|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster LEGACY-MISC-1999-A - 52 candidates
I am proposing cluster LEGACY-MISC-1999-A for review and voting by the Editorial Board. Name: LEGACY-MISC-1999-A Description: Legacy candidates announced between 1/1/1999 and 4/27/1999 Size: 52 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-1999-1203 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1203 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990210 Security problems in ISDN equipment authentication Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91868964203769&w=2 Reference: BUGTRAQ:19990212 PPP/ISDN multilink security issue - summary Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91888117502765&w=2 Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier. Analysis ---------------- ED_PRI CAN-1999-1203 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1567 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1567 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990308 Password and DOS Vulnerability with Testrack (bug tracking software) Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9903&L=NTBUGTRAQ&P=R1215 Reference: NTBUGTRAQ:19990616 Password and DOS Vulnerability with Testrack (bug tracking software) Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9906&L=NTBUGTRAQ&P=R1680 Seapine Software TestTrack server allows a remote attacker to cause a denial of service (high CPU) via (1) TestTrackWeb.exe and (2) ttcgi.exe by connecting to port 99 and disconnecting without sending any data. Analysis ---------------- ED_PRI CAN-1999-1567 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1568 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1568 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990223 NcFTPd remote buffer overflow Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91981352617720&w=2 Reference: BUGTRAQ:19990223 Comments on NcFTPd "theoretical root compromise" Reference: URL:http://www.securityfocus.com/archive/1/12699 Reference: XF:ncftpd-port-bo(1833) Reference: URL:http://xforce.iss.net/static/1833.php Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command. Analysis ---------------- ED_PRI CAN-1999-1568 2 Vendor Acknowledgement: yes followup INCLUSION: This is a UNIX based server. The process that crashes is a child process whose resources are released appropriately, according to reports. Since it's also an off-by-one error instead of a buffer overflow, perhaps this is not "exploitable" and as such should not be included in CVE. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-0418 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0418 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 19990607 Category: SF Reference: BUGTRAQ:19990308 SMTP server account probing Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92100018214316&w=2 Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection. Analysis ---------------- ED_PRI CAN-1999-0418 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1046 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1046 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990302 Multiple IMail Vulnerabilites Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92038879607336&w=2 Reference: BID:504 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=504 Reference: XF:imail-imonitor-overflow(1897) Reference: URL:http://xforce.iss.net/static/1897.php Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181. Analysis ---------------- ED_PRI CAN-1999-1046 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1049 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1049 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990222 Severe Security Hole in ARCserve NT agents (fwd) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91972006211238&w=2 ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. Analysis ---------------- ED_PRI CAN-1999-1049 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1060 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1060 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990217 Tetrix 1.13.16 is Vulnerable Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91937090211855&w=2 Reference: BID:340 Reference: URL:http://www.securityfocus.com/bid/340 Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS hostname. Analysis ---------------- ED_PRI CAN-1999-1060 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1101 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1101 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990219 Yet Another password storing problem (was: Re: Possible Netscape Crypto Security Flaw) Reference: URL:http://www.securityfocus.com/archive/1/12618 Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges. Analysis ---------------- ED_PRI CAN-1999-1101 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1168 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1168 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990220 ISS install.iss security hole Reference: URL:http://www.securityfocus.com/archive/1/12640 install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file. Analysis ---------------- ED_PRI CAN-1999-1168 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1169 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1169 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990204 NOBO denial of service Reference: URL:http://www.securityfocus.com/archive/1/12284 nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets. Analysis ---------------- ED_PRI CAN-1999-1169 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1170 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1170 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990204 WS FTP Server Remote DoS Attack Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=91816507920544&w=2 Reference: BID:218 Reference: URL:http://www.securityfocus.com/bid/218 IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920. Analysis ---------------- ED_PRI CAN-1999-1170 3 Vendor Acknowledgement: Content Decisions: SF-EXEC WS_FTP and IMail are provided by the same vendor, but they are different packages. Thus CD:SF-EXEC says to create separate items for the IMail/flags problem versus the WS_FTP/flags problem. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1171 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1171 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990204 WS FTP Server Remote DoS Attack Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=91816507920544&w=2 Reference: BID:218 Reference: URL:http://www.securityfocus.com/bid/218 IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920. Analysis ---------------- ED_PRI CAN-1999-1171 3 Vendor Acknowledgement: Content Decisions: SF-EXEC WS_FTP and IMail are provided by the same vendor, but they are different packages. Thus CD:SF-EXEC says to create separate items for the IMail/flags problem versus the WS_FTP/flags problem. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1172 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1172 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990114 security hole in Maximizer Reference: URL:http://www.securityfocus.com/archive/1/11947 By design, Maximizer Enterprise 4 calendar and address book program allows arbitrary users to modify the calendar of other users when the calendar is being shared. Analysis ---------------- ED_PRI CAN-1999-1172 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1180 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1180 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: MISC:http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html Reference: BUGTRAQ:19990216 Website Pro v2.0 (NT) Configuration Issues Reference: URL:http://www.tryc.on.ca/archives/bugtraq/1999_1/0612.html O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat. Analysis ---------------- ED_PRI CAN-1999-1180 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1196 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1196 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990427 NT/Exceed D.O.S. Reference: URL:http://www.securityfocus.com/archive/1/13451 Reference: BID:158 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=158 Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000. Analysis ---------------- ED_PRI CAN-1999-1196 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1201 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1201 