[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PROPOSAL] Cluster RECENT-55 - 27 candidates

To: cve-editorial-board-list@lists.mitre.org
Subject: [PROPOSAL] Cluster RECENT-55 - 27 candidates
From: "Steven M. Christey" <coley@linus.mitre.org>
Date: Fri, 9 Mar 2001 00:31:41 -0500 (EST)
Delivery-Date: Fri Mar 9 00:31:50 2001
Sender: owner-cve-editorial-board-list@lists.mitre.org
I have proposed cluster RECENT-55 for review and voting by the Editorial
Board.

Name: RECENT-55
Description: Candidates announced between 2/7/2001 and 3/8/2001
Size: 27

You may vote on candidates by modifying this email ballot and sending
it back to me, or by using the CVE voting web site.

The candidates are listed in order of priority.  Priority 1 and
Priority 2 candidates both deal with varying levels of vendor
confirmation, so they should be easy to review and it can be trusted
that the problems are real.

If you discover that any RECENT-XX cluster is incomplete with respect
to the problems discovered during the associated time frame, please
send that information to me so that candidates can be assigned.

- Steve


Summary of votes to use (in ascending order of "severity")
----------------------------------------------------------

ACCEPT - voter accepts the candidate as proposed
NOOP - voter has no opinion on the candidate
MODIFY - voter wants to change some MINOR detail (e.g. reference/description)
REVIEWING - voter is reviewing/researching the candidate, or needs more info
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.

1) Please write your vote on the line that starts with "VOTE: ".  If
   you want to add comments or details, add them to lines after the
   VOTE: line.

2) If you see any missing references, please mention them so that they
   can be included.  References help greatly during mapping.

3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes.
   So if you don't have sufficient information for a candidate but you
   don't want to NOOP, use a REVIEWING.

********** NOTE ********** NOTE ********** NOTE ********** NOTE **********

Please keep in mind that your vote and comments will be recorded and
publicly viewable in the mailing list archives or in other formats.

======================================================
Candidate: CAN-2001-0002
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0002
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010104
Category: SF/CF/MP/SA/AN/unknown
Reference: MS:MS01-015
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-015.asp
Reference: BUGTRAQ:20001120 IE 5.x/Outlook allows executing arbitrary programs using .chm
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97475003815911&w=2

Internet Explorer 5.5 and earlier allows remote attackers to obtain
the physical location of cached content and open the content in the
Local Computer Zone, then use compiled HTML help (.chm) files to
execute arbitrary programs.

Analysis
----------------
ED_PRI CAN-2001-0002 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0018
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0018
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010127
Category: SF
Reference: MS:MS01-011
Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-011.asp

Windows 2000 domain controller in Windows 2000 Server, Advanced
Server, or Datacenter Server allows remote attackers to cause a denial
of service via a flood of malformed service requests.

Analysis
----------------
ED_PRI CAN-2001-0018 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0146
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0146
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010210
Category: SF
Reference: MS:MS01-014
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-014.asp

IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a
denial of service (memory allocation error) by repeatedly sending a
series of specially formatted URL's.

Analysis
----------------
ED_PRI CAN-2001-0146 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0148
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0148
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010210
Category: SF/CF/MP/SA/AN/unknown
Reference: BUGTRAQ:20010101 Windows Media Player 7 and IE vulnerability - executing arbitrary programs
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-01/0000.html
Reference: MS:MS01-015
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-015.asp

The WMP ActiveX Control in Windows Media Player 7 allows remote
attackers to execute commands in Internet Explorer via javascript
URLs, a variant of the "Frame Domain Verification" vulnerability.

Analysis
----------------
ED_PRI CAN-2001-0148 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0149
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0149
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010210
Category: SF/CF/MP/SA/AN/unknown
Reference: BUGTRAQ:20000926 IE 5.5/Outlook Express security vulnerability - GetObject() expose user's files
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0305.html
Reference: NTBUGTRAQ:20000926 IE 5.5/Outlook Express security vulnerability - GetObject() expose user's files
Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=96999020527583&w=2
Reference: MS:MS01-015
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-015.asp

Windows Scripting Host in Internet Explorer 5.5 and earlier allows
remote attackers to read arbitrary files via the GetObject Javascript
function and the htmlfile ActiveX object.

Analysis
----------------
ED_PRI CAN-2001-0149 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0150
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0150
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010210
Category: SF/CF/MP/SA/AN/unknown
Reference: MS:MS01-015
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-015.asp

Internet Explorer 5.5 and earlier executes Telnet sessions using
command line arguments that are specified by the web site, which could
allow remote attackers to execute arbitrary commands if the IE client
is using the Telnet client provided in Services for Unix (SFU) 2.0,
which creates session transcripts.

