|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-57 - 27 candidates
I have proposed cluster RECENT-57 for review and voting by the Editorial Board. Name: RECENT-57 Description: Candidates announced between 2/2/2001 and 2/21/2001 Size: 27 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-0267 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0267 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: HP:HPSBMP0102-008 Reference: URL:http://archives.neohapsis.com/archives/hp/2001-q1/0050.html NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges. Analysis ---------------- ED_PRI CAN-2001-0267 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0268 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0268 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: NETBSD:NetBSD-SA:2001-002 Reference: URL:http://archives.neohapsis.com/archives/netbsd/2001-q1/0093.html Reference: BUGTRAQ:20010219 Re: your mail Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html Reference: OPENBSD:20010302 The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory. Reference: URL:http://www.openbsd.org/errata.html#userldt NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, allow local users to gain root privileges by accessing kernel memory via a segment call gate when the USER_LDT kernel option is enabled. Analysis ---------------- ED_PRI CAN-2001-0268 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0278 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0278 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: HP:HPSBMP0102-009 Reference: URL:http://archives.neohapsis.com/archives/hp/2001-q1/0050.html Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. Analysis ---------------- ED_PRI CAN-2001-0278 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0301 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0301 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010213 Security advisory for analog Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0264.html Reference: CONFIRM:http://www.analog.cx/security2.html Reference: REDHAT:RHSA-2001:017 Reference: URL:http://archives.neohapsis.com/archives/linux/redhat/2001-q1/0056.html Reference: DEBIAN:DSA-033 Reference: URL:http://www.debian.org/security/2001/dsa-033 Reference: BID:2377 Reference: URL:http://www.securityfocus.com/bid/2377 Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings. Analysis ---------------- ED_PRI CAN-2001-0301 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0316 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0316 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: REDHAT:RHSA-2001:013 Reference: URL:http://archives.neohapsis.com/archives/linux/caldera/2001-q1/0009.html Reference: CALDERA:CSSA-2001-009 Reference: URL:http://www.caldera.com/support/security/advisories/CSSA-2001-009.0.txt Reference: BUGTRAQ:20010213 Trustix Security Advisory - proftpd, kernel Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call. Analysis ---------------- ED_PRI CAN-2001-0316 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0317 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0317 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010213 Trustix Security Advisory - proftpd, kernel Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html Reference: REDHAT:RHSA-2001:013 Reference: URL:http://archives.neohapsis.com/archives/linux/caldera/2001-q1/0009.html Reference: CALDERA:CSSA-2001-009 Reference: URL:http://www.caldera.com/support/security/advisories/CSSA-2001-009.0.txt Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. Analysis ---------------- ED_PRI CAN-2001-0317 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0274 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0274 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010214 Security hole in kicq Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0276.html Reference: BUGTRAQ:20010303 Re: Security hole in kicq Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0536.html kicq IRC client 1.0.0, and possibly later versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. Analysis ---------------- ED_PRI CAN-2001-0274 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0319 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0319 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010205 IBM NetCommerce Security Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0072.html Reference: CONFIRM:http://www-4.ibm.com/software/webservers/commerce/netcomletter.html Reference: BID:2350 Reference: URL:http://www.securityfocus.com/bid/2350 orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability. Analysis ---------------- ED_PRI CAN-2001-0319 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0326 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0326 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: CF Reference: BUGTRAQ:20010212 Solution for Potential Vunerability in Granting FilePermission to Oracle Java Virtual Machine Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0255.html Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission. Analysis ---------------- ED_PRI CAN-2001-0326 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0269 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0269 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010217 Solaris 8 pam_ldap.so.1 module broken Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0344.html pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password. Analysis ---------------- ED_PRI CAN-2001-0269 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0270 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0270 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: Reference: BUGTRAQ:20010219 Denial of Service Condition exists in Fore/Marconi ASX Switches Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0349.html Reference: BID:2400 Reference: URL:http://www.securityfocus.com/bid/2400 Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set. Analysis ---------------- ED_PRI CAN-2001-0270 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0271 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0271 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010218 mailnews.cgi Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0347.html mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters. Analysis ---------------- ED_PRI CAN-2001-0271 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0272 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0272 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010212 W3.ORG sendtemp.pl Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0259.html Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter. Analysis ---------------- ED_PRI CAN-2001-0272 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0273 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0273 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010220 [CryptNET Advisory] pgp4pine-1.75-6 - expired public