|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-67 - 25 candidates
I am proposing cluster RECENT-67 for review and voting by the Editorial Board. The voting web site will be updated on Wednesday afternoon, Eastern time. Name: RECENT-67 Description: Candidates announced between 1/4/2001 and 5/29/2001 Size: 25 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-0541 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0541 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010710 Category: SF Reference: BUGTRAQ:20010527 Microsoft Windows Media Player Buffer Overflow Vulnerability Reference: URL:http://www.securityfocus.com/archive/1/187001 Reference: MS:MS01-042 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS01-042.asp Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allows remote attackers to execute arbitrary commands via a malformed Windows Media Station (.NSC) file. Analysis ---------------- ED_PRI CAN-2001-0541 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0641 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0641 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010806 Category: SF Reference: BUGTRAQ:20010513 RH 7.0:/usr/bin/man exploit: gid man + more Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html Reference: BUGTRAQ:20010612 man 1.5h10 + man 1.5i-4 exploits Reference: URL:http://www.securityfocus.com/archive/1/190136 Reference: REDHAT:RHSA-2001:069 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-069.html Reference: SUSE:SuSE-SA:2001:019 Reference: URL:http://www.suse.de/de/support/security/2001_019_man_txt.txt Reference: XF:man-s-bo(6530) Reference: URL:http://xforce.iss.net/static/6530.php Reference: BID:2711 Reference: URL:http://www.securityfocus.com/bid/2711 Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. Analysis ---------------- ED_PRI CAN-2001-0641 1 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0650 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0650 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010806 Category: SF Reference: CISCO:20010510 Cisco IOS BGP Attribute Corruption Vulnerability Reference: URL:http://www.cisco.com/warp/public/707/ios-bgp-attr-corruption-pub.shtml Reference: CERT-VN:VU#106392 Reference: URL:http://www.kb.cert.org/vuls/id/106392 Reference: CIAC:L-082 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/l-082.shtml Reference: XF:cisco-ios-bgp-dos(6566) Reference: URL:http://xforce.iss.net/static/6566.php Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. Analysis ---------------- ED_PRI CAN-2001-0650 1 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0710 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0710 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: Reference: FREEBSD:FreeBSD-SA-01:52 Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:52.fragment.asc Reference: NETBSD:NetBSD-SA2001-006 Reference: URL:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.asc Reference: XF:bsd-ip fragments-dos(6636) Reference: URL:http://xforce.iss.net/static/6636.php Reference: BID:2799 Reference: URL:http://www.securityfocus.com/bid/2799 NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragements to the machine, exhausting the mbuf pool. Analysis ---------------- ED_PRI CAN-2001-0710 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0648 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0648 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010806 Category: SF Reference: BUGTRAQ:20010508 security hole in os groupware suite PHProjekt Reference: URL:http://www.securityfocus.com/archive/1/184215 Reference: BID:2702 Reference: URL:http://www.securityfocus.com/bid/2702 Reference: XF:phprojekt-dot-directory-traversal(6522) Reference: URL:http://xforce.iss.net/static/6522.php Directory traversal vulnerability in PHProjekt 2.1 and earlier allows a remote attacker to conduct unauthorized activities via a dot dot (..) attack on the file module. Analysis ---------------- ED_PRI CAN-2001-0648 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0675 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0675 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010418 SECURITY.NNOV: The Bat! <cr> bug Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0345.html Reference: BUGTRAQ:20010421 Re: SECURITY.NNOV: The Bat! <cr> bug Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0381.html Reference: BUGTRAQ:20010423 Re: SECURITY.NNOV: The Bat! <cr> bug Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-04/0410.html Reference: XF:thebat-pop3-dos(6423) Reference: URL:http://xforce.iss.net/static/6423.php Rit Research Labs The Bat! 1.51 for Windows allows a remote attacker to cause a denial of service by sending an email to a user's account containing a carrage return <CR> that is not followed by a line feed <LF>. Analysis ---------------- ED_PRI CAN-2001-0675 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0642 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0642 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010806 Category: SF Reference: BUGTRAQ:20010511 [eyeonsecurity.net] Incredimail allows automatic over writing offiles on your hard disk Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0078.html Reference: XF:incredimail-dot-overwrite-files(6529) Reference: URL:http://xforce.iss.net/static/6529.php Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file. Analysis ---------------- ED_PRI CAN-2001-0642 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0643 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0643 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010806 Category: SF Reference: BUGTRAQ:20010416 Double clicking on innocent looking files may be dangerous Reference: URL:http://www.securityfocus.com/archive/1/176909 Reference: MISC:http://vil.nai.com/vil/virusSummary.asp?virus_k=99048 Reference: MISC:http://www.sarc.com/avcenter/venc/data/vbs.postcard@mm.html Reference: XF:ie-clsid-execute-files(6426) Reference: URL:http://xforce.iss.net/static/6426.php A type-check flaw in Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type. Analysis ---------------- ED_PRI CAN-2001-0643 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0644 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0644 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010806 Category: SF Reference: BUGTRAQ:20010515 Rumpus FTP DoS Reference: URL:http://www.securityfocus.com/archive/1/184751 Reference: BID:2718 Reference: URL:http://www.securityfocus.com/bid/2718 Reference: XF:rumpus-plaintext-passwords(6543) Reference: URL:http://xforce.iss.net/static/6543.php Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plaintext in the "Rumpus User Database" file in the prefs folder, which could allow attackers to gain privileges on the server. Analysis ---------------- ED_PRI CAN-2001-0644 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0645 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0645 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010806 Category: SF Reference: BUGTRAQ:20010510 Corsaire Limited Security Advisory - Symantec/Axent NetProwler 3. 5.x password restrictions Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0097.html Reference: BUGTRAQ:20010510 Corsaire Limited Security Advisory - Symantec/Axent NetProwler 3. 5.x database configuration Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-05/0098.html Reference: XF:netprowler-default-odbc-password(6539) Reference: URL:http://xforce.iss.net/static/6539.php Reference: XF:netprowler-default-management-password(6537) Reference: URL:http://xforce.iss.net/static/6537.php Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password. Analysis ---------------- ED_PRI CAN-2001-0645 3 Vendor Acknowledgement: yes Content Decisions: CF-PASS Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0646 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0646 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010806 Category: SF Reference: BUGTRAQ:20010515 Rumpus FTP DoS Reference: URL:http://www.securityfocus.com/archive/1/184751 Reference: BID:2716 Reference: URL:http://www.securityfocus.com/bid/2716 Reference: XF:rumpus-long-directory-dos(6542) Reference: URL:http://xforce.iss.net/static/6542.php Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote attacker to perform a denial of service (hang) by creating a directory name of a specific length. Analysis ---------------- ED_PRI CAN-2001-0646 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0649 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0649 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010806 Category: SF Reference: BUGTRAQ:20010510 Personal Web Sharing remote stop Reference: URL:http://www.securityfocus.com/archive/1/184548 Reference: XF:macos-web-sharing-dos(6536) Reference: URL:http://xforce.iss.net/static/6536.php Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request. Analysis ---------------- ED_PRI CAN-2001-0649 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0674 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0674 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010417 Advisory for Viking Reference: URL:http://www.securityfocus.com/archive/1/177231 Reference: CONFIRM:http://www.robtex.com/viking/bugs.htm Reference: XF:viking-hex-directory-traversal(6394) Reference: URL:http://xforce.iss.net/static/6394.php Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexidecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request. Analysis ---------------- ED_PRI CAN-2001-0674 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC CD:SF-LOC applies to this and CAN-2001-0467. These should be distinguished because CAN-2001-0467 appears in a version (-382) that this one does not (-381). Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0676 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0676 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010104 SECURITY.NNOV advisory - The Bat! directory traversal (public release) Reference: URL:http://www.securityfocus.com/archive/1/154359 Reference: XF:thebat-attachment-directory-traversal(5871) Reference: URL:http://xforce.iss.net/static/5871.php Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f and earlier allows a remote attacker to create arbitrary files via a "dot dot" attack in the filename for an attachment. Analysis ---------------- ED_PRI CAN-2001-0676 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0677 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0677 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010418 Eudora file leakage problem (still) Reference: URL:http://www.securityfocus.com/archive/1/177369 Reference: XF:eudora-plain-text-attachment(6431) Reference: URL:http://xforce.iss.net/static/6431.php Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user. Analysis ---------------- ED_PRI CAN-2001-0677 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0678 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0678 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010519 TrendMicro Interscan VirusWall RegGo.dll BOf Reference: URL:http://www.securityfocus.com/archive/1/185383 Reference: XF:interscan-reggo-bo(6575) Reference: URL:http://xforce.iss.net/static/6575.php A buffer overflow in reggo.dll file used by Trend Micro InterScan VirusWall prior to 3.51 build 1349 for Windows NT 3.5 and InterScan WebManager 1.2 allows a local attacker to execute arbitrary code. Analysis ---------------- ED_PRI CAN-2001-0678 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0680 