|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster 47 - UNIX-VEN (25 candidates)
The following cluster contains 25 candidates. It includes Unix problems which have been acknowledged by an OS vendor. - Steve Proposed: 12/13 Scheduled Proposed: 12/13 Scheduled Interim Decision: 12/27 Scheduled Final Decision: 12/31 Summary of votes to use (in ascending order of "severity"): ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ================================= Candidate: CAN-1999-0674 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: NetBSD:1999-011 Reference: OPENBSD:Aug 9,1999 Reference: BUGTRAQ:19990809 profil(2) bug, a simple test program Reference: BID:570 Reference: XF:netbsd-profil The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. VOTE: ================================= Candidate: CAN-1999-0684 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: HP:HPSBUX9904-097 Denial of service in Sendmail 8.8.6 in HPUX. VOTE: ================================= Candidate: CAN-1999-0686 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: HP:00098 Vulnerability in VVOS NES web server in HP via a malformed URL. VOTE: ================================= Candidate: CAN-1999-0688 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: HP:HPSBUX9907-101 Buffer overflows in HP Security Vulnerability Software Distributor (SD) for HPUX 10.x and 11.x. VOTE: ================================= Candidate: CAN-1999-0690 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: HP:HPSBUX9907-100 Reference: CIAC:J-053 HP CDE program includes the current directory in root's PATH variable. VOTE: ================================= Candidate: CAN-1999-0694 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990713 Reference: CIAC:J-055 Reference: IBM:ERS-SVA-E01-1999:002.1 Denial of service in AIX ptrace system call. VOTE: ================================= Candidate: CAN-1999-0703 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990805 4.4 BSD issue -- chflags Reference: OPENBSD:Jul30,1999 Reference: FREEBSD:FreeBSD-SA-99:01 OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices. VOTE: ================================= Candidate: CAN-1999-0707 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: CF Reference: HP:HPSBUX9906-099 Reference: XF:hp-visualize-conference-ftp Reference: CIAC:J-050 The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization. VOTE: ================================= Candidate: CAN-1999-0713 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: XF:cde-dtlogin Reference: COMPAQ:SSRT0600U The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges. VOTE: ================================= Candidate: CAN-1999-0714 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: COMPAQ:SSRT0600U Vulnerability in Compaq Tru64 UNIX edauth command. VOTE: ================================= Candidate: CAN-1999-0724 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: OPENBSD:Aug12,1999 Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. VOTE: ================================= Candidate: CAN-1999-0745 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: BID:590 Reference: XF:aix-pdnsd-bo Reference: CIAC:J-059 Reference: IBM:ERS-SVA-E01-1999:0031 Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler. VOTE: ================================= Candidate: CAN-1999-0761 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: FREEBSD:FreeBSD-SA-99:05 Reference: BID:644 Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program. VOTE: ================================= Candidate: CAN-1999-0763 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: NETBSD:1999-010 Reference: XF:netbsd-arp NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network. VOTE: ================================= Candidate: CAN-1999-0764 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: NETBSD:1999-010 Reference: XF:netbsd-arp NetBSD allows ARP packets to overwrite static ARP entries. VOTE: ================================= Candidate: CAN-1999-0765 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990619 IRIX midikeys root exploit. Reference: SGI:19990501-01-A Reference: XF:irix-midikeys SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor. VOTE: ================================= Candidate: CAN-1999-0767 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: SUN:00189 Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. VOTE: ================================= Candidate: CAN-1999-0771 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990526 Infosec.19990526.compaq-im.a Reference: COMPAQ:SSRT0612U Reference: XF:management-agent-file-read The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. VOTE: ================================= Candidate: CAN-1999-0772 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990527 Re: Infosec.19990526.compaq-im.a (New DoS and correction to my previous post) Reference: COMPAQ:SSRT0612U Reference: XF:management-agent-dos Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301. VOTE: ================================= Candidate: CAN-1999-0779 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: HP:HPSBUX9810-086 Denial of service in HP-UX SharedX recserv program. VOTE: ================================= Candidate: CAN-1999-0783 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: FreeBSD:FreeBSD-SA-98:05 Reference: CIAC:I-057 FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system. VOTE: ================================= Candidate: CAN-1999-0789 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: BUGTRAQ: Remote bufferoverflow exploit for ftpd from AIX 4.3.2 running on an RS6000 Reference: IBM:ERS-SVA-E01-1 Buffer overflow in AIX ftpd in the libc library. VOTE: ================================= Candidate: CAN-1999-0796 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991125 Category: SF Reference: FREEBSD:SA-98.03 FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. VOTE: ================================= Candidate: CAN-1999-0911 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991208 Category: SF Reference: BUGTRAQ:19990827 ProFTPD Reference: BUGTRAQ:19990907 ProFTP-1.2.0pre4 buffer overflow -- once more Reference: FREEBSD:FreeBSD-SA-99:03 Reference: BID:612 Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. VOTE: ================================= Candidate: CAN-1999-0964 Published: Final-Decision: Interim-Decision: Modified: Proposed: 19991214 Assigned: 19991208 Category: SF Reference: FREEBSD:FreeBSD-SA-97:01 Buffer overflow in FreeBSD setlocale in the libc module. VOTE:
|
||||
