|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PROPOSAL] Cluster MS-99 - 7 legacy candidates
* Steven M. Christey (coley@LINUS.MITRE.ORG) [000518 00:45]: > The following cluster contains 7 legacy candidates, all of which are > associated with Microsoft advisories that were published in 1999. > With this cluster, we now have candidates (or entries) for all issues > described in Microsoft advisories from that year. > > All candidates have a "priority 1." I encourage the Board to vote on > these rapidly, within the minimum 2-week time frame before they are > moved to Interim Decision. The schedule for this cluster is: > > Scheduled Interim Decision: May 30 > Scheduled Final Decision: June 5 > > Other legacy candidates related to 1999 advisories will be posted next > week. > > - Steve > > > > Summary of votes to use (in ascending order of "severity") > ---------------------------------------------------------- > > ACCEPT - voter accepts the candidate as proposed > NOOP - voter has no opinion on the candidate > MODIFY - voter wants to change some MINOR detail (e.g. reference/description) > REVIEWING - voter is reviewing/researching the candidate, or needs more info > RECAST - candidate must be significantly modified, e.g. split or merged > REJECT - candidate is "not a vulnerability", or a duplicate, etc. > > 1) Please write your vote on the line that starts with "VOTE: ". If > you want to add comments or details, add them to lines after the > VOTE: line. > > 2) If you see any missing references, please mention them so that they > can be included. References help greatly during mapping. > > 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. > So if you don't have sufficient information for a candidate but you > don't want to NOOP, use a REVIEWING. > > ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** > > Please keep in mind that your vote and comments will be recorded and > publicly viewable in the mailing list archives or in other formats. > > ================================= > Candidate: CAN-1999-1011 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000518 > Assigned: 19991221 > Category: SF > Reference: MS:MS98-004 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms98-004.asp > Reference: MS:MS99-025 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-025.asp > Reference: CIAC:J-054 > Reference: URL:http://www.ciac.org/ciac/bulletins/j-054.shtml > > The Remote Data Service (RDS) DataFactory component of Microsoft Data > Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, > which allows remote attackers to execute arbitrary commands. > > > ED_PRI CAN-1999-1011 1 > > > VOTE: MODIFY Its a configuration problem. I thought we had category different from software faults for confgiuration problems. Reference: BID 529 > ================================= > Candidate: CAN-2000-0323 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000518 > Assigned: 20000511 > Category: SF > Reference: BUGTRAQ:19990728 Alert : MS Office 97 Vulnerability > Reference: http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-22&msg=19990729195531.25108.qmail@underground.org > Reference: http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-22&msg=D1A11CCE78ADD111A35500805FD43F58019792A3@RED-MSG-04 > Reference: MS:MS99-030 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-030.asp > Reference: BID:595 > Reference: URL:http://www.securityfocus.com/level2/?go=vulnerabilities&id=595 > > The Microsoft Jet database engine allows an attacker to modify text > files via a database query, aka the "Text I-ISAM" vulnerability. > > > ED_PRI CAN-2000-0323 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0325 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000518 > Assigned: 20000511 > Category: SF > Reference: MS:MS99-030 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-030.asp > > The Microsoft Jet database engine allows an attacker to execute > commands via a database query, aka the "VBA Shell" vulnerability. > > > ED_PRI CAN-2000-0325 1 > > > VOTE: MODIFY This is not a software fault. Its a design flaw (or a design decision if you prefer ;-) The flaw can be then used via confguration errors (e.g. CAN-1999-1011) or input validation errors. > ================================= > Candidate: CAN-2000-0327 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000518 > Assigned: 20000511 > Category: SF > Reference: BUGTRAQ:19991014 Another Microsoft Java Flaw Disovered > Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=93993545118416&w=2 > Reference: MS:MS99-045 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-045.asp > > Microsoft Virtual Machine (VM) allows remote attackers to escape the > Java sandbox and execute commands via an applet containing an illegal > cast operation, aka the "Virtual Machine Verifier" vulnerability. > > > ED_PRI CAN-2000-0327 1 > > > VOTE: MODIFY Reference BID 740 > ================================= > Candidate: CAN-2000-0328 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000518 > Assigned: 20000511 > Category: SF > Reference: BUGTRAQ:19990824 NT Predictable Initial TCP Sequence numbers - changes observed with SP4 > Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.19990824165629.00abcb40@192.168.124.1 > Reference: MS:MS99-046 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-046.asp > Reference: BID:604 > Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=604 > > Windows NT 4.0 generates predictable random TCP initial sequence > numbers (ISN), which allows remote attackers to perform spoofing and > session hijacking. > > > ED_PRI CAN-2000-0328 1 > > > VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0329 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000518 > Assigned: 20000511 > Category: SF > Reference: MS:MS99-048 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-048.asp > > A Microsoft ActiveX control allows a remote attacker to execute a > malicious cabinet file via an attachment and an embedded script in an > HTML mail, aka the "Active Setup Control" vulnerability. > > > ED_PRI CAN-2000-0329 1 > > > VOTE: MODIFY Reference: BID 775 > > ================================= > Candidate: CAN-2000-0330 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000518 > Assigned: 20000511 > Category: SF > Reference: MS:MS99-049 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms99-049.asp > > The networking software in Windows 95 and Windows 98 allows remote > attackers to execute commands via a long file name string, aka the > "File Access URL" vulnerability. > > > ED_PRI CAN-2000-0330 1 > > > VOTE: MODIFY Reference: BID 779 -- Elias Levy SecurityFocus.com http://www.securityfocus.com/ Si vis pacem, para bellum
|
||||
