|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] FINAL DECISION: ACCEPT 6 candidates from VEN-SGI cluster
I have made a Final Decision to ACCEPT the following candidates. These candidates are now assigned CVE names as noted below. Voting details and comments are provided afterwards. The CVE names for candidates that reach Final Decision should be regarded as stable. In the case of these and all other candidates that reach Final Decision during this validation period, accepted candidates won't reach Publication phase until the CVE goes fully public. The only difference between Publication and Final Decision is that the CVE name is officially "announced" by MITRE during Publication. - Steve Candidate CVE Name Votes --------- ---------- ----- CAN-1999-0044 CVE-1999-0044 ACCEPT(3) MODIFY(1) CAN-1999-0215 CVE-1999-0215 ACCEPT(3) MODIFY(1) CAN-1999-0327 CVE-1999-0327 ACCEPT(3) MODIFY(1) CAN-1999-0329 CVE-1999-0329 ACCEPT(3) MODIFY(1) CAN-1999-0413 CVE-1999-0413 ACCEPT(3) MODIFY(1) CAN-1999-0463 CVE-1999-0463 ACCEPT(3) MODIFY(1) ================================= Candidate: CAN-1999-0044 Published: Final-Decision: 19990706 Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19970301-01-P Reference: XF:sgi-fsdump fsdump command in IRIX allows local users to obtain root access by modifying sensitive files. Modifications: CHANGEREF HP:19970301-01-P SGI:19970301-01-P CHANGEREF ISS:sgi-fsdump XF:sgi-fsdump VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> HP reference should probably be SGI Frech> ISS reference should be XF ================================= Candidate: CAN-1999-0215 Published: Final-Decision: 19990706 Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19981004-01-PX Reference: CIAC:J-012 Reference: XF:ripapp Routed allows attackers to append data to files. Modifications: ADDREF XF:ripapp VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:ripapp ================================= Candidate: CAN-1999-0327 Published: Final-Decision: 19990706 Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19971103-01-PX Reference: XF:sgi-syserr SGI syserr program allows local users to corrupt files. Modifications: ADDREF XF:sgi-syserr VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:sgi-syserr ================================= Candidate: CAN-1999-0329 Published: Final-Decision: 19990706 Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19980602-01-PX Reference: XF:sgi-mediad SGI mediad program allows local users to gain root access. Modifications: ADDREF XF:sgi-mediad VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:sgi-mediad ================================= Candidate: CAN-1999-0413 Published: Final-Decision: 19990706 Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19990301-01-PX Reference: XF:irix-font-path-overflow A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. Modifications: ADDREF XF:irix-font-path-overflow VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:irix-font-path-overflow ================================= Candidate: CAN-1999-0463 Published: Final-Decision: 19990706 Interim-Decision: 19990630 Modified: Announced: 19990617 Assigned: 19990607 Category: SF Reference: SGI:19981201-01-PX Reference: XF:sgi-fcagent-dos Remote attackers can perform a denial of service using IRIX fcagent. Modifications: ADDREF XF:sgi-fcagent-dos VOTES: ACCEPT (3) Shostack, Northcutt, Christey MODIFY (1) Frech COMMENTS: Frech> Reference: XF:sgi-fcagent-dos
|
||||
