RE: Cluster 06: VEN-others

To: cve-review@linus.mitre.org
Subject: RE: Cluster 06: VEN-others
From: "Prosser, Mike" <mike.prosser@L-3Security.com>
Date: Wed, 30 Jun 1999 16:40:37 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----Original Message-----
From: Steven M. Christey [mailto:coley@linus.mitre.org]
Sent: Thursday, June 17, 1999 2:11 PM
To: cve-review@linus.mitre.org
Subject: Cluster 06: VEN-others

This cluster has 2 vulnerabilities.

- ------------------------------------------
Candidate: CAN-1999-0358
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: BUGTRAQ:Jan29,1999
Reference: COMPAQ:SSRT0583U

Digital Unix 4.0 has a buffer overflow in the inc program of the mh
package.

Modify:  Ref'd SSRT has an 'at' vulnerable as well supposedly fixed by
the patch.  Shouldn't this be included as a seperate CVE in this
cluster. ref:BugTraq "Digital Unix Buffer Overflows: Exploits" from
Lamont Granquist for both as well.

- ------------------------------------------
Candidate: CAN-1999-0433
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: SUSE:Mar28,1999
Reference: BUGTRAQ:Mar21,1999

XFree86 startx command is vulnerable to a symlink attack, allowing
local
users to create files in restricted directories, possibly allowing
them to gain privileges or cause a denial of service.

Accept

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2

iQA/AwUBN3qQ3RIUaHPadf5hEQKsIwCghsEhK1K5DADqO/8j4ioyDiO+mGgAoIpD
1CHkMIMD9JCdpP69rSmrLSVF
=EBBr
-----END PGP SIGNATURE-----

Prev by Date: RE: Cluster 02: VEN-AIX
Next by Date: Re: Cluster 02: VEN-AIX
Prev by thread: Re: Cluster 06: VEN-others
Next by thread: Cluster 07: VEN-ROUTER
Index(es):
- Date
- Thread

Page Last Updated: May 22, 2007

Common Vulnerabilities and Exposures

RE: Cluster 06: VEN-others