[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
INTERIM DECISION: ACCEPT 10 VEN-ROUTER candidates (Final 7/12)

To: cve-editorial-board-list@lists.mitre.org
Subject: INTERIM DECISION: ACCEPT 10 VEN-ROUTER candidates (Final 7/12)
From: "Steven M. Christey" <coley@linus.mitre.org>
Date: Mon, 12 Jul 1999 19:09:13 -0400 (EDT)
Sender: owner-cve-editorial-board-list@lists.mitre.org
I have made an Interim Decision to ACCEPT all the candidates from this
cluster.  A Final Decision is scheduled for July 12.

Observe CAN-1999-0060 which could be affected by the Same Codebase
content decision.  It identifies two different series of Ascend
routers, which to me is sufficient information to indicate that they
probably share the same codebase, and thus should not be split.  If
you object to this decision and have evidence that they are not the
same codebase, please speak up.

References were added as noted.

I have removed myself from all votes in the cases where I propose the
candidates.  However, I reserve the right to change my mind and
continue to MODIFY, REJECT, or REVIEW my candidates where
appropriate. ;-)

- Steve



Least controversial candidates are listed first.

Voters:
  Frech ACCEPT(3) MODIFY(7)
  Hill ACCEPT(10)
  Northcutt ACCEPT(10)


*************************
ACCEPT
*************************

=================================
Candidate: CAN-1999-0060
Published:
Final-Decision:
Interim-Decision: 19990712
Modified:
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: NAI:NAI-26
Reference: XF:ascend-config-kill
Reference: ASCEND:http://www.ascend.com/2695.html

Attackers can cause a denial of service in Ascend MAX and Pipeline
routers with a malformed packet to the discard port, which is used by
the Java Configurator tool.

VOTES:
   ACCEPT(3) Northcutt, Hill, Frech


=================================
Candidate: CAN-1999-0160
Published:
Final-Decision:
Interim-Decision: 19990712
Modified:
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/chapvuln-pub.shtml
Reference: XF:cisco-chap

Some classic Cisco IOS devices have a vulnerability in the PPP CHAP
authentication to establish unauthorized PPP connections.

VOTES:
   ACCEPT(3) Northcutt, Hill, Frech


=================================
Candidate: CAN-1999-0161
Published:
Final-Decision:
Interim-Decision: 19990712
Modified:
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/707/1.html
Reference: XF:cisco-acl-tacacs

In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended
IP access control list could bypass filtering.

VOTES:
   ACCEPT(3) Northcutt, Hill, Frech




*************************
MODIFY
*************************

=================================
Candidate: CAN-1999-0157
Published:
Final-Decision:
Interim-Decision: 19990712
Modified: 19990712-01
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/nifrag.shtml
Reference: XF:cisco-fragmented-attacks

Cisco PIX firewall and CBAC IP fragmentation attack results in a
denial of service.

Modifications:
  ADDREF XF:cisco-fragmented-attacks

VOTES:
   ACCEPT(2) Northcutt, Hill
   MODIFY(1) Frech

COMMENTS:
 Frech> Reference: XF:cisco-fragmented-attacks


=================================
Candidate: CAN-1999-0158
Published:
Final-Decision:
Interim-Decision: 19990712
Modified: 19990712-01
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/pixmgrfile-pub.shtml
Reference: XF:cisco-pix-file-exposure

Cisco PIX firewall manager (PFM) on Windows NT allows attackers to
connect to port 8080 on the PFM server and retrieve any file whose
name and location is known.

Modifications:
  ADDREF Reference: XF:cisco-pix-file-exposure

VOTES:
   ACCEPT(2) Northcutt, Hill
   MODIFY(1) Frech

COMMENTS:
 Frech> Reference: XF:cisco-pix-file-exposure


=================================
Candidate: CAN-1999-0159
Published:
Final-Decision:
Interim-Decision: 19990712
Modified: 19990712-01
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/ioslogin-pub.shtml
Reference: XF:cisco-ios-crash

Attackers can crash a Cisco IOS router or device, provided they can
get to an interactive prompt (such as a login).  This applies to some
IOS 9.x, 10.x, and 11.x releases.

