[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PROPOSAL] Cluster RECENT-54 - 26 candidates

I have proposed cluster RECENT-54 for review and voting by the Editorial
Board.

Name: RECENT-54
Description: Candidates announced between 1/24/2001 and 2/6/2001
Size: 26

You may vote on candidates by modifying this email ballot and sending
it back to me, or by using the CVE voting web site.

The candidates are listed in order of priority.  Priority 1 and
Priority 2 candidates both deal with varying levels of vendor
confirmation, so they should be easy to review and it can be trusted
that the problems are real.

If you discover that any RECENT-XX cluster is incomplete with respect
to the problems discovered during the associated time frame, please
send that information to me so that candidates can be assigned.

- Steve


Summary of votes to use (in ascending order of "severity")
----------------------------------------------------------

ACCEPT - voter accepts the candidate as proposed
NOOP - voter has no opinion on the candidate
MODIFY - voter wants to change some MINOR detail (e.g. reference/description)
REVIEWING - voter is reviewing/researching the candidate, or needs more info
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

1) Please write your vote on the line that starts with "VOTE: ".  If
   you want to add comments or details, add them to lines after the
   VOTE: line.

2) If you see any missing references, please mention them so that they
   can be included.  References help greatly during mapping.

3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes.
   So if you don't have sufficient information for a candidate but you
   don't want to NOOP, use a REVIEWING.

********** NOTE ********** NOTE ********** NOTE ********** NOTE **********

Please keep in mind that your vote and comments will be recorded and
publicly viewable in the mailing list archives or in other formats.

======================================================
Candidate: CAN-2001-0179
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0179
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: ALLAIRE:ASB01-02
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=19546&Method=Full
Reference: XF:jrun-webinf-file-retrieval
Reference: URL:http://xforce.iss.net/static/6008.php

Allaire JRun 3.0 allows remote attackers to list contents of the
WEB-INF directory, and the web.xml file in the WEB-INF directory, via
a malformed URL that contains a "."

Analysis
----------------
ED_PRI CAN-2001-0179 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0191
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0191
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010202 Remote vulnerability in gnuserv/XEmacs
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0030.html
Reference: REDHAT:RHSA-2001:010
Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-010.html
Reference: REDHAT:RHSA-2001:011
Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-011.html
Reference: MANDRAKE:MDKSA-2001:019
Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-019.php3

gnuserv before 3.12, as shipped with XEmacs, does not properly check
the specified length of an X Windows MIT-MAGIC_COOKIE cookie, which
allows remote attackers to execute arbitrary commands via a buffer
overflow, or brute force authentication by using a short cookie
length.

Analysis
----------------
ED_PRI CAN-2001-0191 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0193
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0193
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010131 SuSe / Debian man package format string vulnerability
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98096782126481&w=2
Reference: DEBIAN:DSA-028-1
Reference: URL:http://www.debian.org/security/2001/dsa-028
Reference: BID:2327
Reference: URL:http://www.securityfocus.com/bid/2327

Format string vulnerability in man in some Linux distributions allows
local users to gain privileges via a malformed -l parameter.

Analysis
----------------
ED_PRI CAN-2001-0193 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0196
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0196
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: FREEBSD:FreeBSD-SA-01:11
Reference: URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:11.inetd.v1.1.asc
Reference: BID:2324
Reference: URL:http://www.securityfocus.com/bid/2324

inetd ident server in FreeBSD 4.x and earlier does not properly set
group permissions, which allows remote attackers to read the first 16
bytes of files that are accessible by the wheel group.

Analysis
----------------
ED_PRI CAN-2001-0196 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0218
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0218
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010126 format string vulnerability in mars_nwe 0.99pl19
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0456.html
Reference: FREEBSD:FreeBSD-SA-01:20
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-02/0081.html
Reference: XF:mars-nwe-format-string
Reference: URL:http://xforce.iss.net/static/6019.php

Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands.

Analysis
----------------
ED_PRI CAN-2001-0218 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0194
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0194
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: MANDRAKE:MDKSA-2001:020-1
Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-020.php3

Buffer overflow in httpGets function in CUPS 1.1.5 allows remote
attackers to execute arbitrary commands via a long input line.

