[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PROPOSAL] Cluster RECENT-46 - 23 candidates

The following cluster contains 23 candidates that were announced
between November 21 and November 28, 2000.

Note that the voting web site will not be updated with this cluster
until sometime Wednesday.

The candidates are listed in order of priority.  Priority 1 and
Priority 2 candidates both deal with varying levels of vendor
confirmation, so they should be easy to review and it can be trusted
that the problems are real.

If you discover that any RECENT-XX cluster is incomplete with respect
to the problems discovered during the associated time frame, please
send that information to me so that candidates can be assigned.

- Steve



Summary of votes to use (in ascending order of "severity")
----------------------------------------------------------

ACCEPT - voter accepts the candidate as proposed
NOOP - voter has no opinion on the candidate
MODIFY - voter wants to change some MINOR detail (e.g. reference/description)
REVIEWING - voter is reviewing/researching the candidate, or needs more info
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

1) Please write your vote on the line that starts with "VOTE: ".  If
   you want to add comments or details, add them to lines after the
   VOTE: line.

2) If you see any missing references, please mention them so that they
   can be included.  References help greatly during mapping.

3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes.
   So if you don't have sufficient information for a candidate but you
   don't want to NOOP, use a REVIEWING.

********** NOTE ********** NOTE ********** NOTE ********** NOTE **********

Please keep in mind that your vote and comments will be recorded and
publicly viewable in the mailing list archives or in other formats.

======================================================
Candidate: CAN-2000-1112
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1112
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: MS:MS00-090
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS00-090.asp
Reference: BID:1976
Reference: URL:http://www.securityfocus.com/bid/1976

Microsoft Windows Media Player 7 executes scripts in custom skin
(.WMS) files, which could allow remote attackers to gain privileges
via a skin that contains a malicious script, aka the ".WMS Script
Execution" vulnerability.

Analysis
----------------
ED_PRI CAN-2000-1112 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1113
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1113
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: ATSTAKE:A112300-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a112300-1.txt
Reference: MS:MS00-090
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS00-090.asp
Reference: BID:1980
Reference: URL:http://www.securityfocus.com/bid/1980

Buffer overflow in Microsoft Windows Media Player allows remote
attackers to execute arbitrary commands via a malformed Active Stream
Redirector (.ASX) file, aka the ".ASX Buffer Overrun" vulnerability.

Analysis
----------------
ED_PRI CAN-2000-1113 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1162
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1162
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: CALDERA:CSSA-2000-041
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-041.0.txt
Reference: MANDRAKE:MDKSA-2000:074
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-074.php3
Reference: CONECTIVA:CLSA-2000:343
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000343
Reference: REDHAT:RHSA-2000:114-03
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-114.html
Reference: DEBIAN:20001123 ghostscript: symlink attack
Reference: URL:http://www.debian.org/security/2000/20001123
Reference: BID:1990
Reference: URL:http://www.securityfocus.com/bid/1990

ghostscript before 5.10-16 allows local users to overwrite files of
other users via a symlink attack.

Analysis
----------------
ED_PRI CAN-2000-1162 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1163
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1163
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: CALDERA:CSSA-2000-041
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-041.0.txt
Reference: MANDRAKE:MDKSA-2000:074
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-074.php3
Reference: CONECTIVA:CLSA-2000:343
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000343
Reference: DEBIAN:20001123 ghostscript: symlink attack
Reference: URL:http://www.debian.org/security/2000/20001123
Reference: BID:1991
Reference: URL:http://www.securityfocus.com/bid/1991

ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental
variable to find libraries in the current directory, which could allow
local users to execute commands as other users by placing a Trojan
horse library into a directory from which another user executes
ghostscript.

Analysis
----------------
ED_PRI CAN-2000-1163 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1187
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1187
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: REDHAT:RHSA-2000:109-05
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-109.html
Reference: CONECTIVA:CLSA-2000:344
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000344
Reference: SuSE-SA:2000:48
Reference: URL:http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html
Reference: FREEBSD:FreeBSD-SA-00:66
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc
Reference: BUGTRAQ:20001121 Immunix OS Security update for netscape
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97500270012529&w=2

Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows
remote attackers to execute arbitrary commands via a long password
value in a form field.