Analysis
----------------
ED_PRI CAN-2001-0150 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0151
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0151
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010210
Category: SF/CF/MP/SA/AN/unknown
Reference: MS:MS01-016
Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-016.asp

IIS 5.0 allows remote attackers to cause a denial of service via a
series of malformed WebDAV requests.

Analysis
----------------
ED_PRI CAN-2001-0151 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0220
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0220
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: FREEBSD:FreeBSD-SA-01:21
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-02/0082.html

Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local
users to gain root privileges.

Analysis
----------------
ED_PRI CAN-2001-0220 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0221
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0221
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: FREEBSD:FreeBSD-SA-01:19
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-02/0079.html

Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to
gain root privileges.

Analysis
----------------
ED_PRI CAN-2001-0221 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0230
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0230
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: FREEBSD:FreeBSD-SA-01:22
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2001-02/0083.html

Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly
other operating systems, allows local users to gain privileges.

Analysis
----------------
ED_PRI CAN-2001-0230 1
Vendor Acknowledgement: yes advisory

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0164
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0164
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010307
Category: SF/CF/MP/SA/AN/unknown
Reference: ATSTAKE:A030701-1
Reference: URL:http://www.atstake.com/research/advisories/2001/a030701-1.txt

Buffer overflow in Netscape Directory Server 4.12 and earlier allows
remote attackers to cause a denial of service or execute arbitrary
commands via a malformed recipient field.

Analysis
----------------
ED_PRI CAN-2001-0164 2
Vendor Acknowledgement: yes patch

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0001
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0001
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010103
Category: SF/CF/MP/SA/AN/unknown
Reference: BUGTRAQ:20010213 RFP2101: RFPlutonium to fuel your PHP-Nuke
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0257.html

cookiedecode function in PHP-Nuke 4.4 allows users to bypass
authentication and gain access to other user accounts by extracting
the authentication information from a cookie.

Analysis
----------------
ED_PRI CAN-2001-0001 3
Vendor Acknowledgement: no

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0155
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0155
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010216
Category: SF/CF/MP/SA/AN/unknown
Reference: ATSTAKE:A021601-1
Reference: URL:http://www.atstake.com/research/advisories/2001/a021601-1.txt

Format string vulnerability in VShell SSH gateway 1.0.1 and earlier
allows remote attackers to execute arbitrary commands via a long user
name.

Analysis
----------------
ED_PRI CAN-2001-0155 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0156
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0156
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010216
Category: SF/CF/MP/SA/AN/unknown
Reference: ATSTAKE:A021601-1
Reference: URL:http://www.atstake.com/research/advisories/2001/a021601-1.txt

VShell SSH gateway 1.0.1 and earlier has a default port forwarding
rule of 0.0.0.0/0.0.0.0, which could allow local users conduct
arbitrary port forwarding to other systems.

Analysis
----------------
ED_PRI CAN-2001-0156 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0157
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0157
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010301
Category: SF/CF/MP/SA/AN/unknown
Reference: ATSTAKE:A030101-1
Reference: URL:http://www.atstake.com/research/advisories/2001/a030101-1.txt

Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier
allows attackers with physical access to a Palm device to bypass
access restrictions and obtain passwords, even if the system lockout
mechanism is enabled.

Analysis
----------------
ED_PRI CAN-2001-0157 3
Vendor Acknowledgement: unknown

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0204
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0204
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010214 def-2001-07: Watchguard Firebox II PPTP DoS
Reference: URL:http://www.securityfocus.com/archive/1/162965
Reference: BID:2369
Reference: URL:http://www.securityfocus.com/bid/2369

Watchguard Firebox II allows remote attackers to cause a denial of
service by establishing multiple connections and sending malformed
PPTP packets.

Analysis
----------------
ED_PRI CAN-2001-0204 3
Vendor Acknowledgement: unknown discloser-claimed

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0206
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0206
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010207 Vulnerability in Soft Lite ServerWorx
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0137.html
Reference: BID:2346
Reference: URL:http://www.securityfocus.com/bid/2346

Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows
remote attackers to read arbitrary files by inserting a .. (dot dot)
or ... into the requested pathname of an HTTP GET request.

Analysis
----------------
ED_PRI CAN-2001-0206 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0208
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0208
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: CF
Reference: BUGTRAQ:20010211 Security Hole in Microfocus Cobol
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0205.html
Reference: BID:2359
Reference: URL:http://www.securityfocus.com/bid/2359

MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the
mfaslmf directory and the nolicense file with insecure permissions,
which allows local users to gain privileges by modifying files.

