|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] FINAL DECISION: ACCEPT 45 various candidates
I have made a Final Decision to ACCEPT the following candidates. Most of them now have 3 non-MITRE votes; those with 2 non-MITRE votes satisfy the minimum requirements (i.e. vendor confirmation and/or tool usage). These candidates are now assigned CVE names as noted below. Voting details and comments are provided afterwards. The CVE names for candidates that reach Final Decision should be regarded as stable. In the case of these and all other candidates that reach Final Decision during this validation period, accepted candidates won't reach Publication phase until CVE goes fully public. The only difference between Publication and Final Decision is that the CVE name is officially "announced" by MITRE during Publication. - Steve Candidate CVE Name --------- ---------- CAN-1999-0002 CVE-1999-0002 CAN-1999-0042 CVE-1999-0042 CAN-1999-0048 CVE-1999-0048 CAN-1999-0125 CVE-1999-0125 CAN-1999-0153 CVE-1999-0153 CAN-1999-0173 CVE-1999-0173 CAN-1999-0174 CVE-1999-0174 CAN-1999-0177 CVE-1999-0177 CAN-1999-0178 CVE-1999-0178 CAN-1999-0179 CVE-1999-0179 CAN-1999-0180 CVE-1999-0180 CAN-1999-0191 CVE-1999-0191 CAN-1999-0194 CVE-1999-0194 CAN-1999-0211 CVE-1999-0211 CAN-1999-0217 CVE-1999-0217 CAN-1999-0218 CVE-1999-0218 CAN-1999-0221 CVE-1999-0221 CAN-1999-0224 CVE-1999-0224 CAN-1999-0234 CVE-1999-0234 CAN-1999-0236 CVE-1999-0236 CAN-1999-0239 CVE-1999-0239 CAN-1999-0265 CVE-1999-0265 CAN-1999-0266 CVE-1999-0266 CAN-1999-0272 CVE-1999-0272 CAN-1999-0274 CVE-1999-0274 CAN-1999-0288 CVE-1999-0288 CAN-1999-0292 CVE-1999-0292 CAN-1999-0299 CVE-1999-0299 CAN-1999-0349 CVE-1999-0349 CAN-1999-0366 CVE-1999-0366 CAN-1999-0372 CVE-1999-0372 CAN-1999-0375 CVE-1999-0375 CAN-1999-0376 CVE-1999-0376 CAN-1999-0379 CVE-1999-0379 CAN-1999-0382 CVE-1999-0382 CAN-1999-0384 CVE-1999-0384 CAN-1999-0385 CVE-1999-0385 CAN-1999-0386 CVE-1999-0386 CAN-1999-0392 CVE-1999-0392 CAN-1999-0402 CVE-1999-0402 CAN-1999-0442 CVE-1999-0442 CAN-1999-0457 CVE-1999-0457 CAN-1999-0487 CVE-1999-0487 CAN-1999-0496 CVE-1999-0496 CAN-1999-0566 CVE-1999-0566 ================================= Candidate: CAN-1999-0002 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: CERT:CA-98.12.mountd Reference: XF:linux-mountd-bo Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. VOTES: ACCEPT(3) Frech, Northcutt, Landfield NOOP(1) Wall ================================= Candidate: CAN-1999-0042 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: NAI:NAI-21 Reference: CERT:CA-97.09.imap_pop Reference: XF:popimap-bo Buffer overflow in University of Washington's implementation of IMAP and POP servers. VOTES: ACCEPT(3) Wall, Frech, Landfield ================================= Candidate: CAN-1999-0048 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990925-01 Proposed: 19990714 Assigned: 19990607 Category: SF Reference: CERT:CA-97.04.talkd Reference: FreeBSD:FreeBSD-SA-96:21 Reference: AUSCERT:AA-97.01 Reference: SUN:00147 Reference: XF:talkd-bo Reference: XF:netkit-talkd Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. Modifications: ADDREF XF:netkit-talkd VOTES: ACCEPT(1) Northcutt MODIFY(2) Frech, Landfield NOOP(1) Shostack COMMENTS: Frech> Add to references: Frech> XF:netkit-talkd Landfield> as per Frech comments ================================= Candidate: CAN-1999-0125 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990726 Assigned: 19990607 Category: SF Reference: XF:sgi-mailx-bo Reference: SGI:19980605-01-PX Buffer overflow in SGI IRIX mailx program. Modifications: CHANGEREF XF:si-mailx-bo XF:sgi-mailx-bo VOTES: ACCEPT(1) Ozancin MODIFY(2) Frech, Landfield NOOP(1) Wall COMMENTS: Frech> Change XF:si-mailx-bo to XF:sgi-mailx-bo Landfield> as per Frech comments ================================= Candidate: CAN-1999-0153 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: XF:win-oob Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. Modifications: ADDREF XF:win-oob VOTES: ACCEPT(4) Hill, Wall, Northcutt, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:win-oob ================================= Candidate: CAN-1999-0173 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-cgi-formmail-use FormMail CGI program can be used by web servers other than the host server that the program resides on. VOTES: ACCEPT(3) Northcutt, Frech, Landfield NOOP(1) Prosser ================================= Candidate: CAN-1999-0174 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-cgi-viewsrc The view-source CGI program allows remote attackers to read any file on the system that is internally accessible by the web server. Modifications: ADDREF XF:http-cgi-viewsrc VOTES: ACCEPT(2) Northcutt, Landfield MODIFY(1) Frech NOOP(1) Prosser COMMENTS: Frech> XF:http-cgi-viewsrc ================================= Candidate: CAN-1999-0177 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-website-uploader The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs. VOTES: ACCEPT(3) Northcutt, Frech, Landfield NOOP(1) Prosser ================================= Candidate: CAN-1999-0178 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-website-winsample The win-c-sample program in the WebSite web server has a buffer overflow that allows remote execution of commands. VOTES: ACCEPT(2) Northcutt, Frech NOOP(2) Prosser, Landfield ================================= Candidate: CAN-1999-0179 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: MSKB:Q140818 Reference: XF:nt-samba-dotdot Reference: XF:nt-351 Reference: XF:nt-35 Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. Modifications: ADDREF XF:nt-351 ADDREF XF:nt-35 VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> Also add: Frech> XF:nt-351 Frech> XF:nt-35 ================================= Candidate: CAN-1999-0180 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990714 Assigned: 19990607 Category: SF Reference: XF:rsh-null in.rshd allows users to login with a NULL username and execute commands. Modifications: ADDREF XF:rsh-null VOTES: ACCEPT(2) Northcutt, Landfield MODIFY(2) Shostack, Frech NOOP(1) Christey COMMENTS: Shostack> more info Frech> XF:rsh-null Christey> More details are not available, although this is confirmed in Christey> a security tool of a non-Board member. ================================= Candidate: CAN-1999-0191 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-cgi-newdsn IIS newdsn.exe CGI script allows remote users to overwrite files. Modifications: ADDREF XF:http-cgi-newdsn VOTES: ACCEPT(2) Northcutt, Landfield MODIFY(1) Frech NOOP(1) Prosser COMMENTS: Frech> XF:http-cgi-newdsn ================================= Candidate: CAN-1999-0194 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990714 Assigned: 19990607 Category: SF Reference: XF:comsat Denial of service in in.comsat allows attackers to generate messages. Modifications: ADDREF XF:comsat VOTES: ACCEPT(2) Shostack, Landfield MODIFY(1) Frech NOOP(2) Northcutt, Wall COMMENTS: Frech> XF:comsat ================================= Candidate: CAN-1999-0211 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990714 Assigned: 19990607 Category: SF Reference: CERT:CA-94.02.REVISED.SunOS.rpc.mountd.vulnerability Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone. Modifications: DESC per Adam's comments ADDREF CERT:CA-94.02.REVISED.SunOS.rpc.mountd.vulnerability VOTES: ACCEPT(2) Northcutt, Landfield MODIFY(1) Shostack REVIEWING(1) Frech COMMENTS: Shostack> caused server to export to world ================================= Candidate: CAN-1999-0217 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990714 Assigned: 19990607 Category: SF Reference: XF:udp-bomb Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. Modifications: ADDREF XF:udp-bomb VOTES: MODIFY(2) Shostack, Frech NOOP(3) Northcutt, Wall, Landfield COMMENTS: Shostack> make Andre give us a reference. :) Frech> XF:udp-bomb ================================= Candidate: CAN-1999-0218 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990714 Assigned: 19990607 Category: SF Reference: XF:portmaster-reboot Livingston portmaster machines could be rebooted via a series of commands. Modifications: ADDREF XF:portmaster-reboot VOTES: ACCEPT(2) Shostack, Landfield