|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-62 - 46 candidates
I have proposed cluster RECENT-62 for review and voting by the Editorial Board. Name: RECENT-62 Description: Candidates announced between 4/21/2001 and 5/23/2001 Size: 46 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-0237 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0237 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010319 Category: SF Reference: BUGTRAQ:20010509 def-2001-24: Windows 2000 Kerberos DoS Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98942093221908&w=2 Reference: MS:MS01-024 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-024.asp Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data. Analysis ---------------- ED_PRI CAN-2001-0237 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0240 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0240 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010319 Category: SF Reference: MS:MS01-028 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-028.asp Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro. Analysis ---------------- ED_PRI CAN-2001-0240 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0241 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0241 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010319 Category: SF/CF/MP/SA/AN/unknown Reference: BUGTRAQ:20010501 Windows 2000 IIS 5.0 Remote buffer overflow vulnerability (Remote SYSTEM Level Access) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98874912915948&w=2 Reference: MS:MS01-023 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-023.asp Reference: BID:2674 Reference: URL:http://www.securityfocus.com/bid/2674 Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0. Analysis ---------------- ED_PRI CAN-2001-0241 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0242 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0242 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010319 Category: SF Reference: BUGTRAQ:20010502 Microsoft Media Player ASX Parser buffer overflow vulnerability Reference: URL:http://www.securityfocus.com/archive/1/181419 Reference: BUGTRAQ:20010506 Re: Microsoft Media Player ASX Parser buffer overflow vulnerability Reference: URL:http://www.securityfocus.com/archive/1/183906 Reference: MS:MS01-029 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-029.asp Reference: BID:2677 Reference: URL:http://www.securityfocus.com/bid/2677 Reference: BID:2686 Reference: URL:http://www.securityfocus.com/bid/2686 Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090. Analysis ---------------- ED_PRI CAN-2001-0242 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0243 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0243 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010319 Category: SF Reference: MS:MS01-029 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-029.asp Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers to read certain files. Analysis ---------------- ED_PRI CAN-2001-0243 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0244 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0244 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010319 Category: SF/CF/MP/SA/AN/unknown Reference: MS:MS01-025 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-025.asp Buffer overflow in Microsoft Index Server 2.0 allows remote attackers to execute arbitrary commands via a long search parameter. Analysis ---------------- ED_PRI CAN-2001-0244 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0245 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0245 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010319 Category: SF/CF/MP/SA/AN/unknown Reference: MS:MS01-025 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms01-025.asp Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0245 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0246 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0246 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010319 Category: SF/CF/MP/SA/AN/unknown Reference: MS:MS01-027 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-027.asp Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0246 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0328 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0328 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010423 Category: SF Reference: CERT:CA-2001-09 Reference: URL:http://www.cert.org/advisories/CA-2001-09.html TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN. Analysis ---------------- ED_PRI CAN-2001-0328 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0331 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0331 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010508 Category: SF Reference: ISS:20010509 Remote Buffer Overflow Vulnerability in IRIX Embedded Support Partner Infrastructure Reference: URL:http://xforce.iss.net/alerts/advise76.php Reference: SGI:20010501-01-P Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/20010501-01-P Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2001-0331 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0332 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0332 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010510 Category: SF Reference: BUGTRAQ:20010330 Security bug in Internet Explorer - MSScriptControl.ScriptControl Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98609031517525&w=2 Reference: MS:MS01-027 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-027.asp Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability. Analysis ---------------- ED_PRI CAN-2001-0332 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0333 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0333 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010510 Category: SF Reference: BUGTRAQ:20010515 NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98992056521300&w=2 Reference: MS:MS01-026 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-026.asp Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice. Analysis ---------------- ED_PRI CAN-2001-0333 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0334 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0334 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010510 Category: SF/CF/MP/SA/AN/unknown Reference: MS:MS01-026 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-026.asp FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. Analysis ---------------- ED_PRI CAN-2001-0334 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0335 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0335 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010510 Category: SF/CF/MP/SA/AN/unknown Reference: MS:MS01-026 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-026.asp FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters. Analysis ---------------- ED_PRI CAN-2001-0335 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0336 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0336 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010510 Category: SF/CF/MP/SA/AN/unknown Reference: MS:MS01-026 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-026.asp The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request. Analysis ---------------- ED_PRI CAN-2001-0336 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0337 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0337 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010510 Category: SF Reference: MS:MS01-026 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-026.asp The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests. Analysis ---------------- ED_PRI CAN-2001-0337 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0338 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0338 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010510 Category: SF