Analysis
----------------
ED_PRI CAN-2000-1187 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1106
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1106
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001128 TrendMicro InterScan VirusWall shared folder problem
Reference: URL:http://www.securityfocus.com/archive/1/147563
Reference: BUGTRAQ:20001201 Responding to BugTraq ID 2014 - "Trend Micro InterScan VirusWall Shared Directory Vulnerability"
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0016.html
Reference: BID:2014
Reference: URL:http://www.securityfocus.com/bid/2014

Trend Micro InterScan VirusWall creates an "Intscan" share to the
"InterScan" directory with permissions that grant Full Control
permissions to the Everyone group, which allows attackers to gain
privileges by modifying the VirusWall programs.

Analysis
----------------
ED_PRI CAN-2000-1106 2
Vendor Acknowledgement: yes followup

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1107
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1107
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001128 SuSE Linux 6.x 7.0 Ident buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.html
Reference: BID:2015
Reference: URL:http://www.securityfocus.com/bid/2015

in.identd ident server in SuSE Linux 6.x and 7.0 allows remote
attackers to cause a denial of service via a long request, which
causes the server to access a NULL pointer and crash.

Analysis
----------------
ED_PRI CAN-2000-1107 2
Vendor Acknowledgement: yes followup

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1115
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1115
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001122 602Pro Lan Suite Web Admin Overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0299.html
Reference: CONFIRM:http://www.software602.com/products/ls/support/newbuild.html
Reference: BID:1979
Reference: URL:http://www.securityfocus.com/bid/1979

Buffer overflow in remote web administration component (webprox.dll)
of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to
cause a denial of service and possibly execute arbitrary commands via
a long GET request.

Analysis
----------------
ED_PRI CAN-2000-1115 2
Vendor Acknowledgement: yes

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1136
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1136
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001122 New version of elvis-tiny released
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97502995616099&w=2
Reference: BID:1984
Reference: URL:http://www.securityfocus.com/bid/1984

elvis-tiny before 1.4-10 in Debian Linux, and possibly other Linux
operating systems, allows local users to overwrite files of other
users via a symlink attack.

Analysis
----------------
ED_PRI CAN-2000-1136 2
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1101
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1101
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category:
Reference: BUGTRAQ:20001127 Vulnerability in Winsock FTPD 2.41/3.00 (Pro)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0386.html
Reference: BID:2005
Reference: URL:http://www.securityfocus.com/bid/2005

Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and
2.41 with the "Restrict to home directory" option enabled allows local
users to escape the home directory via a "/../" string, a variation of
the .. (dot dot) attack.

Analysis
----------------
ED_PRI CAN-2000-1101 3
Vendor Acknowledgement: unknown vague

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1102
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1102
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BID:2008
Reference: URL:http://www.securityfocus.com/bid/2008
Reference: BUGTRAQ:20001126 Vulnerablity in PTlink3.5.3ircd + PTlink.Services.1.8.1...
Reference: URL:http://www.securityfocus.com/archive/1/147115

PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to
cause a denial of service (server crash) via "mode +owgscfxeb" and
"oper" commands.

Analysis
----------------
ED_PRI CAN-2000-1102 3
Vendor Acknowledgement: unknown claimed patch in followups by users
Content Decisions: SF-EXEC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1103
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1103
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001127 BSDi 3.0/4.0 rcvtty gid=tty exploit... (mh package)
Reference: URL:http://www.securityfocus.com/archive/1/147120
Reference: BID:2009
Reference: URL:http://www.securityfocus.com/bid/2009

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before
executing a script, which allows local attackers to gain privileges by
specifying an alternate Trojan horse script on the command line.

Analysis
----------------
ED_PRI CAN-2000-1103 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1109
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1109
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001127 Midnight Commander
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0373.html
Reference: BID:2016
Reference: URL:http://www.securityfocus.com/bid/2016

Midnight Commander (mc) 4.5.51 and earlier does not properly process
malformed directory names when a user opens a directory, which allows
other local users to gain privileges by creating directories that
contain special characters followed by the commands to be executed.

