|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [VOTEPRI] 13 high priority candidates as of 5/24/2000
The following 13 candidates are all confirmed by the vendor. They need just one more vote to be accepted. - Steve ================================= Candidate: CAN-1999-0118 Published: Final-Decision: Interim-Decision: Modified: 20000106-02 Proposed: 19990714 Assigned: 19990607 Category: SF Reference: BUGTRAQ:19981119 RSI.0011.11-09-98.AIX.INFOD Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91158980826979&w=2 Reference: XF:aix-infod AIX infod allows local users to gain root access through an X display. Modifications: ADDREF XF:aix-infod ADDREF BUGTRAQ:19981119 RSI.0011.11-09-98.AIX.INFOD INFERRED ACTION: CAN-1999-0118 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: MODIFY(1) Frech NOOP(4) Northcutt, Shostack, Wall, Christey Comments: Frech> XF:aix-infod Christey> See BUGTRAQ:19981119 RSI.0011.11-09-98.AIX.INFOD Christey> AIX APAR's confirm this problem: IX84642, IX89281, and IX84642 ================================= Candidate: CAN-1999-0225 Published: Final-Decision: Interim-Decision: Modified: 20000524-02 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: NAI:19980214 Windows NT Logon Denial of Service Reference: URL:http://www.nai.com/nai_labs/asp_set/advisory/25_windows_nt_dos_adv.asp Reference: MSKB:Q180963 Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=180963 Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size. Modifications: ADDREF MSKB:Q180963 reword description Canonicalize NAI advisory INFERRED ACTION: CAN-1999-0225 MOREVOTES-1 (1 accept, 2 ack, 0 review) Current Votes: ACCEPT(1) Hill MODIFY(1) Frech NOOP(1) Wall Comments: Frech> XF:nt-logondos ================================= Candidate: CAN-1999-0323 Published: Final-Decision: Interim-Decision: Modified: 20000524-01 Proposed: 19990630 Assigned: 19990607 Category: SF Reference: FreeBSD:FreeBSD-SA-98:04 Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:04.mmap.asc Reference: NETBSD:1998-003 Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc FreeBSD mmap function allows users to modify append-only or immutable files. Modifications: ADDREF NETBSD:1998-003 INFERRED ACTION: CAN-1999-0323 MOREVOTES-1 (1 accept, 2 ack, 1 review) Current Votes: ACCEPT(2) Hill, Northcutt REVIEWING(1) Frech Comments: Frech> probably XF:bsd-mmap ================================= Candidate: CAN-1999-0407 Published: Final-Decision: Interim-Decision: Modified: 19991203-01 Proposed: 19990728 Assigned: 19990607 Category: SF Reference: BUGTRAQ:19990209 ALERT: IIS4 allows proxied password attacks over NetBIOS Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91983486431506&w=2 Reference: BUGTRAQ:19990209 Re: IIS4 allows proxied password attacks over NetBIOS Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92000623021036&w=2 Reference: MSKB:Q184619 Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=184619 Reference: XF:iis-iisadmpwd By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. Modifications: Modified Bugtraq ref, added KB article and ISS ref INFERRED ACTION: CAN-1999-0407 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: MODIFY(1) Frech NOOP(1) Christey Comments: Frech> ADDREF XF:iis-iisadmpwd Christey> Q184619 doesn't appear to describe this problem. However, Christey> Russ Cooper confirms it in a followup email. ================================= Candidate: CAN-1999-0464 Published: Final-Decision: Interim-Decision: Modified: 19991205-01 Proposed: 19990728 Assigned: 19990607 Category: SF Reference: BUGTRAQ:19990104 Tripwire mess.. Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91553066310826&w=2 Reference: CONFIRM:http://marc.theaimsgroup.com/?l=bugtraq&m=91592136122066&w=2 Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames. Modifications: ADDREF BUGTRAQ:19990104 Tripwire mess.. INFERRED ACTION: CAN-1999-0464 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: MODIFY(1) Frech NOOP(1) Christey Comments: Frech> XF:tripwire-long-filename-dos Christey> XF:tripwire-long-filename-dos doesn't exist. ================================= Candidate: CAN-2000-0233 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000412 Assigned: 20000412 Category: SF Reference: SUSE:20000327 Security hole in SuSE Linux IMAP Server Reference: URL:http://archives.neohapsis.com/archives/vendor/2000-q1/0035.html SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges. INFERRED ACTION: CAN-2000-0233 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: MODIFY(1) Frech NOOP(1) Cole Comments: Frech> XF:linux-imap-remote-unauthorized-access ================================= Candidate: CAN-2000-0234 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000412 Assigned: 20000412 Category: CF Reference: BUGTRAQ:20000330 Cobalt apache configuration exposes .htaccess Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000330220757.28456.qmail@securityfocus.com Reference: CONFIRM:http://www.securityfocus.com/templates/advisory.html?id=2150 Reference: BID:1083 Reference: URL:http://www.securityfocus.com/bid/1083 The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file. INFERRED ACTION: CAN-2000-0234 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: MODIFY(1) Frech NOOP(1) Cole Comments: Frech> XF:cobalt-raq-remote-access ================================= Candidate: CAN-2000-0235 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000412 Assigned: 20000412 Category: SF Reference: FREEBSD:FreeBSD-SA-00:10 Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:10-orville-write.asc Reference: BID:1070 Reference: URL:http://www.securityfocus.com/bid/1070 Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges. INFERRED ACTION: CAN-2000-0235 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: MODIFY(1) Frech NOOP(1) Cole Comments: Frech> XF:freebsd-orvillewrite-bo ================================= Candidate: CAN-2000-0267 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000426 Assigned: 20000426 Category: SF Reference: CISCO:20000419 Cisco Catalyst Enable Password Bypass Vulnerability Reference: URL:http://www.cisco.com/warp/public/707/catos-enable-bypass-pub.shtml Reference: BID:1122 Reference: URL:http://www.securityfocus.com/bid/1122 Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. INFERRED ACTION: CAN-2000-0267 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Cole NOOP(1) Wall ================================= Candidate: CAN-2000-0268 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000426 Assigned: 20000426 Category: SF Reference: CISCO:20000420 Cisco IOS Software TELNET Option Handling Vulnerability Reference: URL:http://www.cisco.com/warp/public/707/iostelnetopt-pub.shtml Reference: BID:1123 Reference: URL:http://www.securityfocus.com/bid/1123 Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. INFERRED ACTION: CAN-2000-0268 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Cole NOOP(1) Wall ================================= Candidate: CAN-2000-0274 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000426 Assigned: 20000426 Category: SF Reference: BUGTRAQ:20000410 linux trustees 1.5 long path name vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0035.html Reference: CONFIRM:http://www.braysystems.com/linux/trustees.html Reference: BID:1096 Reference: URL:http://www.securityfocus.com/bid/1096 The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. INFERRED ACTION: CAN-2000-0274 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Cole NOOP(2) Wall, Christey Comments: Christey> This problem is confirmed in the News section for Mar 31,2000, Christey> which mentions "a fix for the 'extra long directory name' problem." ================================= Candidate: CAN-2000-0294 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000426 Assigned: 20000426 Category: SF Reference: FREEBSD:FreeBSD-SA-00:12 Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2162 Reference: BID:1107 Reference: URL:http://www.securityfocus.com/bid/1107 Buffer overflow in healthd for FreeBSD allows local users to gain root privileges. INFERRED ACTION: CAN-2000-0294 MOREVOTES-1 (1 accept, 1 ack, 0 review) Current Votes: ACCEPT(1) Cole NOOP(1) Wall
|
||||
