|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-48 - 37 candidates
The following cluster contains 37 candidates that were announced between October 25, 2000 and December 9, 2000. You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The voting web site will be updated with this cluster later today. Recent additions to the Editorial Board will also be notified about their account information at that time. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. - Steve Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2000-0889 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0889 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20001114 Category: SF/CF/MP/SA/AN/unknown Reference: CERT:CA-2000-19 Reference: URL:http://www.cert.org/advisories/CA-2000-19.html Reference: SUN:00198 Reference: URL:http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/198&type=0&nav=sec.sba Two Sun security certificates have been compromised, which could allow attackers to insert malicious code such as applets and make it appear that it is signed by Sun. Analysis ---------------- ED_PRI CAN-2000-0889 1 Vendor Acknowledgement: yes advisory This might not belong in CVE. In addition, this candidate is probably at a high level of abstraction. However, it has been reported in a few vulnerability databases. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0041 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0041 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: CISCO:20001206 Cisco Catalyst Memory Leak Vulnerability Reference: URL:http://www.cisco.com/warp/public/707/catalyst-memleak-pub.shtml Reference: BID:2072 Reference: URL:http://www.securityfocus.com/bid/2072 Reference: XF:cisco-catalyst-telnet-dos Reference: URL:http://xforce.iss.net/static/5656.php Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. Analysis ---------------- ED_PRI CAN-2001-0041 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0050 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0050 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001207 BitchX DNS Overflow Patch Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0081.html Reference: BUGTRAQ:20001207 bitchx/ircd DNS overflow demonstration Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0086.html Reference: REDHAT:RHSA-2000:126-03 Reference: URL:http://www.redhat.com/support/errata/powertools/RHSA-2000-126.html Reference: MANDRAKE:MDKSA-2000:079 Reference: URL:http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-079.php3 Reference: FREEBSD:FreeBSD-SA-00:78 Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:78.bitchx.v1.1.asc Reference: CONECTIVA:CLA-2000:364 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000364 Reference: BID:2087 Reference: URL:http://www.securityfocus.com/bid/2087 Reference: XF:irc-bitchx-dns-bo Reference: URL:http://xforce.iss.net/static/5701.php Buffer overflow in BitchX IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary commands via an IP address that resolves to a long DNS hostname or domain name. Analysis ---------------- ED_PRI CAN-2001-0050 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0055 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0055 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: CISCO:20001204 Multiple Vulnerabilities in CBOS Reference: URL:http://www.cisco.com/warp/public/707/CBOS-multiple.shtml Reference: XF:cisco-cbos-syn-packets Reference: URL:http://xforce.iss.net/static/5627.php CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. Analysis ---------------- ED_PRI CAN-2001-0055 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0056 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0056 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: CISCO:20001204 Multiple Vulnerabilities in CBOS Reference: URL:http://www.cisco.com/warp/public/707/CBOS-multiple.shtml Reference: XF:cisco-cbos-invalid-login Reference: URL:http://xforce.iss.net/static/5628.php The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. Analysis ---------------- ED_PRI CAN-2001-0056 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0057 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0057 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: CISCO:20001204 Multiple Vulnerabilities in CBOS Reference: URL:http://www.cisco.com/warp/public/707/CBOS-multiple.shtml Reference: XF:cisco-cbos-icmp-echo Reference: URL:http://xforce.iss.net/static/5629.php Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. Analysis ---------------- ED_PRI CAN-2001-0057 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0058 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0058 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: CISCO:20001204 Multiple Vulnerabilities in CBOS Reference: URL:http://www.cisco.com/warp/public/707/CBOS-multiple.shtml Reference: XF:cisco-cbos-web-access Reference: URL:http://xforce.iss.net/static/5626.php The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. Analysis ---------------- ED_PRI CAN-2001-0058 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0066 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0066 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001126 [MSY] S(ecure)Locate heap corruption vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0356.html Reference: DEBIAN:DSA-005-1 Reference: URL:http://www.debian.org/security/2000/20001217a Reference: MANDRAKE:MDKSA-2000:085 Reference: URL:http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-085.php3 Reference: REDHAT:RHSA-2000:128-02 Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-128.html Reference: CONECTIVA:CLA-2001:369 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000369 Reference: BID:2004 Reference: URL:http://www.securityfocus.com/bid/2004 Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer. Analysis ---------------- ED_PRI CAN-2001-0066 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0089 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0089 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: MS:MS00-093 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-093.asp Reference: XF:ie-form-file-upload Reference: URL:http://xforce.iss.net/static/5615.php Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0089 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0090 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0090 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: MS:MS00-093 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-093.asp The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0090 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0091 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0091 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: MS:MS00-093 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-093.asp The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0091 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0092 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0092 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: MS:MS00-093 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00-093.asp A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0092 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0021 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0021 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001206 (SRADV00005) Remote command execution vulnerabilities in MailMan Webmail Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0057.html Reference: CONFIRM:http://www.endymion.com/products/mailman/history.htm Reference: BID:2063 Reference: URL:http://www.securityfocus.com/bid/2063 Reference: XF:mailman-alternate-templates Reference: URL:http://xforce.iss.net/static/5649.php MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template paramater. Analysis ---------------- ED_PRI CAN-2001-0021 2 Vendor Acknowledgement: yes changelog Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0033 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0033 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001208 Vulnerabilities in KTH Kerberos IV Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html Reference: BUGTRAQ:20001210 KTH upgrade and FIX Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html Reference: XF:kerberos4-user-config Reference: URL:http://xforce.iss.net/static/5738.php KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges. Analysis ---------------- ED_PRI CAN-2001-0033 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0034 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0034 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001208 Vulnerabilities in KTH Kerberos IV Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html Reference: BUGTRAQ:20001210 KTH upgrade and FIX Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html Reference: XF:kerberos4-arbitrary-proxy Reference: URL:http://xforce.iss.net/static/5733.php KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges. Analysis ---------------- ED_PRI CAN-2001-0034 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0035 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0035 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001208 Vulnerabilities in KTH Kerberos IV Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html Reference: BUGTRAQ:20001210 KTH upgrade and FIX Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html Reference: XF:kerberos4-auth-packet-overflow Reference: URL:http://xforce.iss.net/static/5734.php Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long authentication request. Analysis ---------------- ED_PRI CAN-2001-0035 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0036 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0036 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001208 Vulnerabilities in KTH Kerberos IV Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html Reference: BUGTRAQ:20001210 KTH upgrade and FIX Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html Reference: XF:kerberos4-tmpfile-dos Reference: URL:http://xforce.iss.net/static/5754.php KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file. Analysis ---------------- ED_PRI CAN-2001-0036 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0039 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0039 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001206 DoS by SMTP AUTH command in IPSwitch IMail server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0071.html Reference: BID:2083 Reference: URL:http://www.securityfocus.com/bid/2083 Reference: CONFIRM:http://www.ipswitch.com/Support/IMail/news.html Reference: XF:imail-smtp-auth-dos Reference: URL:http://xforce.iss.net/static/5674.php IPSwitch IMail 6.0.5 allows remore attackers to cause a denial of service using the SMTP AUTH command by sending a base64 encoded user password whose length is between 80 and 136 bytes. Analysis ---------------- ED_PRI CAN-2001-0039 2 Vendor Acknowledgement: yes changelog Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0040 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0040 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: CF Reference: BUGTRAQ:20001206 apcupsd 3.7.2 Denial of Service Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0066.html Reference: MANDRAKE:MDKSA-2000:077 Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-077.php3 Reference: BID:2070 Reference: URL:http://www.securityfocus.com/bid/2070 Reference: XF:apc-apcupsd-dos Reference: URL:http://xforce.iss.net/static/5654.php APC UPS daemon, apcupsd, saves its process