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0680 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010413 QPC FTPd Directory Traversal and BoF Vulnerabilities Reference: URL:http://www.securityfocus.com/archive/1/176712 Reference: XF:qpc-ftpd-directory-traversal(6375) Reference: URL:http://xforce.iss.net/static/6375.php Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST (ls) command. Analysis ---------------- ED_PRI CAN-2001-0680 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0681 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0681 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010413 QPC FTPd Directory Traversal and BoF Vulnerabilities Reference: URL:http://www.securityfocus.com/archive/1/176712 Reference: XF:qpc-ftpd-bo(6376) Reference: URL:http://xforce.iss.net/static/6376.php Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. Analysis ---------------- ED_PRI CAN-2001-0681 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0683 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0683 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010226 def-2001-08: Netscape Collabra DoS Reference: URL:http://www.securityfocus.com/archive/1/165516 Reference: XF:netscape-collabra-kernel-dos(6158) Reference: URL:http://xforce.iss.net/static/6158.php Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238. Analysis ---------------- ED_PRI CAN-2001-0683 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC CD:SF-LOC suggests separating issues that describe a different underlying problem. The memory leak in port 5238 via a flood of data is different enough from the CPU "spike" based on only a few bytes of data. Thus these 2 problems should be separate. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0684 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0684 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010226 def-2001-08: Netscape Collabra DoS Reference: URL:http://www.securityfocus.com/archive/1/165516 Reference: XF:netscape-collabra-cpu-dos(6159) Reference: URL:http://xforce.iss.net/static/6159.php Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. Analysis ---------------- ED_PRI CAN-2001-0684 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC CD:SF-LOC suggests separating issues that describe a different underlying problem. The memory leak in port 5238 via a flood of data is different enough from the CPU "spike" based on only a few bytes of data. Thus these 2 problems should be separate. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0694 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0694 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: VULN-DEV:20010525 WFTPD 32-bit (X86) 3.00 R5 Directory Traversal / Buffer Overflow / DoS Reference: URL:http://archives.neohapsis.com/archives/vuln-dev/2001-q2/0454.html Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command. Analysis ---------------- ED_PRI CAN-2001-0694 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0695 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0695 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010503 Potential DOS Vulnerability in WFTPD Reference: URL:http://www.securityfocus.com/archive/1/182054 Reference: XF:wftpd-cd-dos(6496) Reference: URL:http://xforce.iss.net/static/6496.php WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by making repeated requests to cd to the floppy drive (A:\). Analysis ---------------- ED_PRI CAN-2001-0695 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0697 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0697 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010228 SurgeFTP Denial of Service Reference: URL:http://www.securityfocus.com/archive/1/165816 Reference: WIN2KSEC:20010301 SurgeFTP 1.0b Denial of Service Reference: URL:http://www.secadministrator.com/Articles/Index.cfm?ArticleID=20200 Reference: XF:surgeftp-listing-dos(6168) Reference: URL:http://xforce.iss.net/static/6168.php NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a denial of service (crash) via an 'ls ..' command. Analysis ---------------- ED_PRI CAN-2001-0697 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0707 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0707 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010503 Denicomp REXECD/RSHD Denial of Service Vulnerability Reference: URL:http://www.securityfocus.com/archive/1/183911 Reference: XF:denicomp-rshd-dos(6523) Reference: URL:http://xforce.iss.net/static/6523.php Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a denial of service (crash) via a long string to port 514. Analysis ---------------- ED_PRI CAN-2001-0707 3 Vendor Acknowledgement: unknown Content Decisions: SF-CODEBASE REXECD and RSHD are multiple packages with the same sort of problem, but the packages are distributed separately (as indicated by the vendor's download page). Thus CD:SF-CODEBASE suggests that these should be separated. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0708 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0708 Final-Decision: Interim-Decision: Modified: Proposed: 20010829 Assigned: 20010829 Category: SF Reference: BUGTRAQ:20010503 Denicomp REXECD/RSHD Denial of Service Vulnerability Reference: URL:http://www.securityfocus.com/archive/1/183911 Reference: XF:denicomp-rexecd-dos(6524) Reference: URL:http://xforce.iss.net/static/6524.php Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string. Analysis ---------------- ED_PRI CAN-2001-0708 3 Vendor Acknowledgement: unknown Content Decisions: SF-CODEBASE REXECD and RSHD are multiple packages with the same sort of problem, but the packages are distributed separately (as indicated by the vendor's download page). Thus CD:SF-CODEBASE suggests that these should be separated. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
