|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-65 - 40 candidates
I have proposed cluster RECENT-65 for review and voting by the Editorial Board. Name: RECENT-65 Description: Candidates announced between 5/2/2001 and 5/31/2001 Size: 40 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-0559 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0559 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010507 Vixie cron vulnerability Reference: URL:http://www.securityfocus.com/archive/1/183029 Reference: DEBIAN:DSA-054 Reference: URL:http://www.debian.org/security/2001/dsa-054 Reference: MANDRAKE:MDKSA-2001:050 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-050.php3 Reference: SUSE:SuSE-SA:2001:17 Reference: URL:http://www.suse.de/de/support/security/2001_017_cron_txt.txt Reference: BID:2687 Reference: URL:http://www.securityfocus.com/bid/2687 Reference: XF:vixie-cron-gain-privileges Reference: URL:http://xforce.iss.net/static/6508.php crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error. Analysis ---------------- ED_PRI CAN-2001-0559 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0567 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0567 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: CONFIRM:http://www.zope.org/Products/Zope/Hotfix_2001-05-01/security_alert Reference: DEBIAN:DSA-055 Reference: URL:http://www.debian.org/security/2001/dsa-055 Reference: MANDRAKE:MDKSA-2001:049 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-049.php3 Reference: REDHAT:RHSA-2001:065 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-065.html Digital Creations Zope 2.3.2 and earlier allows a local attacker to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass. Analysis ---------------- ED_PRI CAN-2001-0567 1 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0621 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0621 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: CISCO:20010517 Cisco Content Service Switch 11000 Series FTP Reference: URL:http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml Reference: XF:cisco-css-ftp-commands(6557) Reference: URL:http://xforce.iss.net/static/6557.php The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. Analysis ---------------- ED_PRI CAN-2001-0621 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0622 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0622 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: CISCO:20010531 Cisco Content Service Switch 11000 Series Web Reference: URL:http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the the web management URL instead of navigating through the interface. Analysis ---------------- ED_PRI CAN-2001-0622 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0628 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0628 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: MSKB:Q274228 Reference: URL:http://support.microsoft.com/support/kb/articles/Q274/2/28.asp Reference: BID:2760 Reference: URL:http://www.securityfocus.com/bid/2760 Reference: XF:word-asd-macro-execution(6614) Reference: URL:http://xforce.iss.net/static/6614.php Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros. This can allow a local attacker to execute arbitrary macros with the user ID of the Word user. Analysis ---------------- ED_PRI CAN-2001-0628 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0629 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0629 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: HP:HPSBUX0107-158 Reference: URL:http://archives.neohapsis.com/archives/hp/2001-q3/0006.html Reference: BUGTRAQ:20010523 HP OpenView NNM v6.1 buffer overflow Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0226.html Reference: BID:2761 Reference: URL:http://www.securityfocus.com/bid/2761 Reference: XF:openview-nnm-ecsd-bo(6582) Reference: URL:http://xforce.iss.net/static/6582.php HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter. Analysis ---------------- ED_PRI CAN-2001-0629 1 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0635 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0635 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: REDHAT:RHSA-2001:058 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-058.html Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords. Analysis ---------------- ED_PRI CAN-2001-0635 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0522 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0522 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010529 [synnergy] - GnuPG remote format string vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0281.html Reference: CONFIRM:http://www.gnupg.org/whatsnew.html#rn20010529 Reference: MANDRAKE:MDKSA-2001:053 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-053.php3 Gnu Privacy Guard (GnuPG, aka gpg) 1.05 and earlier can allow an attacker to gain additional privileges via a format string attack in a maliciously encrypted file. The format string used is the name of the original, encrypted file. Analysis ---------------- ED_PRI CAN-2001-0522 2 Vendor Acknowledgement: yes changelog Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0523 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0523 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010518 ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0185.html Reference: BUGTRAQ:20010519 RE: ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0197.html Reference: XF:eeye-secureiis-bypass-detection Reference: URL:http://xforce.iss.net/static/6563.php Reference: XF:eeye-secureiis-directory-traversal Reference: URL:http://xforce.iss.net/static/6564.php eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS via the escaping of HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected by SecureIIS. Analysis ---------------- ED_PRI CAN-2001-0523 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0524 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0524 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010518 ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0185.html Reference: BUGTRAQ:20010519 RE: ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0197.html Reference: XF:eeye-secureiis-http-header-bo(6574) Reference: URL:http://xforce.iss.net/static/6574.php eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier. Analysis ---------------- ED_PRI CAN-2001-0524 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0525 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0525 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010519 dqs 3.2.7 local root exploit. Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0193.html Reference: BUGTRAQ:20010519 Re: dqs 3.2.7 local root exploit. Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0195.html Reference: XF:dqs-dsh-bo Reference: URL:http://xforce.iss.net/static/6577.php dsh program in dqs version 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows a local attacker to gain privileges via a buffer overflow in the first command line argument. Analysis ---------------- ED_PRI CAN-2001-0525 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0527 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0527 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAG:20010515 DCForum Password File Manipukation Vulnerability (qDefense Advisory Number QDAV-5-2000-2) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0122.html Reference: CONFIRM:http://www.dcscripts.com/dcforum/dcfNews/167.html Reference: XF:dcforum-cgi-admin-access(6538) Reference: URL:http://xforce.iss.net/static/6538.php DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form, which will create an extra entry in the registration database. Analysis ---------------- ED_PRI CAN-2001-0527 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0528 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0528 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010507 Oracle's ADI 7.1.1.10.1 Major security hole Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0044.html Reference: BUGTRAQ:20010522 Vulnerability in Oracle E-Business Suite Release 11i Applications Desktop Integrator Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0223.html Reference: BID:2694 Reference: URL:http://www.securityfocus.com/bid/2694 Reference: XF:oracle-adi-plaintext-passwords(6501) Reference: URL:http://xforce.iss.net/static/6501.php Oracle E-Business Suite Release 11i Applications Desktop Integrator (ADI) version 7.x includes a debug version of FNDPUB11I.DLL, which logs the APPS schema password in cleartext in a debug file, which allows local users to obtain the password and gain privileges. Analysis ---------------- ED_PRI CAN-2001-0528 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0530 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0530 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010528 Vulnerability discovered in SpearHead NetGap Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0256.html Reference: BUGTRAQ:20010607 SpearHead Security NetGAP Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-06/0047.html Reference: BID:2798 Reference: URL:http://www.securityfocus.com/bid/2798 Reference: XF:netgap-unicode-bypass-filter Reference: URL:http://xforce.iss.net/static/6625.php Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker to bypass file blocking and content inspection via specially encoded URLs which include '%' characters. Analysis ---------------- ED_PRI CAN-2001-0530 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0574 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0574 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010507 Advisory for MP3Mystic Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0046.html Reference: CONFIRM:http://mp3mystic.com/mp3mystic/news.phtml Reference: XF:mp3mystic-dot-directory-traversal(6504) Reference: URL:http://xforce.iss.net/static/6504.php Reference: BID:2699 Reference: URL:http://www.securityfocus.com/bid/2699 Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a '..' (dot dot) in the URL. Analysis ---------------- ED_PRI CAN-2001-0574 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0611 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0611 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010514 Becky! 2.00.05 Buffer Overflow Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0089.html Reference: BID:2723 Reference: URL:http://www.securityfocus.com/bid/2723 Reference: XF:becky-mail-message-bo(6531) Reference: URL:http://xforce.iss.net/static/6531.php Becky! 2.00.05 and earlier can allow a remote attacker to gain additional privileges via a buffer overflow attack on long messages without newline characters. Analysis ---------------- ED_PRI CAN-2001-0611 2 Vendor Acknowledgement: yes changelog Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0615 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0615 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010525 Advisory for Freestyle Chat server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0241.html Reference: BID:2776 Reference: URL:http://www.securityfocus.com/bid/2776 Reference: XF:freestyle-chat-directory-traversal(6601) Reference: URL:http://xforce.iss.net/static/6601.php Directory traversal vulnerability in Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to read arbitrary files via a specially crafted URL which includes variations of a '..' (dot dot) attack such as '...' or '....'. Analysis ---------------- ED_PRI CAN-2001-0615 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0616 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0616 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010525 Advisory for Freestyle Chat server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0241.html Reference: BID:2777 Reference: URL:http://www.securityfocus.com/bid/2777 Reference: XF:freestyle-chat-device-dos(6602) Reference: URL:http://xforce.iss.net/static/6602.php Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (e.g., GET /aux HTTP/1.0). Analysis ---------------- ED_PRI CAN-2001-0616 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0519 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0519 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010529 Aladdin eSafe Gateway Filter Bypass - Updated Advisory Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0282.html Reference: XF:esafe-gateway-bypass-filtering(6580) Reference: URL:http://xforce.iss.net/static/6580.php Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags. Analysis ---------------- ED_PRI CAN-2001-0519 3 Vendor Acknowledgement: unknown discloser-claimed Content Decisions: SF-LOC CF:SF-LOC suggests creating separate candidates for problems that appear in different versions, which argues for keeping CAN-2001-0519 separate from CAN-2001-0520 and CAN-2001-0521 (which themselves are separated by a different application of CD:SF-LOC). Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0520 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0520 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010529 Aladdin eSafe Gateway Script-filtering Bypass through HTML tags Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0284.html Reference: XF:esafe-gateway-bypass-filtering(6580) Reference: URL:http://xforce.iss.net/static/6580.php Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including (1) onload in the BODY tag, (2) href in the A tag, (3) the BUTTON tag, (4) the INPUT tag, or (5) any other tag in which scripts can be defined. Analysis ---------------- ED_PRI CAN-2001-0520 3 Vendor Acknowledgement: unknown discloser-claimed Content Decisions: SF-LOC CF:SF-LOC suggests creating separate candidates for problems that appear in different versions, which argues for keeping CAN-2001-0519 separate from CAN-2001-0520 and CAN-2001-0521. CD:SF-LOC also suggests separating problems of different types within the same version. CAN-2001-0520 is information hiding by manipulating tag values, while CAN-2001-0521 involves obfuscation by encoding, which "seems" like a different vulnerability type. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0521 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0521 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010529 Aladdin eSafe Gateway Script-filtering Bypass through Unicode Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0285.html Reference: XF:esafe-gateway-bypass-filtering(6580) Reference: URL:http://xforce.iss.net/static/6580.php Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document. Analysis ---------------- ED_PRI CAN-2001-0521 3 Vendor Acknowledgement: unknown discloser-claimed Content Decisions: SF-LOC CF:SF-LOC suggests creating separate candidates for problems that appear in different versions, which argues for keeping CAN-2001-0519 separate from CAN-2001-0520 and CAN-2001-0521. CD:SF-LOC also suggests separating problems of different types within the same version. CAN-2001-0520 is information hiding by manipulating tag values, while CAN-2001-0521 involves obfuscation by encoding, which "seems" like a different vulnerability type. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0526 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0526 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010618 Category: SF Reference: BUGTRAQ:20010528 [synnergy] - Solaris mailtool(1) buffer overflow vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0258.html Reference: XF:solaris-mailtool-openwinhome-bo(6626) Reference: URL:http://xforce.iss.net/static/6626.php Buffer overflow in mailtool in Solaris 8 and earlier versions can allow a local attacker to gain privileges via the OPENWINHOME environmental variable. Analysis ---------------- ED_PRI CAN-2001-0526 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0557 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0557 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010507 Advisory for Jana server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html Reference: XF:jana-server-directory-traversal(6513) Reference: URL:http://xforce.iss.net/static/6513.php Reference: BID:2703 Reference: URL:http://www.securityfocus.com/bid/2703 T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e). Analysis ---------------- ED_PRI CAN-2001-0557 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0558 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0558 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010507 Advisory for Jana server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html Reference: XF:jana-server-device-dos(6521) Reference: URL:http://xforce.iss.net/static/6521.php Reference: BID:2704 Reference: URL:http://www.securityfocus.com/bid/2704 T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0). Analysis ---------------- ED_PRI CAN-2001-0558 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0561 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0561 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010507 Advisory for A1Stats Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0047.html Reference: BID:2705 Reference: URL:http://www.securityfocus.com/bid/2705 Reference: XF:a1stats-dot-directory-traversal(6503) Reference: URL:http://xforce.iss.net/static/6503.php Directory traversal vulnerability in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in (1) a1disp2.cgi, (2) a1disp3.cgi, or (3) a1disp4.cgi. Analysis ---------------- ED_PRI CAN-2001-0561 3 Vendor Acknowledgement: unknown Content Decisions: SF-EXEC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0562 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0562 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010507 Advisory for A1Stats Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0047.html Reference: BID:2705 Reference: URL:http://www.securityfocus.com/bid/2705 Reference: XF:a1stats-a1admin-dos(6505) Reference: URL:http://xforce.iss.net/static/6505.php a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to execute commands via a specially crafted URL which includes shell metacharacters. Analysis ---------------- ED_PRI CAN-2001-0562 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0563 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0563 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010507 Advisory for Electrocomm 2.0 Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0049.html Reference: XF:electrocomm-telnet-dos(6514) Reference: URL:http://xforce.iss.net/static/6514.php Reference: BID:2706 Reference: URL:http://www.securityfocus.com/bid/2706 ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a remote attacker to create a denial of service via large (> 160000 character) strings sent to port 23. Analysis ---------------- ED_PRI CAN-2001-0563 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0565 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0565 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010502 Solaris mailx Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0016.html Reference: XF:mailx-bo(6181) Reference: URL:http://xforce.iss.net/static/6181.php Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option. Analysis ---------------- ED_PRI CAN-2001-0565 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0566 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0566 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010503 Cisco Catalyst 2900XL crashes with empty UDP packet when SNMP is disabled. Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0040.html Reference: XF:cisco-catalyst-udp-dos(6515) Reference: URL:http://xforce.iss.net/static/6515.php Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. Analysis ---------------- ED_PRI CAN-2001-0566 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0570 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0570 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010503 minicom exploit Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-067.html Reference: REDHAT:RHSA-2001:067 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-067.html Reference: CALDERA:CSSA-2001-016.0 Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2001-016.0.txt Reference: BUGTRAQ:20010517 Immunix OS Security update for minicom Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=99014300904714&w=2 Reference: XF:minicom-xmodem-format-string(6498) Reference: URL:http://xforce.iss.net/static/6498.php minicom 1.83.1 and earlier allows a local attacker to gain additional privileges via numerous format string attacks. Analysis ---------------- ED_PRI CAN-2001-0570 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0580 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0580 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:200105007 Advisory for Vdns Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0050.html Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote attacker to create a denial of service by connecting to port 6070, sending some data, and closing the connection. Analysis ---------------- ED_PRI CAN-2001-0580 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0581 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0581 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010507 Advisory for Spynet Chat Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0051.html Reference: XF:spynet-connection-dos(6509) Reference: URL:http://xforce.iss.net/static/6509.php Reference: BID:2701 Reference: URL:http://www.securityfocus.com/bid/2701 Spytech Spynet Chat Server 6.5 allows a remote attacker to create a denial of service (crash) via a large amount (> 100) of connections to port 6387. Analysis ---------------- ED_PRI CAN-2001-0581 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0582 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0582 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010503 Vulnerabilities in CrushFTP Server Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0036.html Reference: XF:crushftp-directory-traversal(6495) Reference: URL:http://xforce.iss.net/static/6495.php Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbtrary files via a '..' (dot dot) attack, or variations, in (1) GET, (2) CD, (3) NLST, (4) SIZE, (5) RETR. Analysis ---------------- ED_PRI CAN-2001-0582 3 Vendor Acknowledgement: yes Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0612 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0612 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010516 Remote Desktop DoS Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0158.html Reference: XF:remote-desktop-dos(6547) Reference: URL:http://xforce.iss.net/static/6547.php Reference: BID:2726 Reference: URL:http://www.securityfocus.com/bid/2726 McAfee Remote Desktop 3.0 and earlier allows a remote attacker to create a denial of service (crash) via large amounts of packets to port 5045. Analysis ---------------- ED_PRI CAN-2001-0612 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0613 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0613 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010515 OmniHTTPd Pro Denial of Service Vulnerability Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0131.html Reference: XF:omnihttpd-post-dos(6540) Reference: URL:http://xforce.iss.net/static/6540.php Reference: BID:2730 Reference: URL:http://www.securityfocus.com/bid/2730 Omnicron Technologies OmniHTTPD Professional 2.08 and earlier allows a remote attacker to create a denial of service via a long (>4111 bytes) POST URL request. Analysis ---------------- ED_PRI CAN-2001-0613 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0614 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0614 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010514 def-2001-25: Carello E-Commerce Arbitrary Command Execution Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=98991352402073&w=2 Reference: XF:carello-url-code-execution(6532) Reference: URL:http://xforce.iss.net/static/6532.php Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain additional privileges and execute arbitrary commands via a specially constructed URL. Analysis ---------------- ED_PRI CAN-2001-0614 3 Vendor Acknowledgement: unknown No specifics about the URL are really mentioned. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0617 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0617 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010514 Cable-Router AR220e Portmapper Security-Flaw Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0125.html Reference: XF:telesyn-portmapper-access-services(6560) Reference: URL:http://xforce.iss.net/static/6560.php Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the 'Virtual Server' enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be disabled. Analysis ---------------- ED_PRI CAN-2001-0617 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0625 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0625 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010525 Security Bug in InoculateIT for Linux (fwd) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0245.html Reference: XF:inoculateit-ftpdownload-symlink(6607) Reference: URL:http://xforce.iss.net/static/6607.php Reference: BID:2778 Reference: URL:http://www.securityfocus.com/bid/2778 ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log . Analysis ---------------- ED_PRI CAN-2001-0625 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0627 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0627 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010522 [SRT2001-09] - vi and crontab -e /tmp issues Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0220.html Reference: BID:2752 Reference: URL:http://www.securityfocus.com/bid/2752 vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack. Analysis ---------------- ED_PRI CAN-2001-0627 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0630 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0630 Final-Decision: Interim-Decision: Modified: Proposed: 20010727 Assigned: 20010727 Category: SF Reference: BUGTRAQ:20010523 Vulnerability in viewsrc.cgi Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0231.html Reference: BID:2762 Reference: URL:http://www.securityfocus.com/bid/2762 Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the 'loc' variable. Analysis ---------------- ED_PRI CAN-2001-0630 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