Analysis
----------------
ED_PRI CAN-2000-1109 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1110
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1110
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001128 IBM Net.Data Local Path Disclosure Vulnerability?
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0384.html
Reference: BID:2017
Reference: URL:http://www.securityfocus.com/bid/2017

document.d2w CGI program in the IBM Net.Data db2www package allows
remote attackers to determine the physical path of the web server by
sending a nonexistent command to the program.

Analysis
----------------
ED_PRI CAN-2000-1110 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1114
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1114
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001121 Disclosure of JSP source code with ServletExec AS v3.0c + web ins tance
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0285.html
Reference: BID:1970
Reference: URL:http://www.securityfocus.com/bid/1970

Unify ServletExec AS v3.0C allows remote attackers to read source code
for JSP pages via an HTTP request that ends with characters such as
".", or "+", or "%20".

Analysis
----------------
ED_PRI CAN-2000-1114 3
Vendor Acknowledgement: unknown discloser-claimed

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1117
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1117
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001124 Security Hole in ECL Feature of Java VM Embedded in Lotus Notes Client R5
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html
Reference: BID:1994
Reference: URL:http://www.securityfocus.com/bid/1994

The Extended Control List (ECL) feature of the Java Virtual Machine
(JVM) in Lotus Notes Client R5 allows malicious web site operators to
determine the existence of files on the client by measuring delays in
the execution of the getSystemResource method.

Analysis
----------------
ED_PRI CAN-2000-1117 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1118
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1118
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001127 24Link Webserver
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0369.html

24Link 1.06 web server allows remote attackers to bypass access
restrictions by prepending strings such as "/+/" or "/." to the HTTP
GET request.

Analysis
----------------
ED_PRI CAN-2000-1118 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1129
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1129
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001123 McAfee WebShield SMTP vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0324.html
Reference: BID:1999
Reference: URL:http://www.securityfocus.com/bid/1999

McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of
service via a malformed recipient field.

Analysis
----------------
ED_PRI CAN-2000-1129 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1130
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1130
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001123 McAfee WebShield SMTP vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0324.html
Reference: BID:1993
Reference: URL:http://www.securityfocus.com/bid/1993

McAfee WebShield SMTP 4.5 allows remote attackers to bypass email
content filtering rules by including Extended ASCII characters in name
of the attachment.

Analysis
----------------
ED_PRI CAN-2000-1130 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1165
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1165
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001122 DoS possibility in syslog-ng
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0300.html
Reference: BID:1981
Reference: URL:http://www.securityfocus.com/bid/1981
Reference: CONFIRM:http://www.balabit.hu/products/syslog-ng/

Balabit syslog-ng allows remote attackers to cause a denial of service
(application crash) via a malformed log message that does not have a
closing > in the priority specifier.

Analysis
----------------
ED_PRI CAN-2000-1165 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1166
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1166
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001124 Security problems with TWIG webmail system
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0351.html
Reference: BID:1998
Reference: URL:http://www.securityfocus.com/bid/1998

Twig webmail system does not properly set the "vhosts" variable if it
is not configured on the site, which allows remote attackers to insert
arbitrary PHP (PHP3) code by specifying an alternate vhosts as an
argument to the index.php3 program.

Analysis
----------------
ED_PRI CAN-2000-1166 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1168
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1168
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001123 IBM HTTP Server 1.3.6 Remote Overflow
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97502498610979&w=2
Reference: BID:1988
Reference: URL:http://www.securityfocus.com/bid/1988

IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to
cause a denial of service and possibly execute arbitrary commands via
a long GET request.

Analysis
----------------
ED_PRI CAN-2000-1168 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2000-1173
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-1173
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20001219
Assigned: 20001214
Category: SF
Reference: BUGTRAQ:20001122 CyberPatrol - poor credit card protection
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0323.html
Reference: BID:1977
Reference: URL:http://www.securityfocus.com/bid/1977

Microsys CyberPatrol uses weak encryption (trivial encoding) for
credit card numbers and uses no encryption for the remainder of the
information during registration, which could allow attackers to sniff
network traffic and obtain this sensitive information.

Analysis
----------------
ED_PRI CAN-2000-1173 3
Vendor Acknowledgement:
Content Decisions: DESIGN-WEAK-ENCRYPTION, DESIGN-NO-ENCRYPTION

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:
Page Last Updated or Reviewed: May 22, 2007