|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [INTERIM] ACCEPT 31 candidates from various clusters (Final 4/14)
I have made an Interim Decision to ACCEPT the following 31 candidates from various clusters. I will make a Final Decision on Friday, April 14, 2000. If these candidates are ACCEPTed, the next version of CVE will exceed 600 entries. The candidates come from the following clusters: 1 WEB 12 UNIX-UNCONF 1 RECENT-03 1 RECENT-05 6 RECENT-06 4 RECENT-07 2 RECENT-08 2 RECENT-09 1 RECENT-10 1 RECENT-13 Voters: Wall ACCEPT(1) NOOP(8) LeBlanc NOOP(12) Ozancin ACCEPT(24) NOOP(1) Cole ACCEPT(11) MODIFY(1) Meunier ACCEPT(2) Bishop ACCEPT(2) Stracener ACCEPT(11) MODIFY(3) Frech ACCEPT(4) MODIFY(17) Christey NOOP(11) Prosser ACCEPT(1) Blake ACCEPT(5) ================================= Candidate: CAN-1999-0676 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 19991222 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990808 sdtcm_convert Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=19990809134220.A1191@hades.chaoz.org Reference: XF:sun-sdtcm-convert Reference: BID:575 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=575 sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. Modifications: Changed DESC and XF/Bugtraq REF's from stdcm_convert to sdtcm_convert. INFERRED ACTION: CAN-1999-0676 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Stracener, Ozancin MODIFY(1) Frech NOOP(1) LeBlanc Comments: Frech> CHGREF XF:sun-sdtcm-convert Frech> CHGREF BUGTRAQ:19990808 sdtcm_convert Frech> Description needs to be changed to sdtcm_convert ================================= Candidate: CAN-1999-0711 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-02 Proposed: 19991222 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990430 *Huge* security hole in Oracle 8.0.5 with Intellegent agent installed Reference: URL:http://marc.theaimsgroup.com/?t=92550157100002&w=2&r=1 Reference: BUGTRAQ:19990506 Oracle Security Followup, patch and FAQ: setuid on oratclsh Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92609807906778&w=2 Reference: XF:oracle-oratclsh The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. Modifications: CHANGEREF BUGTRAQ [add date] ADDREF BUGTRAQ:19990506 Oracle Security Followup, patch and FAQ: setuid on oratclsh INFERRED ACTION: CAN-1999-0711 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Stracener, Ozancin, Frech NOOP(2) Christey, LeBlanc Comments: Christey> This candidate is unconfirmed by the vendor. Christey> Christey> Multiple verifications in Bugtraq. ================================= Candidate: CAN-1999-0720 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000313-01 Proposed: 19991222 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990823 [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=lcamtuf.4.05.9907041223290.355-300000@nimue.ids.pl Reference: BID:597 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=597 Reference: XF:linux-pt-chown The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users. Modifications: ADDREF BUGTRAQ:19990823 [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x ADDREF URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=lcamtuf.4.05.9907041223290.355-300000@nimue.ids.pl INFERRED ACTION: CAN-1999-0720 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Ozancin, Frech MODIFY(1) Stracener NOOP(1) LeBlanc Comments: Stracener> Add Ref: BUGTRAQ:19990823 [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD Stracener> / lynx / Stracener> vlock / mc / glibc 2.0.x ================================= Candidate: CAN-1999-0747 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000313-01 Proposed: 19991222 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990816 Symmetric Multiprocessing (SMP) Vulnerbility in BSDi 4.0.1 Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.BSI.4.10.9908170253560.19291-100000@saturn.psn.net Reference: BID:589 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=589 Reference: XF:bsdi-smp-dos Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fstat call is made when the system has a high CPU load. Modifications: CHANGEREF BUGTRAQ [add date] INFERRED ACTION: CAN-1999-0747 ACCEPT (3 accept, 0 ack, 0 review) Current Votes: ACCEPT(2) Ozancin, Frech MODIFY(1) Stracener NOOP(2) Christey, LeBlanc Comments: Stracener> Add a date to the Ref above: BUGTRAQ:19990817 Symmetric... Christey> This candidate is unconfirmed by the vendor. ================================= Candidate: CAN-1999-0773 Published: Final-Decision: Interim-Decision: 20000411 Modified: Proposed: 19991222 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990511 Solaris2.6 and 2.7 lpset overflow Reference: URL:http://www.netspace.org/cgi-bin/wa?A2=ind9905B&L=bugtraq&P=R2017 Reference: XF:sol-lpset-bo Buffer overflow in Solaris lpset program allows local users to gain root access. INFERRED ACTION: CAN-1999-0773 ACCEPT (3 accept, 0 ack, 0 review) Current Votes: ACCEPT(3) Stracener, Ozancin, Frech NOOP(2) Christey, LeBlanc Comments: Christey> This candidate is unconfirmed by the vendor. Posted by UNYUN Christey> of Shadow Penguin Security. Christey> Christey> Followups indicate that the scope of the exploit is limited Christey> to group 14. ================================= Candidate: CAN-1999-0790 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 19991214 Assigned: 19991125 Category: SF Reference: MISC:http://home.netscape.com/security/notes/jscachebrowsing.html Reference: XF:netscape-javascript A remote attacker can read information from a Netscape user's cache via JavaScript. Modifications: ADDREF XF:netscape-javascript ADDREF MISC:http://home.netscape.com/security/notes/jscachebrowsing.html INFERRED ACTION: CAN-1999-0790 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Blake, Stracener MODIFY(2) Cole, Frech NOOP(1) Christey Comments: Cole> What is being exploited? Christey> http://home.netscape.com/security/notes/jscachebrowsing.html Frech> XF:netscape-javascript Frech> NETSCAPE:http://home.netscape.com/security/notes/jscachebrowsing.html ================================= Candidate: CAN-1999-0799 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 19991222 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19970725 Exploitable buffer overflow in bootpd (most unices) Reference: XF:bootpd-bo Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location. Modifications: ADDREF XF:bootpd-bo INFERRED ACTION: CAN-1999-0799 ACCEPT (3 accept, 0 ack, 0 review) Current Votes: ACCEPT(2) Stracener, Ozancin MODIFY(1) Frech Comments: Frech> XF:bootpd-bo ================================= Candidate: CAN-1999-0813 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-02 Proposed: 19991222 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19990810 Severe bug in cfingerd before 1.4.0 Reference: BUGTRAQ:19980724 CFINGERD root security hole Reference: DEBIAN:19990814 Reference: XF:cfingerd-privileges Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges. Modifications: ADDREF DEBIAN:19990814 ADDREF BUGTRAQ:19980724 CFINGERD root security hole DESC add ALLOW_EXECUTION qualifier ADDREF XF:cfingerd-privileges INFERRED ACTION: CAN-1999-0813 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Stracener MODIFY(1) Frech NOOP(1) Ozancin Comments: Frech> XF:cfingerd-privileges ================================= Candidate: CAN-1999-0888 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 19991222 Assigned: 19991208 Category: SF Reference: BUGTRAQ:19990817 Security Bug in Oracle Reference: XF:oracle-dbsnmp Reference: BID:585 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=585 dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script. Modifications: ADDREF XF:oracle-dbsnmp INFERRED ACTION: CAN-1999-0888 ACCEPT (3 accept, 0 ack, 0 review) Current Votes: ACCEPT(2) Stracener, Ozancin MODIFY(1) Frech Comments: Frech> XF:oracle-dbsnmp ================================= Candidate: CAN-1999-0903 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 19991222 Assigned: 19991208 Category: SF Reference: BUGTRAQ:19991025 IBM AIX Packet Filter module Reference: BUGTRAQ:19991027 Re: IBM AIX Packet Filter module (followup) Reference: XF:aix-genfilt-filtering genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767. Modifications: ADDREF XF:aix-genfilt-filtering INFERRED ACTION: CAN-1999-0903 ACCEPT (3 accept, 0 ack, 0 review) Current Votes: ACCEPT(2) Stracener, Ozancin MODIFY(1) Frech Comments: Frech> XF:aix-genfilt-filtering ================================= Candidate: CAN-1999-0906 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 19991222 Assigned: 19991208 Category: SF Reference: BUGTRAQ:19990923 SuSE 6.2 sccw overflow exploit Reference: SUSE:19990926 Security hole in sccw (Part II) Reference: BID:656 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=656 Reference: XF:linux-sccw-bo Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable. Modifications: ADDREF SUSE:19990926 Security hole in sccw (Part II) ADDREF XF:linux-sccw-bo INFERRED ACTION: CAN-1999-0906 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Ozancin MODIFY(2) Stracener, Frech NOOP(1) Christey Comments: Stracener> Add Ref:SUSE: Security hole in sccw (Part II) 26.09.1999 Christey> ADDREF SUSE:19990926 Security hole in sccw (Part II) Frech> XF:linux-sccw-bo ================================= Candidate: CAN-1999-0958 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 19991222 Assigned: 19991208 Category: SF Reference: BUGTRAQ:19980112 Re: hole in sudo for MP-RAS. Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88465708614896&w=2 Reference: XF:sudo-dot-dot-attack sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack. Modifications: ADDREF XF:sudo-dot-dot-attack INFERRED ACTION: CAN-1999-0958 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Stracener, Ozancin, Meunier MODIFY(1) Frech NOOP(2) Christey, LeBlanc Comments: Christey> Confirmed in a Bugtraq followup. Frech> XF:sudo-dot-dot-attack ================================= Candidate: CAN-1999-0961 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 19991222 Assigned: 19991208 Category: SF Reference: BUGTRAQ:19960921 Vunerability in HP sysdiag ? Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=87602167419906&w=2 Reference: CIAC:H-03 Reference: XF:hp-sysdiag-symlink HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation. Modifications: ADDREF CIAC:H-03 ADDREF XF:hp-sysdiag-symlink INFERRED ACTION: CAN-1999-0961 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Stracener, Ozancin, Meunier MODIFY(1) Frech NOOP(2) Christey, LeBlanc Comments: Christey> This candidate is unconfirmed by the vendor. Christey> Christey> Verified by two posters in Bugtraq followups. Frech> XF:hp-sysdiag-symlink Frech> Description should start with HP-UX, not HPUX. ================================= Candidate: CAN-1999-1008 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-02 Proposed: 19991222 Assigned: 19991221 Category: SF Reference: BUGTRAQ:19991215 FreeBSD 3.3 xsoldier root exploit Reference: MISC:http://marc.theaimsgroup.com/?l=freebsd-security&m=94531826621620&w=2 Reference: BID:871 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=871 Reference: XF:unix-xsoldier-overflow xsoldier program allows local users to gain root access via a long argument. Modifications: ADDREF XF:unix-xsoldier-overflow INFERRED ACTION: CAN-1999-1008 ACCEPT (4 accept, 0 ack, 0 review) Current Votes: ACCEPT(3) Cole, Stracener, Blake MODIFY(1) Frech NOOP(3) Wall, Christey, LeBlanc Comments: Frech> XF:unix-xsoldier-overflow Christey> Confirmed in freebsd-security mailing list. Blake> Confirmed on the mailing list is equivalent to vendor confirmation in my Blake> mind. ================================= Candidate: CAN-2000-0044 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 20000125 Assigned: 20000122 Category: SF Reference: BUGTRAQ:20000105 SECURITY ALERT - WAR FTP DAEMON ALL VERSIONS Reference: BID:919 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=919 Reference: XF:warftp-macro-access-files Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. Modifications: ADDREF XF:warftp-macro-access-files INFERRED ACTION: CAN-2000-0044 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Ozancin MODIFY(1) Frech Comments: Frech> XF:warftp-macro-access-files ================================= Candidate: CAN-2000-0052 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000204-01 Proposed: 20000125 Assigned: 20000122 Category: SF Reference: L0PHT:20000104 PamSlam Reference: URL:http://www.l0pht.com/advisories/pam_advisory Reference: REDHAT:RHSA-2000:001-01 Reference: URL:http://www.redhat.com/support/errata/RHSA2000001-03.html Reference: XF:linux-pam-userhelper Reference: URL:http://xforce.iss.net/search.php3?type=2&pattern=linux-pam-userhelper Reference: BID:913 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=913 Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. Modifications: ADDREF XF:linux-pam-userhelper INFERRED ACTION: CAN-2000-0052 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Ozancin MODIFY(1) Frech Comments: Frech> XF:linux-pam-userhelper ================================= Candidate: CAN-2000-0053 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 20000125 Assigned: 20000122 Category: SF Reference: MS:MS00-001 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-001.asp Reference: MSKB:Q246731 Reference: BID:912 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=912 Reference: XF:mcis-malformed-imap Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request. Modifications: ADDREF