MODIFY(1) Frech NOOP(2) Northcutt, Wall COMMENTS: Frech> XF:portmaster-reboot ================================= Candidate: CAN-1999-0221 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: XF:ascend-150-kill Denial of service of Ascend routers through port 150 (remote administration). Modifications: ADDREF XF:ascend-150-kill VOTES: ACCEPT(3) Hill, Meunier, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:ascend-150-kill ================================= Candidate: CAN-1999-0224 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: XF:nt-messenger Denial of service in Windows NT messenger service through a long username. Modifications: ADDREF XF:nt-messenger VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:nt-messenger ================================= Candidate: CAN-1999-0234 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: XF:bash-cmd Reference: CERT:CA-96.22.bash_vuls Bash treats any character with a value of 255 as a command separator. VOTES: ACCEPT(3) Ozancin, Frech, Landfield NOOP(1) Wall ================================= Candidate: CAN-1999-0236 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990623 Assigned: 19990607 Category: SF Reference: XF:http-scriptalias ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. VOTES: ACCEPT(3) Northcutt, Frech, Landfield NOOP(1) Prosser ================================= Candidate: CAN-1999-0239 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990714 Assigned: 19990607 Category: SF Reference: XF:fastrack-get-directory-list Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET. Modifications: ADDREF XF:fastrack-get-directory-list VOTES: MODIFY(2) Shostack, Frech NOOP(3) Northcutt, Wall, Landfield COMMENTS: Shostack> needs ref Frech> XF:fastrack-get-directory-list (note only one 't' in 'fastrack') ================================= Candidate: CAN-1999-0265 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990726 Assigned: 19990607 Category: SF Reference: MSKB:Q154174 Reference: ISS:ICMP Redirects Against Embedded Controllers Reference: XF:icmp-redirect ICMP redirect messages may crash or lock up a host. Modifications: ADDREF MSKB:Q154174 ADDREF ISS:ICMP Redirects Against Embedded Controllers DELREF XF:icmp-redirects VOTES: ACCEPT(1) Landfield MODIFY(2) Wall, Frech COMMENTS: Wall> Reference Q154174 Frech> Remove XF:icmp-redirects Frech> Add ISS: ICMP Redirects Against Embedded Controllers ================================= Candidate: CAN-1999-0266 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990714 Assigned: 19990607 Category: SF Reference: XF:http-cgi-info2www The info2www CGI script allows remote file access or remote command execution. Modifications: ADDREF XF:http-cgi-info2www VOTES: ACCEPT(2) Northcutt, Landfield MODIFY(1) Frech NOOP(1) Shostack COMMENTS: Frech> XF:http-cgi-info2www ================================= Candidate: CAN-1999-0272 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: XF:slmail-username-bo Denial of service in Slmail v2.5 through the POP3 port. Modifications: ADDREF XF:slmail-username-bo VOTES: ACCEPT(2) Hill, Meunier MODIFY(1) Frech NOOP(1) Landfield COMMENTS: Frech> XF:slmail-username-bo ================================= Candidate: CAN-1999-0274 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: NAI:NAI-5 Reference: XF:nt-dns-dos Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made. Modifications: ADDREF XF:nt-dns-dos VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:nt-dns-dos ================================= Candidate: CAN-1999-0288 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: XF:nt-winsupd-fix Denial of service in WINS with malformed data to port 137 (NETBIOS Name Service). Modifications: ADDREF XF:nt-winsupd-fix VOTES: ACCEPT(3) Hill, Meunier, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:nt-winsupd-fix ================================= Candidate: CAN-1999-0292 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: XF:nt-winpopup Denial of service through Winpopup using large user names. Modifications: ADDREF XF:nt-winpopup VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:nt-winpopup ================================= Candidate: CAN-1999-0299 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: NAI:NAI-9 Buffer overflow in FreeBSD lpd through long DNS hostnames. VOTES: ACCEPT(2) Wall, Ozancin NOOP(1) Landfield REVIEWING(1) Frech COMMENTS: Frech> Can't find in database. See Frech> http://www.nai.com/nai_labs/asp_set/advisory/09_lpd_adv.asp ================================= Candidate: CAN-1999-0349 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: EEYE:IIS Remote FTP Exploit/DoS Attack Reference: MS:MS99-003 Reference: MSKB:Q188348 Reference: BUGTRAQ:Jan27,1999 Reference: XF:iis-remote-ftp A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. Modifications: ADDREF XF:iis-remote-ftp VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech NOOP(1) Christey COMMENTS: Frech> XF:iis-remote-ftp Frech> It is extremely hard to find articles by their dates, especially Frech> for heavily trafficked groups like *Bugtraq. Is it possible to convert them Frech> to titles instead? Christey> Future references to Bugtraq postings will try to encode the Christey> date and the subject. URLs are too unstable to reference Christey> directly. ================================= Candidate: CAN-1999-0366 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: MS:MS99-004 Reference: MSKB:Q214840 Reference: XF:nt-sp4-auth-error In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. Modifications: ADDREF XF:nt-sp4-auth-error VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:nt-sp4-auth-error ================================= Candidate: CAN-1999-0372 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: MS:MS99-005 Reference: XF:nt-backoffice-setup Reference: MSKB:Q217004 The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. Modifications: ADDREF XF:nt-backoffice-setup ADDREF MSKB:Q217004 DESC list reboot.ini file VOTES: ACCEPT(2) Hill, Landfield MODIFY(2) Wall, Frech COMMENTS: Wall> "The installer for BackOffice Server 4.0 includes account names Wall> and passwords in a setup file (reboot.ini) which is not deleted." Wall> Also reference Q217004 Frech> XF:nt-backoffice-setup ================================= Candidate: CAN-1999-0375 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990905-01 Proposed: 19990623 Assigned: 19990607 Category: SF Reference: NAI:February 16, 1999 Reference: BUGTRAQ:Feb16,1999 Reference: XF:nfr-webd-overflow Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands. Modifications: ADDREF XF:nfr-webd-overflow VOTES: ACCEPT(2) Northcutt, Hill MODIFY(1) Frech NOOP(2) Prosser, Landfield COMMENTS: Frech> XF:nfr-webd-overflow ================================= Candidate: CAN-1999-0376 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: MS:MS99-006 Reference: BUGTRAQ:Feb20,1999 Reference: L0PHT:Feb18,1999 Reference: XF:nt-knowndlls-list Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. Modifications: ADDREF XF:nt-knowndlls-list VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:nt-knowndlls-list ================================= Candidate: CAN-1999-0379 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb22,1999 Reference: MS:MS99-007 Reference: XF:win-resourcekit-taskpads Microsoft Taskpads feature allows remote web sites to execute commands on the visiting user's machine. Modifications: ADDREF XF:win-resourcekit-taskpads VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:win-resourcekit-taskpads ================================= Candidate: CAN-1999-0382 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: MS:MS99-008 Reference: XF:nt-screen-saver The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. Modifications: ADDREF XF:nt-screen-saver VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:nt-screen-saver ================================= Candidate: CAN-1999-0384 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: XF:forms-vuln-patch Reference: MS:MS99-001 The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. Modifications: ADDREF XF:forms-vuln-patch VOTES: ACCEPT(2) Hill, Wall MODIFY(1) Frech NOOP(1) Landfield COMMENTS: Frech> XF:forms-vuln-patch ================================= Candidate: CAN-1999-0385 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990630 Assigned: 19990607 Category: SF Reference: MS:MS99-009 Reference: ISS:LDAP Buffer overflow against Microsoft Directory Services Reference: XF:ldap-exchange-overflow Reference: XF:ldap-mds-dos The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. Modifications: ADDREF XF:ldap-exchange-overflow ADDREF XF:ldap-mds-dos VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> Change ISS:LDAP Buffer overflow against Microsoft Directory Services Frech> XF:ldap-exchange-overflow Frech> XF:ldap-mds-dos ================================= Candidate: CAN-1999-0386 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: MS:MS99-010 Reference: XF:pws-file-access Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL. Modifications: ADDREF XF:pws-file-access VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:pws-file-access ================================= Candidate: CAN-1999-0392 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jan10,1999 Reference: XF:http-cgic-library-bo Buffer overflow in Thomas Boutell's cgic library version up to 1.05. Modifications: DESC version isn't just 1.05 VOTES: ACCEPT(2) Ozancin, Landfield MODIFY(1) Frech NOOP(1) Wall COMMENTS: Frech> Change version 1.05 to versions up to and including 1.05. ================================= Candidate: CAN-1999-0402 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Feb2,1999 Reference: XF:wget-permissions Reference: DEBIAN:19990220 wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. VOTES: ACCEPT(2) Ozancin, Frech NOOP(2) Wall, Landfield ================================= Candidate: CAN-1999-0442 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jan7,1999 Reference: SF:327 Solaris ff.core allows local users to modify files. VOTES: ACCEPT(2) Wall, Ozancin NOOP(2) Landfield, Christey REVIEWING(1) Frech COMMENTS: Christey> This problem was verified by Casper Dik in a Bugtraq message, Christey> although I could not find any Sun advisories or patches that Christey> specifically mention ff.core. ================================= Candidate: CAN-1999-0457 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Jan17,1999 Reference: DEBIAN:19990117 Reference: XF:ftpwatch-vuln Reference: SF:317 Linux ftpwatch program allows local users to gain root privileges. VOTES: ACCEPT(1) Frech MODIFY(1) Ozancin NOOP(3) Wall, Christey, Landfield COMMENTS: Ozancin> A little vague. Christey> Unfortunately, the advisory is also vague. ================================= Candidate: CAN-1999-0487 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: MS:MS99-011 Reference: XF:ie-dhtml-control The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. Modifications: ADDREF XF:ie-dhtml-control VOTES: ACCEPT(3) Hill, Wall, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:ie-dhtml-control ================================= Candidate: CAN-1999-0496 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: MSKB:Q146965 Reference: XF:nt-getadmin Reference: XF:nt-getadmin-present A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin. Modifications: DESC Change the wording to describe the specific problem ADDREF XF:nt-getadmin ADDREF XF:nt-getadmin-present ADDREF MSKB:Q146965 VOTES: ACCEPT(2) Hill, Northcutt MODIFY(2) Wall, Frech NOOP(2) Christey, Landfield COMMENTS: Wall> "A Windows NT 4.0 user can gain administrative rights, aka Getadmin" Wall> Also reference CIAC H-14 and Microsoft Knowledge Base article Q146965. Frech> XF:nt-getadmin Frech> XF:nt-getadmin-present Frech> XF:mssql-get-admin Christey> CIAC H-14 has to do with SGI problems ================================= Candidate: CAN-1999-0566 Published: Final-Decision: 19990925 Interim-Decision: 19990922 Modified: 19990922-01 Proposed: 19990630 Assigned: 19990607 Category: CF Reference: XF:ibm-syslogd Reference: XF:syslog-flood An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. Modifications: ADDREF XF:ibm-syslogd ADDREF XF:syslog-flood VOTES: ACCEPT(3) Hill, Meunier, Landfield MODIFY(1) Frech COMMENTS: Frech> XF:ibm-syslogd Frech> XF:syslog-flood
|
||||