ID in a world-writeable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file. Analysis ---------------- ED_PRI CAN-2001-0040 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0054 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0054 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001205 Serv-U FTP directory traversal vunerability (all versions) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97604119024280&w=2 Reference: BUGTRAQ:20001205 (no subject) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0043.html Reference: BID:2052 Reference: URL:http://www.securityfocus.com/bid/2052 Reference: XF:ftp-servu-homedir-travers Reference: URL:http://xforce.iss.net/static/5639.php Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. Analysis ---------------- ED_PRI CAN-2001-0054 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-0890 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0890 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20001114 Category: SF/CF/MP/SA/AN/unknown Reference: CERT-VN:VU#626919 Reference: URL:http://www.kb.cert.org/vuls/id/626919 periodic in FreeBSD and possibly other operating systems allows local users to overwrite arbitrary files via a symlink attack. Analysis ---------------- ED_PRI CAN-2000-0890 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-0893 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0893 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20001114 Category: SF/CF/MP/SA/AN/unknown Reference: CERT-VN:VU#28027 Reference: URL:http://www.kb.cert.org/vuls/id/28027 The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system. Analysis ---------------- ED_PRI CAN-2000-0893 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0030 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0030 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: Reference: BID:2089 Reference: URL:http://www.securityfocus.com/bid/2089 Reference: XF:foolproof-security-bypass Reference: URL:http://xforce.iss.net/static/5758.php FoolProof 3.9 allows local users to bypass program execution restrictions by downloading the restricted executables from another source and renaming them. Analysis ---------------- ED_PRI CAN-2001-0030 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0031 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0031 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001207 BroadVision One-To-One Enterprise Path Disclosure Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0074.html Reference: XF:broadvision-bv1to1-reveal-path Reference: URL:http://xforce.iss.net/static/5661.php BroadVision One-To-One Enterprise allows remote attackers to determine the physical path of server files by requesting a .JSP file name that does not exist. Analysis ---------------- ED_PRI CAN-2001-0031 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0032 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0032 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001208 format string in ssl dump Reference: URL:http://www.securityfocus.com/archive/1/149917 Reference: BID:2096 Reference: URL:http://www.securityfocus.com/bid/2096 Reference: XF:ssldump-format-strings Reference: URL:http://xforce.iss.net/static/5717.php Format string vulnerability in ssldump possibly allows remote attackers to cause a denial of service and possibly gain root privileges via malicious format string specifiers in a URL. Analysis ---------------- ED_PRI CAN-2001-0032 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0037 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0037 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001207 HomeSeer Directory Traversal Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0082.html Reference: BID:2085 Reference: URL:http://www.securityfocus.com/bid/2085 Reference: MISC:http://www.keware.com/hsbetachanges.htm Reference: XF:homeseer-directory-traversal Reference: URL:http://xforce.iss.net/static/5663.php Directory traversal vulnerability in HomeSeer before 1.4.29 allows remote attackers to read arbitrary files via a URL containing .. (dot dot) specifiers. Analysis ---------------- ED_PRI CAN-2001-0037 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0038 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0038 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001207 MetaProducts Offline Explorer Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0078.html Reference: BID:2084 Reference: URL:http://www.securityfocus.com/bid/2084 Reference: XF:offline-explorer-reveal-files Reference: URL:http://xforce.iss.net/static/5728.php Offline Explorer 1.4 before Service Release 2 allows remote attackers to read arbitrary files by specifying the drive letter (e.g. C:) in the requested URL. Analysis ---------------- ED_PRI CAN-2001-0038 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0042 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0042 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001206 CHINANSL Security Advisory(CSA-200011) Reference: URL:http://www.securityfocus.com/archive/1/149210 Reference: BID:2060 Reference: URL:http://www.securityfocus.com/bid/2060 Reference: XF:apache-php-disclose-files Reference: URL:http://xforce.iss.net/static/5659.php PHP3 running on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack. Analysis ---------------- ED_PRI CAN-2001-0042 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0043 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0043 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: XF:phpgroupware-include-files Reference: URL:http://xforce.iss.net/static/5650.php Reference: BUGTRAQ:20001206 (SRADV00006) Remote command execution vulnerabilities in phpGroupWare Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0053.html Reference: BID:2069 