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000569 Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. Analysis ---------------- ED_PRI CAN-2002-1393 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1395 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1395 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20030107 Category: SF Reference: DEBIAN:DSA-202 Reference: URL:http://www.debian.org/security/2002/dsa-202 Reference: BID:6307 Reference: URL:http://online.securityfocus.com/bid/6307 Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz. Analysis ---------------- ED_PRI CAN-2002-1395 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-1508 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1508 Final-Decision: Interim-Decision: Modified: Proposed: 20030317 Assigned: 20030206 Category: SF Reference: SUSE:SuSE-SA:2002:047 Reference: URL:http://www.suse.de/de/security/2002_047_openldap2.html Reference: REDHAT:RHSA-2003:040 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-040.html Reference: DEBIAN:DSA-227 Reference: URL:http://www.debian.org/security/2003/dsa-227 Reference: MANDRAKE:MDKSA-2003:006 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:006 Reference: XF:openldap-acl-slapd-bo(11288) Reference: URL:http://www.iss.net/security_center/static/11288.php slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests. Analysis ---------------- ED_PRI CAN-2002-1508 3 Vendor Acknowledgement: yes advisory Content Decisions: VAGUE Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