Analysis
----------------
ED_PRI CAN-2001-0194 2
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0234
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0234
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010126 NewsDaemon remote administrator access
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0460.html
Reference: CONFIRM:http://sourceforge.net/forum/forum.php?forum_id=60570
Reference: XF:newsdaemon-gain-admin-access
Reference: URL:http://xforce.iss.net/static/6010.php

NewsDaemon before 0.21b allows remote attackers to execute arbitrary
SQL queries and gain privileges via a malformed user_username
parameter.

Analysis
----------------
ED_PRI CAN-2001-0234 2
Vendor Acknowledgement: yes

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0165
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0165
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010131 [SPSadvisory#40]Solaris7/8 ximp40 shared library buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0517.html
Reference: XF:solaris-ximp40-bo
Reference: URL:http://xforce.iss.net/static/6039.php
Reference: BID:2322
Reference: URL:http://www.securityfocus.com/bid/2322

Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8
allows local users to gain privileges via a long "arg0" (process name)
argument.

Analysis
----------------
ED_PRI CAN-2001-0165 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0167
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0167
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010129 [CORE SDI ADVISORY] WinVNC client buffer overflow
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98088315825366&w=2
Reference: BID:2305
Reference: URL:http://www.securityfocus.com/bid/2305
Reference: XF:winvnc-client-bo
Reference: URL:http://xforce.iss.net/static/6025.php

Buffer overflow in AT&T WinVNC (Virtual Network Computing) client
3.3.3r7 and earlier allows remote attackers to execute arbitrary
commands via a long rfbConnFailed packet with a long reason string.

Analysis
----------------
ED_PRI CAN-2001-0167 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0168
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0168
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010129 [CORE SDI ADVISORY] WinVNC server buffer overflow
Reference: URL:http://marc.theaimsgroup.com/?l=vnc-list&m=98080763005455&w=2
Reference: BID:2306
Reference: URL:http://www.securityfocus.com/bid/2306
Reference: XF:winvnc-server-bo
Reference: URL:http://xforce.iss.net/static/6026.php

Buffer overflow in AT&T WinVNC (Virtual Network Computing) server
3.3.3r7 and earlier allows remote attackers to execute arbitrary
commands via a long HTTP GET request when the DebugLevel registry key
is greater than 0.

Analysis
----------------
ED_PRI CAN-2001-0168 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0171
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0171
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010130 DOS Vulnerability in SlimServe HTTPd
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0505.html
Reference: XF:slimserve-httpd-dos
Reference: URL:http://xforce.iss.net/static/6028.php
Reference: BID:2318
Reference: URL:http://www.securityfocus.com/bid/2318

Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to
cause a denial of service, and possibly execute arbitrary commands,
via a long GET request.

Analysis
----------------
ED_PRI CAN-2001-0171 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0173
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0173
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010130 Nobreak Tecnologies CrazyWWWBoard Remote Buffer Overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0486.html
Reference: BID:2329
Reference: URL:http://www.securityfocus.com/bid/2329
Reference: XF:crazywwwboard-qdecoder-bo
Reference: URL:http://xforce.iss.net/static/6033.php

Buffer overflow in qDecoder library 5.08 and earlier, as used in
CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote
attackers to execute arbitrary commands via a long MIME Content-Type
header.

Analysis
----------------
ED_PRI CAN-2001-0173 3
Vendor Acknowledgement: unknown discloser-claimed patch

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0174
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0174
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010130 Security hole in Virus Buster 2001
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0500.html
Reference: XF:virusbuster-mua-bo
Reference: URL:http://xforce.iss.net/static/6034.php

Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote
attackers to cause a denial of service, and possibly execute arbitrary
commands, via a large "To" address.

Analysis
----------------
ED_PRI CAN-2001-0174 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0180
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0180
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010129 Remote Command Execution in guestserver.cgi + exploit
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0471.html
Reference: XF:guestserver-cgi-execute-commands
Reference: URL:http://xforce.iss.net/static/6027.php

Lars Ellingsen guestserver.cgi allows remote attackers to execute
arbitrary commands via shell metacharacters in the "email" parameter.

Analysis
----------------
ED_PRI CAN-2001-0180 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0186
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0186
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010204 Vulnerability in Free Java Web Server
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0061.html

Directory traversal vulnerability in Free Java Web Server 1.0 allows
remote attackers to read arbitrary files via a .. (dot dot) attack.

