INTERIM DECISION: ACCEPT 3 candidates from CERT cluster

["Steven M. Christey" <coley@linus.mitre.org>]

I have made an Interim Decision to ACCEPT the following 3 candidates
from the CERT cluster (not the MODIFY-01 portion of the CERT cluster).
These got an ACCEPT from all voters, but I somehow missed them when I
made the first interim decision a few weeks ago.  They are not
affected by the current content decision discussions.

I have scheduled a Final Decision on these candidates for July 2.

The overly observant reader will note the Interim-Decision date of
6/29, while I am sending this email on 6/28.  As a reminder, all
dates, times, and version numbers in the CVE will use the GMT time
zone.

- Steve


=================================
Candidate: CAN-1999-0334
Published: 
Final-Decision: 
Interim-Decision: 19990629
Modified: 
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:sol-startup
Reference: CERT:CA-93.19.Solaris.Startup.vulnerability

In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local
user with physical access to obtain root access.

VOTES:
ACCEPT (6) Wall, Shostack, Frech, Hill, Northcutt, Christey

=================================
Candidate: CAN-1999-0337
Published: 
Final-Decision: 
Interim-Decision: 19990629
Modified: 
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: CERT:CA-94.10.IBM.AIX.bsh.vulnerability.html
Reference: XF:ibm-bsh

AIX batch queue (bsh) allows local and remote users to gain additional
privileges when network printing is enabled.

VOTES:
ACCEPT (6) Wall, Shostack, Frech, Hill, Northcutt, Christey

=================================
Candidate: CAN-1999-0338
Published: 
Final-Decision: 
Interim-Decision: 19990629
Modified: 
Announced: 19990607
Assigned: 19990607
Category: SF
Reference: XF:ibm-perf-tools
Reference: CERT:CA-94.03.AIX.performance.tools 

AIX Licensed Program Product performance tools allow local users to
gain root access.

VOTES:
ACCEPT (6) Wall, Shostack, Frech, Hill, Northcutt, Christey