Modifications:
  ADDREF Reference: XF:cisco-ios-crash

VOTES:
   ACCEPT(2) Northcutt, Hill
   MODIFY(1) Frech

COMMENTS:
 Frech> Reference: XF:cisco-ios-crash


=================================
Candidate: CAN-1999-0162
Published:
Final-Decision:
Interim-Decision: 19990712
Modified: 19990712-01
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/707/2.html
Reference: XF:cisco-acl-established

The "established" keyword in some Cisco IOS software allowed
an attacker to bypass filtering.

Modifications:
  ADDREF XF:cisco-acl-established

VOTES:
   ACCEPT(2) Northcutt, Hill
   MODIFY(1) Frech

COMMENTS:
 Frech> Reference: XF:cisco-acl-established


=================================
Candidate: CAN-1999-0293
Published:
Final-Decision:
Interim-Decision: 19990712
Modified: 19990712-01
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/aaapair-pub.shtml
Reference: XF:cisco-ios-aaa-auth

AAA authentication on Cisco systems allows attackers to execute
commands without authorization.

Modifications:
  ADDREF XF:cisco-ios-aaa-auth

VOTES:
   ACCEPT(2) Northcutt, Hill
   MODIFY(1) Frech

COMMENTS:
 Frech> Reference: XF:cisco-ios-aaa-auth


=================================
Candidate: CAN-1999-0430
Published:
Final-Decision:
Interim-Decision: 19990712
Modified: 19990712-01
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: ISS:Remote Denial of Service Vulnerability in Cisco Catalyst Series Ethernet Switches
Reference: CISCO:Cisco Catalyst Supervisor Remote Reload
Reference: XF:cisco-catalyst-crash

Cisco Catalyst LAN switches running Catalyst 5000 supervisor software
allows remote attackers to perform a denial of service by forcing the
supervisor module to reload.

Modifications:
  ADDREF XF:cisco-catalyst-crash
  CHANGEREF CISCO:Cisco Catalyst Supervisor Remote Reload http://www.cisco.com/warp/public/770/cat7161-pub.shtml

VOTES:
   ACCEPT(2) Northcutt, Hill
   MODIFY(1) Frech

COMMENTS:
 Frech> Reference: XF:cisco-catalyst-crash
 Frech> CISCO reference should be
 Frech> http://www.cisco.com/warp/public/770/cat7161-pub.shtml


=================================
Candidate: CAN-1999-0445
Published:
Final-Decision:
Interim-Decision: 19990712
Modified: 19990712-01
Announced: 19990617
Assigned: 19990607
Category: SF
Reference: CISCO:Cisco IOS(R) Software Input Access List Leakage with NAT
Reference: XF:cisco-natacl-leakage

In Cisco routers under some versions of IOS 12.0 running NAT, some
packets may not be filtered by input access list filters.

Modifications:
  ADDREF XF:cisco-natacl-leakage
  CHANGEREF CISCO:Cisco IOS(R) Software Input Access List Leakage with NAT http://www.cisco.com/warp/public/770/iosnatacl-pub.shtml

VOTES:
   ACCEPT(2) Northcutt, Hill
   MODIFY(1) Frech

COMMENTS:
 Frech> Reference: XF:cisco-natacl-leakage
 Frech> CISCO reference should be
 Frech> http://www.cisco.com/warp/public/770/iosnatacl-pub.shtml
Prev by Date: Reminder: mailing list archives to be made public
Next by Date: INTERIM DECISION: ACCEPT 1 VEN-others candidates (Final 7/12)
Prev by thread: Reminder: mailing list archives to be made public
Next by thread: INTERIM DECISION: ACCEPT 1 VEN-others candidates (Final 7/12)
Index(es):
- Date
- Thread