Reference: MS:MS01-027 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-027.asp Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability." Analysis ---------------- ED_PRI CAN-2001-0338 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0339 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0339 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010510 Category: SF Reference: MS:MS01-027 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-027.asp Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." Analysis ---------------- ED_PRI CAN-2001-0339 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0488 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0488 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: HP:HPSBUX0104-149 Reference: URL:http://archives.neohapsis.com/archives/hp/2001-q2/0018.html Reference: BID:2646 Reference: URL:http://www.securityfocus.com/bid/2646 pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service. Analysis ---------------- ED_PRI CAN-2001-0488 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0489 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0489 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: REDHAT:RHSA-2001:053 Reference: URL:http://archives.neohapsis.com/archives/linux/redhat/2001-q2/0043.html Reference: MANDRAKE:MDKSA-2001-044 Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0509.html Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2001-0489 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0496 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0496 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: REDHAT:RHSA-2001:059 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-059.html Reference: MANDRAKE:MDKSA-2001:046 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-046.php3 kdesu creates world readable temporary files containing authentication info, which can allow local users to gain privileges. Analysis ---------------- ED_PRI CAN-2001-0496 1 Vendor Acknowledgement: yes advisory It's possible that this is the same vulnerability as CVE-2001-0178, but the description is written so differently from the others, that it's hard to be sure. In addition, Mandrake released a separate advisory for CVE-2001-0178. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0366 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0366 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010429 SAP R/3 Web Application Server Demo for Linux: root exploit Reference: URL:http://www.securityfocus.com/archive/1/180498 Reference: BID:2662 Reference: URL:http://www.securityfocus.com/bid/2662 saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program. Analysis ---------------- ED_PRI CAN-2001-0366 2 Vendor Acknowledgement: yes changelog Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0481 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0481 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: MANDRAKE:MDKSA-2001:043 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-043.php3 Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling. Analysis ---------------- ED_PRI CAN-2001-0481 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0487 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0487 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: AIXAPAR:IY17630 Reference: URL:http://archives.neohapsis.com/archives/aix/2001-q2/0005.html AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection. Analysis ---------------- ED_PRI CAN-2001-0487 2 Vendor Acknowledgement: yes patch Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0495 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0495 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010426 Vulnerability in WebXQ Server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0490.html Reference: BID:2660 Reference: URL:http://www.securityfocus.com/bid/2660 Directory traversal in DataWizard WebXQ server 1.204 allows remote attackers to view files outside of the web root via a .. (dot dot) attack. Analysis ---------------- ED_PRI CAN-2001-0495 2 Vendor Acknowledgement: yes changelog Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0329 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0329 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010427 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A043001-1 Reference: URL:http://www.atstake.com/research/advisories/2001/a043001-1.txt Reference: BID:2670 Reference: URL:http://www.securityfocus.com/bid/2670 Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi. Analysis ---------------- ED_PRI CAN-2001-0329 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC The current version of CD:SF-LOC suggests that for the same type of vulnerability in the same software version, a single entry should be created. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0330 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0330 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010427 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A043001-1 Reference: URL:http://www.atstake.com/research/advisories/2001/a043001-1.txt Reference: BID:2671 Reference: URL:http://www.securityfocus.com/bid/2671 Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed. Analysis ---------------- ED_PRI CAN-2001-0330 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0367 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0367 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010428 Mirabilis ICQ WebFront Plug-in Denial of Service Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98847544303438&w=2 Reference: BID:2664 Reference: URL:http://www.securityfocus.com/bid/2664 Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters. Analysis ---------------- ED_PRI CAN-2001-0367 3 Vendor Acknowledgement: unknown Content Decisions: EX-BETA Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0368 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0368 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010430 A Serious Security Vulnerability Found in BearShare (Directory Traversal) Reference: URL:http://www.securityfocus.com/archive/1/180644 Reference: BID:2672 Reference: URL:http://www.securityfocus.com/bid/2672 Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack. Analysis ---------------- ED_PRI CAN-2001-0368 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0442 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0442 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010421 Mercury for NetWare POP3 server vulnerable to remote buffer overflow Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0378.html Reference: BID:2641 Reference: URL:http://www.securityfocus.com/bid/2641 Buffer overflow in Mercury MTA POP3 server for NetWare, before 1.48, allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long APOP command. Analysis ---------------- ED_PRI CAN-2001-0442 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0452 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0452 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: Reference: BUGTRAQ:20010428 Vulnerabilities in BRS WebWeaver Reference: URL:http://www.securityfocus.com/archive/1/180506 Reference: CONFIRM:http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html Reference: BID:2676 Reference: URL:http://www.securityfocus.com/bid/2676 BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command. Analysis ---------------- ED_PRI CAN-2001-0452 3 Vendor Acknowledgement: yes changelog Content Decisions: EX-BETA Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0453 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0453 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010428 Vulnerabilities in BRS WebWeaver Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0519.html Reference: CONFIRM:http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html Reference: BID:2675 Reference: URL:http://www.securityfocus.com/bid/2675 Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories. Analysis ---------------- ED_PRI CAN-2001-0453 3 Vendor Acknowledgement: unknown Content Decisions: EX-BETA Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0462 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0462 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010424 Advisory for perl webserver Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0426.html Reference: BID:2648 Reference: URL:http://www.securityfocus.com/bid/2648 Directory traversal vulnerability in Perl web server 0.