Analysis
----------------
ED_PRI CAN-2001-0186 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0192
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0192
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010201 XMail CTRLServer remote buffer overflow vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0047.html
Reference: CONFIRM:http://xmailserver.org/XMail-Readme.txt

Buffer overflows in CTRLServer in XMail allows attackers to execute
arbitrary commands via the cfgfileget or domaindel functions.

Analysis
----------------
ED_PRI CAN-2001-0192 3
Vendor Acknowledgement:
Content Decisions: SF-LOC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0198
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0198
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010131 [SPSadvisory#41]Apple Quick Time Plug-in Buffer Overflow
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98096678523370&w=2
Reference: XF:quicktime-embedded-tag-bo
Reference: URL:http://xforce.iss.net/static/6040.php
Reference: BID:2328
Reference: URL:http://www.securityfocus.com/bid/2328

Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows
remote attackers to execute arbitrary commands via a long HREF
paramater in an EMBED tag.

Analysis
----------------
ED_PRI CAN-2001-0198 3
Vendor Acknowledgement:

A followup indicated that the problem could not be reproduced, but it
was the English version, not the Japanese.  So, this could be specific
to the Japanese version.

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0199
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0199
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010204 Vulnerability in SEDUM HTTP Server
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0064.html
Reference: BID:2335
Reference: URL:http://www.securityfocus.com/bid/2335

Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows
remote attackers to read arbitrary files via a .. (dot dot) attack in
the HTTP GET request.

Analysis
----------------
ED_PRI CAN-2001-0199 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0200
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0200
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010204 Web root exposure in HSWeb Webserver
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0052.html
Reference: BID:2336
Reference: URL:http://www.securityfocus.com/bid/2336

HSWeb 2.0 HTTP server allows remote attackers to obtain the physical
path of the server via a request to the /cgi/ directory, which will
list the path if directory browsing is enabled.

Analysis
----------------
ED_PRI CAN-2001-0200 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0202
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0202
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010205 Vulnerability in Picserver
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0073.html
Reference: BID:2339
Reference: URL:http://www.securityfocus.com/bid/2339

Picserver web server allows remote attackers to read arbitrary files
via a .. (dot dot) attack in an HTTP GET request.

Analysis
----------------
ED_PRI CAN-2001-0202 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0205
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0205
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010206 Vulnerability in AOLserver
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98148759123258&w=2
Reference: BUGTRAQ:20010208 Vulnerability in AOLserver
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98168216003867&w=2
Reference: BID:2343
Reference: URL:http://www.securityfocus.com/bid/2343

Directory traversal vulnerability in AOLserver 3.2 and earlier allows
remote attackers to read arbitrary files by inserting "..." into the
requested pathname, a modified .. (dot dot) attack.

Analysis
----------------
ED_PRI CAN-2001-0205 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0213
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0213
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:200101125 [SAFER] Security Bulletin 010125.EXP.1.12
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0421.html
Reference: XF:planetintra-pi-bo
Reference: URL:http://xforce.iss.net/static/6002.php

Buffer overflow in pi program in PlanetIntra 2.5 allows remote
attackers to execute arbitrary commands.

Analysis
----------------
ED_PRI CAN-2001-0213 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0226
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0226
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010205 Vulnerabilities in BiblioWeb Server
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0075.html

Directory traversal vulnerability in BiblioWeb web server 2.0 allows
remote attackers tor ead arbitrary files via a .. (dot dot) or
... attack in an HTTP GET request.

Analysis
----------------
ED_PRI CAN-2001-0226 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0227
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0227
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010205 Vulnerabilities in BiblioWeb Server
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0075.html

Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to
cause a denial of service and possibly execute arbitrary commands via
a long HTTP GET request.

Analysis
----------------
ED_PRI CAN-2001-0227 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0228
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0228
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010202 GoAhead Web Server Directory Traversal Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0022.html

Directory traversal vulnerability in GoAhead web server 2.1 and
earlier allows remote attackers to read arbitrary files via a
.. attack in an HTTP GET request.

Analysis
----------------
ED_PRI CAN-2001-0228 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0229
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0229
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010206 Security hole in ChiliSoft ASP on Linux.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0112.html

Chili!Soft ASP for Linux before 3.6 does not properly set group
privileges when running in inherited mode, which could allow attackers
to gain privileges via malicious scripts.

Analysis
----------------
ED_PRI CAN-2001-0229 3
Vendor Acknowledgement: unknown discloser-claimed

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:
Page Last Updated or Reviewed: May 22, 2007