keys Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0367.html pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext. Analysis ---------------- ED_PRI CAN-2001-0273 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0275 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0275 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010219 NetSuite 1.02 web server vulnerabilty Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0346.html Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request. Analysis ---------------- ED_PRI CAN-2001-0275 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0276 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0276 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010217 BadBlue Web Server Ext.dll Vulnerabilities Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98263019502565&w=2 Reference: BID:2390 Reference: URL:http://www.securityfocus.com/bid/2390 ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path. Analysis ---------------- ED_PRI CAN-2001-0276 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0277 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0277 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010217 BadBlue Web Server Ext.dll Vulnerabilities Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98263019502565&w=2 Reference: BID:2392 Reference: URL:http://www.securityfocus.com/bid/2392 Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request. Analysis ---------------- ED_PRI CAN-2001-0277 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0281 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0281 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010221 NT drivers are potentially vulnerable to format string bug Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0379.html Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges. Analysis ---------------- ED_PRI CAN-2001-0281 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0302 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0302 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010215 Vulnerabilities in Pi3Web Server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0316.html Reference: BID:2381 Reference: URL:http://www.securityfocus.com/bid/2381 Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL. Analysis ---------------- ED_PRI CAN-2001-0302 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0303 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0303 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010215 Vulnerabilities in Pi3Web Server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0316.html Reference: BID:2381 Reference: URL:http://www.securityfocus.com/bid/2381 tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to determine the physical path of the server via a URL that requests a non-existent file. Analysis ---------------- ED_PRI CAN-2001-0303 3 Vendor Acknowledgement: Content Decisions: DESIGN-REAL-PATH Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0304 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0304 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: Reference: BUGTRAQ:20010216 Vulnerability in Resin Webserver Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98229372610440&w=2 Reference: BID:2384 Reference: URL:http://www.securityfocus.com/bid/2384 Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request. Analysis ---------------- ED_PRI CAN-2001-0304 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0305 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0305 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010216 Thinking Arts Store.cgi Directory Traversal Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0324.html Reference: BID:2385 Reference: URL:http://www.securityfocus.com/bid/2385 Directory traversal vulnerability in store.cgi in Thinking Arts ES.One package allows remote attackers to read arbitrary files via a .. (dot dot) in the StartID parameter. Analysis ---------------- ED_PRI CAN-2001-0305 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0306 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0306 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010216 WEBactive HTTP Server 1.0 Directory Traversal Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0332.html Reference: BID:2386 Reference: URL:http://www.securityfocus.com/bid/2386 Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1.00 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. Analysis ---------------- ED_PRI CAN-2001-0306 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0307 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0307 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: Reference: BUGTRAQ:20010216 Vulnerabilities in Bajie Http JServer Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0314.html Bajie HTTP JServer 0.78 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist. Analysis ---------------- ED_PRI CAN-2001-0307 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0308 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0308 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010216 Vulnerabilities in Bajie Http JServer Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0314.html Reference: BID:2388 Reference: URL:http://www.securityfocus.com/bid/2388 UploadServlet in Bajie HTTP JServer 0.78 allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program. Analysis ---------------- ED_PRI CAN-2001-0308 3 Vendor Acknowledgement: Content Decisions: SF-LOC There may be 2 separate vulnerabilities here, one of which may be the same as CAN-2000-0773. One problem could be UploadServlet - unless the intended design requires some sort of review/approval process before the servlet can be executed. A separate problem could be the use of the ... in the request to execute the program, which resides outside of the CGI bin directory. However, perhaps the vendor didn't fix the dot dot problem that was in an earlier version (CAN-2000-0773), and this is the same bug. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0324 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0324 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010206 Windows client UDP exhaustion denial of service Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2001-q1/0060.html Reference: BID:2340 Reference: URL:http://www.securityfocus.com/bid/2340 Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash. Analysis ---------------- ED_PRI CAN-2001-0324 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0325 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0325 Final-Decision: Interim-Decision: Modified: Proposed: 20010404 Assigned: 20010404 Category: SF Reference: BUGTRAQ:20010202 QNX RTP ftpd stack overflow Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0031.html Reference: BID:2342 Reference: URL:http://www.securityfocus.com/bid/2342 Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. Analysis ---------------- ED_PRI CAN-2001-0325 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