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. Analysis ---------------- ED_PRI CAN-2001-0462 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0463 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0463 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010427 PerlCal (CGI) show files vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0506.html Reference: BID:2663 Reference: URL:http://www.securityfocus.com/bid/2663 Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter. Analysis ---------------- ED_PRI CAN-2001-0463 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0467 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0467 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: Reference: BUGTRAQ:20010423 Vulnerability in Viking Web Server Reference: URL:http://www.securityfocus.com/archive/1/178935 Reference: BID:2643 Reference: URL:http://www.securityfocus.com/bid/2643 Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request. Analysis ---------------- ED_PRI CAN-2001-0467 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0477 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0477 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010423 (SRPRE00004) WebCalendar 0.9.26 Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0392.html Reference: BID:2639 Reference: URL:http://www.securityfocus.com/bid/2639 Vulnerability in WebCalendar 0.9.26 allows remote command execution. Analysis ---------------- ED_PRI CAN-2001-0477 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0478 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0478 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010423 (SRPRE00001) phpMyAdmin 2.1.0 and phpPgAdmin 2.2.1 Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0396.html Reference: BID:2642 Reference: URL:http://www.securityfocus.com/bid/2642 Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. Analysis ---------------- ED_PRI CAN-2001-0478 3 Vendor Acknowledgement: no Content Decisions: SF-CODEBASE phpPgAdmin and phpMyAdmin appear to share a common codebase, and their vulnerabilities are exactly the same based on the provided patches, but it appears that phpPgAdmin is being actively supported by a different group, whereas phpMyAdmin does not appear to be supported any more. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0479 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0479 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010423 (SRPRE00001) phpMyAdmin 2.1.0 and phpPgAdmin 2.2.1 Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0396.html Reference: CONFIRM:http://www.greatbridge.org/project/phppgadmin/cvs/checkout.php/phpPgAdmin/ChangeLog?r=1.13 Reference: BID:2640 Reference: URL:http://www.securityfocus.com/bid/2640 Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. Analysis ---------------- ED_PRI CAN-2001-0479 3 Vendor Acknowledgement: no Content Decisions: SF-CODEBASE phpPgAdmin and phpMyAdmin appear to share a common codebase, and their vulnerabilities are exactly the same based on the provided patches, but it appears that phpPgAdmin is being actively supported by a different group, whereas phpMyAdmin does not appear to be supported any more. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0480 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0480 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010428 Vulnerabilities in Alex's FTP Server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0523.html Reference: BID:2668 Reference: URL:http://www.securityfocus.com/bid/2668 Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands. Analysis ---------------- ED_PRI CAN-2001-0480 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0484 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0484 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010425 Tektronix (Xerox) PhaserLink 850 Webserver Vulnerability (NEW) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0482.html Tektronix PhaserLink 850 does not require authentication for access to configuration pages such as _ncl_subjects.shtml and _ncl_items.shtml, which allows remote attackers to modify configuration information and cause a denial of service by accessing the pages. Analysis ---------------- ED_PRI CAN-2001-0484 3 Vendor Acknowledgement: no Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0485 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0485 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010426 IRIX /usr/lib/print/netprint local root symbols exploit. Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0475.html Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0502.html Vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option. Analysis ---------------- ED_PRI CAN-2001-0485 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0490 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0490 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010429 Winamp 2.6x / 2.7x buffer overflow Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0518.html Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file. Analysis ---------------- ED_PRI CAN-2001-0490 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0491 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0491 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010425 Vulnerabilities in RaidenFTPD Server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0465.html Directory traversal vulnerability in RaidenFTPD Server 2.1 build 947 allows attackers to access files outside the ftp root via dot dot attacks, such as (1) .... in CWD, (2) .. in NLST, or (3) ... in NLST. Analysis ---------------- ED_PRI CAN-2001-0491 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0492 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0492 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010424 Advisory for Netcruiser Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0427.html Reference: BID:2650 Reference: URL:http://www.securityfocus.com/bid/2650 Netcruiser Web server version 0.1.2.8 and earlier allows remote attackers to determine the physical path of the server via a URL containing (1) con, (2) com2, or (3) com3. Analysis ---------------- ED_PRI CAN-2001-0492 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0493 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0493 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010424 Advisory for Small HTTP Server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0428.html Reference: BID:2649 Reference: URL:http://www.securityfocus.com/bid/2649 Small HTTP server 2.03 allows remote attackers to cause a denial of service via a specially crafted URL requesting the aux device name. Analysis ---------------- ED_PRI CAN-2001-0493 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0494 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0494 Final-Decision: Interim-Decision: Modified: Proposed: 20010524 Assigned: 20010524 Category: SF Reference: BUGTRAQ:20010424 IPSwitch IMail 6.06 SMTP Remote System Access Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0433.html Reference: CONFIRM:http://ipswitch.com/Support/IMail/news.html Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header. Analysis ---------------- ED_PRI CAN-2001-0494 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