Analysis
----------------
ED_PRI CAN-2001-0208 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0210
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0210
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010212 Commerce.cgi Directory Traversal
Reference: URL:http://www.securityfocus.com/archive/1/162259
Reference: BID:2361
Reference: URL:http://www.securityfocus.com/bid/2361

Directory traversal vulnerability in commerce.cgi CGI program allows
remote attackers to read arbitrary files via a .. (dot dot) attack in
the page parameter.

Analysis
----------------
ED_PRI CAN-2001-0210 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0211
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0211
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010212 WebSPIRS CGI script "show files" Vulnerability.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0217.html
Reference: BID:2362
Reference: URL:http://www.securityfocus.com/bid/2362

Directory traversal vulnerability in WebSPIRS 3.1 allows remote
attackers to read arbitrary files via a .. (dot dot) attack on the
sp.nextform parameter.

Analysis
----------------
ED_PRI CAN-2001-0211 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0212
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0212
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010212 HIS Auktion 1.62: "show files" vulnerability and remote command execute.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0218.html
Reference: BID:2367
Reference: URL:http://www.securityfocus.com/bid/2367

Directory traversal vulnerability in HIS Auktion 1.62 allows remote
attackers to read arbitrary files via a .. (dot dot) in the menue
parameter, and possibly execute commands via shell metacharacters.

Analysis
----------------
ED_PRI CAN-2001-0212 3
Vendor Acknowledgement:
Content Decisions: SF-LOC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0214
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0214
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010212 Way board: "show files" Vulnerability with null bite bug
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0212.html
Reference: BID:2370
Reference: URL:http://www.securityfocus.com/bid/2370

Way-board CGI program allows remote attackers to read arbitrary files
by specifying the filename in the db parameter and terminating the
filename with a null byte.

Analysis
----------------
ED_PRI CAN-2001-0214 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0215
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0215
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010212 ROADS search system "show files" Vulnerability with "null bite" bug
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0213.html
Reference: BID:2371
Reference: URL:http://www.securityfocus.com/bid/2371

ROADS search.pl program allows remote attackers to read arbitrary
files by specifying the file name in the form parameter and
terminating the filename with a null byte.

Analysis
----------------
ED_PRI CAN-2001-0215 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0216
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0216
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010212 PALS Library System "show files" Vulnerability and remote command execution
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0220.html
Reference: BID:2372
Reference: URL:http://www.securityfocus.com/bid/2372

PALS Library System pals-cgi program allows remote attackers to
execute arbitrary commands via shell metacharacters in the
documentName parameter.

Analysis
----------------
ED_PRI CAN-2001-0216 3
Vendor Acknowledgement:
Content Decisions: SF-LOC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0217
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0217
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010212 PALS Library System "show files" Vulnerability and remote command execution
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0220.html
Reference: BID:2372
Reference: URL:http://www.securityfocus.com/bid/2372

Directory traversal vulnerability in PALS Library System pals-cgi
program allows remote attackers to read arbitrary files via a .. (dot
dot) in the documentName parameter.

Analysis
----------------
ED_PRI CAN-2001-0217 3
Vendor Acknowledgement:
Content Decisions: SF-LOC

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0224
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0224
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010212 Vulnerability in Muscat Empower wich can print path to DB-dir.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0216.html
Reference: BID:2374
Reference: URL:http://www.securityfocus.com/bid/2374

Muscat Empower CGI program allows remote attackers to obtain the
absolute pathname of the server via an invalid request in the DB
parameter.

Analysis
----------------
ED_PRI CAN-2001-0224 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:

======================================================
Candidate: CAN-2001-0225
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0225
Final-Decision:
Interim-Decision:
Modified:
Proposed: 20010309
Assigned: 20010308
Category: SF
Reference: BUGTRAQ:20010207 Infobot 0.44.5.3/below remotely vulnerable (also in FreeBSD ports tree)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0127.html
Reference: BID:2349
Reference: URL:http://www.securityfocus.com/bid/2349

fortran math component in Infobot 0.44.5.3 and earlier allows remote
attackers to execute arbitrary commands via shell metacharacters.

Analysis
----------------
ED_PRI CAN-2001-0225 3
Vendor Acknowledgement:

Voting Section
--------------
Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT
If ACCEPT or MODIFY, include reason for acceptance:
  VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST,
  HAS-INDEPENDENT-CONFIRMATION, or provide other reason.

VOTE:
ACCEPT_REASON:

COMMENTS:
Prev by Date: [PROPOSAL] Cluster RECENT-54 - 26 candidates
Next by Date: [CVEPRI] Board member attendees list needed
Prev by thread: [PROPOSAL] Cluster RECENT-54 - 26 candidates
Next by thread: [CVEPRI] Board member attendees list needed
Index(es):
- Date
- Thread