|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] PROPOSAL: Cluster 31 - CFMISC (18 candidates)
The following candidates are miscellaneous configuration problems. Some are likely to get REJECTed. Others illustrate some challenges with respect to describing configuration problems, either at the right level of abstraction, or when the configuration provides some access to an individual, but only the enterprise can know if that particular individual should have that access. Most of these vulnerabilities are reported by security tools. Trust relationships/authentication shortcuts - CAN-1999-0515, CAN-1999-0539, CAN-1999-0547, CAN-1999-0583 Configuration anomalies - CAN-1999-0555, CAN-1999-0556, CAN-1999-0530, CAN-1999-0548, CAN-1999-0568, CAN-1999-0586 Not a vulnerability? - CAN-1999-0497, CAN-1999-0512, CAN-1999-0561, CAN-1999-0564, CAN-1999-0590 Information gathering/fingerprinting - CAN-1999-0531 Spaf's rule of thumb - CAN-1999-0565 - Steve Summary of votes to use (in ascending order of "severity"): ACCEPT - member accepts the candidate as proposed NOOP - member has no opinion on the candidate MODIFY - member wants to change some minor detail (e.g. reference/description) REVIEWING - member is reviewing/researching the candidate RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. ================================= Candidate: CAN-1999-0497 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF Anonymous FTP is enabled VOTE: ================================= Candidate: CAN-1999-0512 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF Mail relay is enabled, allowing abuse by spammers. VOTE: ================================= Candidate: CAN-1999-0515 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv. VOTE: ================================= Candidate: CAN-1999-0530 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF A system is operating in "promiscuous" mode which allows it to perform packet sniffing. VOTE: ================================= Candidate: CAN-1999-0531 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO. VOTE: ================================= Candidate: CAN-1999-0539 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF A trust relationship exists between two Unix hosts. VOTE: ================================= Candidate: CAN-1999-0547 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF An SSH server allows authentication through the .rhosts file. VOTE: ================================= Candidate: CAN-1999-0548 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF A superfluous NFS server is running, but it is not importing or exporting any file systems. VOTE: ================================= Candidate: CAN-1999-0555 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF A Unix account with a name other than "root" has UID 0, i.e. root privileges. VOTE: ================================= Candidate: CAN-1999-0556 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF Two or more Unix accounts have the same UID. VOTE: ================================= Candidate: CAN-1999-0561 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF IIS has the #exec function enabled for Server Side Include (SSI) files. VOTE: ================================= Candidate: CAN-1999-0564 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled. VOTE: ================================= Candidate: CAN-1999-0565 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF A Sendmail alias allows input to be piped to a program. VOTE: ================================= Candidate: CAN-1999-0568 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF rpc.admind in Solaris is not running in a secure mode. VOTE: ================================= Candidate: CAN-1999-0583 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF There is a one-way or two-way trust relationship between Windows NT domains. VOTE: ================================= Candidate: CAN-1999-0586 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF A network service is running on a nonstandard port. VOTE: ================================= Candidate: CAN-1999-0590 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990728 Assigned: 19990607 Category: CF A system does not present an appropriate legal message or warning to a user who is accessing it. VOTE:
|
||||