XF:mcis-malformed-imap INFERRED ACTION: CAN-2000-0053 ACCEPT_ACK (2 accept, 2 ack, 0 review) Current Votes: ACCEPT(1) Prosser MODIFY(1) Frech Comments: Frech> XF:mcis-malformed-imap ================================= Candidate: CAN-2000-0057 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 20000125 Assigned: 20000122 Category: SF Reference: ALLAIRE:ASB00-03 Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=13978&Method=Full Reference: XF:coldfusion-cfcache Reference: BID:917 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=917 Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. Modifications: ADDREF XF:coldfusion-cfcache INFERRED ACTION: CAN-2000-0057 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Ozancin MODIFY(1) Frech Comments: Frech> XF:coldfusion-cfcache ================================= Candidate: CAN-2000-0062 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 20000125 Assigned: 20000122 Category: SF Reference: BUGTRAQ:20000104 [petrilli@digicool.com: [Zope] SECURITY ALERT] Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000104222219.B41650@schvin.net Reference: BID:922 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=922 Reference: XF:zope-dtml The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities. Modifications: ADDREF XF:zope-dtml INFERRED ACTION: CAN-2000-0062 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Ozancin MODIFY(1) Frech Comments: Frech> XF:zope-dtml ================================= Candidate: CAN-2000-0073 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000204-01 Proposed: 20000125 Assigned: 20000122 Category: SF Reference: MS:MS00-005 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-005.asp Reference: MSKB:Q249973 Reference: XF:win-malformed-rtf-control-word Reference: URL:http://xforce.iss.net/search.php3?type=2&pattern=win-malformed-rtf-control-word Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word. Modifications: ADDREF XF:win-malformed-rtf-control-word INFERRED ACTION: CAN-2000-0073 ACCEPT_ACK (2 accept, 2 ack, 0 review) Current Votes: ACCEPT(1) Ozancin MODIFY(1) Frech Comments: Frech> ADDREF XF:win-malformed-rtf-control-word ================================= Candidate: CAN-2000-0083 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000410-01 Proposed: 20000125 Assigned: 20000122 Category: SF Reference: HP:HPSBUX0001-109 Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2031 Reference: XF:hp-audio-security-perms HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. Modifications: ADDREF XF:hp-audio-security-perms INFERRED ACTION: CAN-2000-0083 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Ozancin MODIFY(1) Frech Comments: Frech> XF:hp-audio-security-perms ================================= Candidate: CAN-2000-0091 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000403-01 Proposed: 20000208 Assigned: 20000202 Category: SF Reference: BUGTRAQ:20000122 remote root qmail-pop with vpopmail advisory and exploit with patch Reference: BUGTRAQ:20000123 Re: vpopmail/vchkpw remote root exploit Reference: BID:942 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=942 Reference: MISC:http://www.inter7.com/vpopmail/ChangeLog Reference: MISC:http://www.inter7.com/vpopmail/ Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. Modifications: ADDREF MISC:http://www.inter7.com/vpopmail/ChangeLog ADDREF MISC:http://www.inter7.com/vpopmail/ INFERRED ACTION: CAN-2000-0091 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Cole, Ozancin NOOP(1) Wall ================================= Candidate: CAN-2000-0095 Published: Final-Decision: Interim-Decision: 20000411 Modified: Proposed: 20000208 Assigned: 20000202 Category: SF Reference: HP:HPSBUX0001-110 Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2041 Reference: BID:944 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=944 The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier. INFERRED ACTION: CAN-2000-0095 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Cole, Ozancin NOOP(1) Wall ================================= Candidate: CAN-2000-0099 Published: Final-Decision: Interim-Decision: 20000411 Modified: Proposed: 20000208 Assigned: 20000202 Category: SF Reference: BUGTRAQ:20000119 Unixware ppptalk Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=94848865112897&w=2 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=94840959614790&w=2 Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument. INFERRED ACTION: CAN-2000-0099 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Cole, Ozancin