[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PROPOSAL] Cluster MS-99 - 7 legacy candidates



The following cluster contains 7 legacy candidates, all of which are
associated with Microsoft advisories that were published in 1999.
With this cluster, we now have candidates (or entries) for all issues
described in Microsoft advisories from that year.

All candidates have a "priority 1."  I encourage the Board to vote on
these rapidly, within the minimum 2-week time frame before they are
moved to Interim Decision.  The schedule for this cluster is:

  Scheduled Interim Decision: May 30
  Scheduled Final Decision: June 5

Other legacy candidates related to 1999 advisories will be posted next
week.

- Steve



Summary of votes to use (in ascending order of "severity")
----------------------------------------------------------

ACCEPT - voter accepts the candidate as proposed
NOOP - voter has no opinion on the candidate
MODIFY - voter wants to change some MINOR detail (e.g. reference/description)
REVIEWING - voter is reviewing/researching the candidate, or needs more info
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

1) Please write your vote on the line that starts with "VOTE: ".  If
   you want to add comments or details, add them to lines after the
   VOTE: line.

2) If you see any missing references, please mention them so that they
   can be included.  References help greatly during mapping.

3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes.
   So if you don't have sufficient information for a candidate but you
   don't want to NOOP, use a REVIEWING.

********** NOTE ********** NOTE ********** NOTE ********** NOTE **********

Please keep in mind that your vote and comments will be recorded and
publicly viewable in the mailing list archives or in other formats.

=================================
Candidate: CAN-1999-1011
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 19991221
Category: SF
Reference: MS:MS98-004
Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms98-004.asp
Reference: MS:MS99-025
Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-025.asp
Reference: CIAC:J-054
Reference: URL:http://www.ciac.org/ciac/bulletins/j-054.shtml

The Remote Data Service (RDS) DataFactory component of Microsoft Data
Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods,
which allows remote attackers to execute arbitrary commands.


ED_PRI CAN-1999-1011 1


VOTE:

=================================
Candidate: CAN-2000-0323
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 20000511
Category: SF
Reference: BUGTRAQ:19990728 Alert : MS Office 97 Vulnerability
Reference: http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-22&msg=19990729195531.25108.qmail@underground.org
Reference: http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-22&msg=D1A11CCE78ADD111A35500805FD43F58019792A3@RED-MSG-04
Reference: MS:MS99-030
Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-030.asp
Reference: BID:595
Reference: URL:http://www.securityfocus.com/level2/?go=vulnerabilities&id=595

The Microsoft Jet database engine allows an attacker to modify text
files via a database query, aka the "Text I-ISAM" vulnerability.


ED_PRI CAN-2000-0323 1


VOTE:

=================================
Candidate: CAN-2000-0325
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 20000511
Category: SF
Reference: MS:MS99-030
Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-030.asp

The Microsoft Jet database engine allows an attacker to execute
commands via a database query, aka the "VBA Shell" vulnerability.


ED_PRI CAN-2000-0325 1


VOTE:

=================================
Candidate: CAN-2000-0327
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 20000511
Category: SF
Reference: BUGTRAQ:19991014 Another Microsoft Java Flaw Disovered
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=93993545118416&w=2
Reference: MS:MS99-045
Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-045.asp

Microsoft Virtual Machine (VM) allows remote attackers to escape the
Java sandbox and execute commands via an applet containing an illegal
cast operation, aka the "Virtual Machine Verifier" vulnerability.


ED_PRI CAN-2000-0327 1


VOTE:

=================================
Candidate: CAN-2000-0328
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 20000511
Category: SF
Reference: BUGTRAQ:19990824 NT Predictable Initial TCP Sequence numbers - changes observed with SP4
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.19990824165629.00abcb40@192.168.124.1
Reference: MS:MS99-046
Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-046.asp
Reference: BID:604
Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=604

Windows NT 4.0 generates predictable random TCP initial sequence
numbers (ISN), which allows remote attackers to perform spoofing and
session hijacking.


ED_PRI CAN-2000-0328 1


VOTE:

=================================
Candidate: CAN-2000-0329
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 20000511
Category: SF
Reference: MS:MS99-048
Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-048.asp

A Microsoft ActiveX control allows a remote attacker to execute a
malicious cabinet file via an attachment and an embedded script in an
HTML mail, aka the "Active Setup Control" vulnerability.


ED_PRI CAN-2000-0329 1


VOTE:

=================================
Candidate: CAN-2000-0330
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20000518
Assigned: 20000511
Category: SF
Reference: MS:MS99-049
Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-049.asp

The networking software in Windows 95 and Windows 98 allows remote
attackers to execute commands via a long file name string, aka the
"File Access URL" vulnerability.


ED_PRI CAN-2000-0330 1


VOTE:

Page Last Updated or Reviewed: May 22, 2007