Reference: URL:http://www.securityfocus.com/bid/2069 Reference: MISC:http://sourceforge.net/project/shownotes.php?release_id=17604 phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary PHP commands by specifying a malicious include file in the phpgw_info parameter of the phpgw.inc.php program. Analysis ---------------- ED_PRI CAN-2001-0043 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0044 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0044 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001206 (SRADV00007) Local root compromise through Lexmark MarkVision printer drivers Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0064.html Reference: BID:2075 Reference: URL:http://www.securityfocus.com/bid/2075 Reference: XF:markvision-printer-driver-bo Reference: URL:http://xforce.iss.net/static/5651.php Multiple buffer overflows in Lexmark MarkVision printer driver programs allows local users to gain privileges via long arguments to the cat_network, cat_paraller, and cat_serial commands. Analysis ---------------- ED_PRI CAN-2001-0044 3 Vendor Acknowledgement: unknown discloser-claimed Content Decisions: SF-EXEC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0045 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0045 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: CF Reference: MS:MS00-095 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS00-095.asp Reference: BID:2064 Reference: URL:http://www.securityfocus.com/bid/2064 Reference: XF:nt-ras-reg-perms Reference: URL:http://xforce.iss.net/static/5671.php The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities. Analysis ---------------- ED_PRI CAN-2001-0045 3 Vendor Acknowledgement: yes advisory Content Decisions: CF-REGISTRY Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0046 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0046 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: CF Reference: MS:MS00-095 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS00-095.asp Reference: BID:2066 Reference: URL:http://www.securityfocus.com/bid/2066 Reference: XF:nt-snmp-reg-perms Reference: URL:http://xforce.iss.net/static/5672.php The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities. Analysis ---------------- ED_PRI CAN-2001-0046 3 Vendor Acknowledgement: yes advisory Content Decisions: CF-REGISTRY Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0047 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0047 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: CF Reference: MS:MS00-095 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS00-095.asp Reference: BID:2065 Reference: URL:http://www.securityfocus.com/bid/2065 Reference: XF:nt-mts-reg-perms Reference: URL:http://xforce.iss.net/static/5673.php The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities. Analysis ---------------- ED_PRI CAN-2001-0047 3 Vendor Acknowledgement: yes advisory Content Decisions: CF-REGISTRY Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0049 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0049 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001207 WatchGuard SOHO v2.2.1 DoS Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0079.html Reference: BID:2082 Reference: URL:http://www.securityfocus.com/bid/2082 Reference: XF:watchguard-soho-get-dos Reference: URL:http://xforce.iss.net/static/5665.php WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to cause a denial of service via a large number of GET requests. Analysis ---------------- ED_PRI CAN-2001-0049 3 Vendor Acknowledgement: unknown discloser-claimed EXISTENCE: WatchGuard sent a followup email to say that they were "rying to reproduce the symptoms that [were] observed," but there is no additional information as of January 29, 2001. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0051 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0051 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: CF Reference: BUGTRAQ:20001205 IBM DB2 default account and password Vulnerability Reference: URL:http://www.securityfocus.com/archive/1/149222 Reference: BID:2068 Reference: URL:http://www.securityfocus.com/bid/2068 Reference: XF:ibm-db2-gain-access Reference: URL:http://xforce.iss.net/static/5662.php IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the databasse. Analysis ---------------- ED_PRI CAN-2001-0051 3 Vendor Acknowledgement: Content Decisions: CF-PASS Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0052 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0052 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001205 IBM DB2 SQL DOS Reference: URL:http://www.securityfocus.com/archive/1/149207 Reference: BID:2067 Reference: URL:http://www.securityfocus.com/bid/2067 Reference: XF:ibm-db2-dos Reference: URL:http://xforce.iss.net/static/5664.php IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query. Analysis ---------------- ED_PRI CAN-2001-0052 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0088 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0088 Final-Decision: Interim-Decision: Modified: Proposed: 20010202 Assigned: 20010201 Category: SF Reference: BUGTRAQ:20001202 Bypassing admin authentication in phpWebLog Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0025.html Reference: BID:2047 Reference: URL:http://www.securityfocus.com/bid/2047 Reference: XF:phpweblog-bypass-authentication Reference: URL:http://xforce.iss.net/static/5625.php common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog. Analysis ---------------- ED_PRI CAN-2001-0088 3 Vendor Acknowledgement: CD:EX-BETA suggests that beta software should not be included in CVE, unless it is widely deployed. The discloser says that this version is commonly used. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