NOOP(1) Wall ================================= Candidate: CAN-2000-0100 Published: Final-Decision: Interim-Decision: 20000411 Modified: 20000321-01 Proposed: 20000208 Assigned: 20000202 Category: CF Reference: NTBUGTRAQ:20000115 Security Vulnerability with SMS 2.0 Remote Control Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/current/0045.html Reference: MS:MS00-012 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-012.asp The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program. Modifications: ADDREF MS:MS00-012 INFERRED ACTION: CAN-2000-0100 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Wall, Cole ================================= Candidate: CAN-2000-0107 Published: Final-Decision: Interim-Decision: 20000411 Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: DEBIAN:20000201 Reference: URL:http://www.debian.org/security/2000/20000201 Reference: BID:958 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=958 Linux apcd program allows local attackers to modify arbitrary files via a symlink attack. INFERRED ACTION: CAN-2000-0107 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Cole, Ozancin NOOP(1) Wall ================================= Candidate: CAN-2000-0131 Published: Final-Decision: Interim-Decision: 20000411 Modified: Proposed: 20000208 Assigned: 20000208 Category: SF Reference: BUGTRAQ:20000201 war-ftpd 1.6x DoS Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=94960703721503&w=2 Reference: BID:966 Reference: URL:http://www.securityfocus.com/bid/966 Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. INFERRED ACTION: CAN-2000-0131 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Cole, Ozancin NOOP(2) Wall, Christey Comments: Christey> Vendor acknowledges that it is a DoS in http://war.jgaa.com/alert/ ================================= Candidate: CAN-2000-0140 Published: Final-Decision: Interim-Decision: 20000411 Modified: Proposed: 20000216 Assigned: 20000216 Category: SF Reference: BUGTRAQ:20000210 remote DoS on Internet Anywhere Mail Server Ver.3.1.3 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=95021326417936&w=2 Reference: NTBUGTRAQ:20000210 remote DoS on Internet Anywhere Mail Server Ver.3.1.3 Reference: BID:980 Reference: URL:http://www.securityfocus.com/bid/980 Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large number of connections. INFERRED ACTION: CAN-2000-0140 ACCEPT (3 accept, 0 ack, 0 review) Current Votes: ACCEPT(3) Bishop, Cole, Blake NOOP(2) LeBlanc, Christey Comments: Christey> This candidate is unconfirmed by the vendor. Christey> Christey> Reported by Nobuo Miwa, moderator of BUGTRAQ-JP. Blake> Same as CAN-2000-0139. ================================= Candidate: CAN-2000-0144 Published: Final-Decision: Interim-Decision: 20000411 Modified: Proposed: 20000216 Assigned: 20000216 Category: SF Reference: http://archives.neohapsis.com/archives/bugtraq/2000-02/0034.html Reference: BUGTRAQ:20000207 Infosec.20000207.axis700.a Reference: BID:971 Reference: URL:http://www.securityfocus.com/bid/971 Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. INFERRED ACTION: CAN-2000-0144 ACCEPT (3 accept, 0 ack, 0 review) Current Votes: ACCEPT(3) Bishop, Cole, Blake NOOP(2) LeBlanc, Christey Comments: Christey> Poster claims that the vendor has issued a patch. Blake> Actually, the poster indicates that they ignored the question. However, Blake> it's straightforward enough that it seems unlikely to have been screwed Blake> up. ================================= Candidate: CAN-2000-0159 Published: Final-Decision: Interim-Decision: 20000411 Modified: Proposed: 20000223 Assigned: 20000223 Category: SF Reference: HP:HPSBUX0002-111 Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=20000217160216.13708.qmail@underground.org HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. INFERRED ACTION: CAN-2000-0159 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Cole, Ozancin NOOP(2) Wall, LeBlanc ================================= Candidate: CAN-2000-0183 Published: Final-Decision: Interim-Decision: 20000411 Modified: Proposed: 20000322 Assigned: 20000322 Category: SF Reference: BUGTRAQ:20000310 Fwd: ircii-4.4 buffer overflow Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0093.html Reference: BID:1046 Reference: URL:http://www.securityfocus.com/bid/1046 Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability. INFERRED ACTION: CAN-2000-0183 ACCEPT (3 accept, 0 ack, 0 review) Current Votes: ACCEPT(3) Blake, Ozancin, Cole NOOP(2) Wall, LeBlanc
|
||||