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990206 New Windows 9x Bug: TCP Chorusing Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=91849617221319&w=2 Reference: BID:225 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=225 Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing. Analysis ---------------- ED_PRI CAN-1999-1201 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1235 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1235 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990331 Minor Bug in IE5.0 Reference: URL:http://ntbugtraq.ntadvice.com/default.asp?pid=36&sid=1&A2=ind9904&L=NTBUGTRAQ&P=R179 Reference: NTBUGTRAQ:19990825 IE5 FTP password exposure & index.dat null ACL problem Reference: URL:http://packetderm.cotse.com/mailing-lists/ntbugtraq/1999/0364.html Reference: XF:nt-ie5-user-ftp-password(3289) Reference: URL:http://xforce.iss.net/static/3289.php Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. Analysis ---------------- ED_PRI CAN-1999-1235 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1244 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1244 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990415 FSA-99.04-IPFILTER-v3.2.10 Reference: URL:http://www.securityfocus.com/archive/1/13303 Reference: XF:ipfilter-temp-file(2087) Reference: URL:http://xforce.iss.net/static/2087.php IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file. Analysis ---------------- ED_PRI CAN-1999-1244 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1245 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1245 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: XF:ucd-snmpd-community(2086) Reference: URL:http://xforce.iss.net/static/2086.php vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information. Analysis ---------------- ED_PRI CAN-1999-1245 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1254 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1254 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990308 Winfreeze EXPLOIT Win9x/NT Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=92099515709467&w=2 Reference: XF:win-redirects-freeze(1947) Reference: URL:http://xforce.iss.net/static/1947.php Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables. Analysis ---------------- ED_PRI CAN-1999-1254 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1255 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1255 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: Reference: MISC:http://www.rootshell.com/archive-j457nxiqi3gq59dv/199902/hyperseek.txt.html Reference: XF:hyperseek-modify(1914) Reference: URL:http://xforce.iss.net/static/1914.php Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an edit_file action parameter. Analysis ---------------- ED_PRI CAN-1999-1255 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1256 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1256 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990304 Oracle Plaintext Password Reference: URL:http://www.securityfocus.com/archive/1/12744 Reference: NTBUGTRAQ:19990304 Oracle Plaintext Password Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=92056752115116&w=2 Reference: XF:oracle-passwords(1902) Reference: URL:http://xforce.iss.net/static/1902.php Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file. Analysis ---------------- ED_PRI CAN-1999-1256 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1260 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1260 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990215 KSR[T] Advisory #10: mSQL ServerStats Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91910115718150&w=2 Reference: XF:msql-serverstats(1777) Reference: URL:http://xforce.iss.net/static/1777.php mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query. Analysis ---------------- ED_PRI CAN-1999-1260 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1261 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1261 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990211 Rainbow Six Buffer Overflow..... Reference: URL:http://www.securityfocus.com/archive/1/12433 Reference: XF:rainbowsix-nick-bo(1772) Reference: URL:http://xforce.iss.net/static/1772.php Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command. Analysis ---------------- ED_PRI CAN-1999-1261 3 Vendor Acknowledgement: Content Decisions: SF-CODEBASE The poster mentions that the overflow is similar to one in Quake. If Rainbow Six is based on the Quake codebase (as a number of video games are), then CD:SF-CODEBASE would suggest combining all affected products into a single item. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1262 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1262 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990202 Unsecured server in applets under Netscape Reference: URL:http://www.securityfocus.com/archive/1/12231 Reference: XF:java-socket-open(1727) Reference: URL:http://xforce.iss.net/static/1727.php Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities. Analysis ---------------- ED_PRI CAN-1999-1262 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1264 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1264 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990121 WebRamp M3 remote network access bug Reference: URL:http://www.securityfocus.com/archive/1/12048 Reference: BUGTRAQ:19990203 WebRamp M3 Perceived Bug Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91815321510224&w=2 Reference: XF:webramp-remote-access(1670) Reference: URL:http://xforce.iss.net/static/1670.php WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been expliticly disabled. Analysis ---------------- ED_PRI CAN-1999-1264 3 Vendor Acknowledgement: no disputed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1268 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1268 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: MISC:http://lists.kde.org/?l=kde-devel&m=91560433413263&w=2 Reference: XF:kde-konsole-hijack(1645) Reference: URL:http://xforce.iss.net/static/1645.php Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices. Analysis ---------------- ED_PRI CAN-1999-1268 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1323 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1323 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990409 NAV for MS Exchange & Internet Email Gateways Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=92370067416739&w=2 Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE. Analysis ---------------- ED_PRI CAN-1999-1323 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1369 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1369 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990414 Real Media Server stores passwords in plain text Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92411181619110&w=2 Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges. Analysis ---------------- ED_PRI CAN-1999-1369 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1370 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1370 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990323 MSIE 5 installer disables screen saver Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=92220197414799&w=2 The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs. Analysis ---------------- ED_PRI CAN-1999-1370 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1371 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1371 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990308 Solaris "/usr/bin/write" bug Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92100752221493&w=2 Reference: MISC:http://www.securiteam.com/exploits/5ZP0O1P35O.html Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument. Analysis ---------------- ED_PRI CAN-1999-1371 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1372 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1372 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990219 Plaintext Password in Tractive's Remote Manager Software Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91966339502073&w=2 Triactive Remote Manager with Basic authentication enabled stores the username and password in cleartext in registry keys, which could allow local users to gain privileges. Analysis ---------------- ED_PRI CAN-1999-1372 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1373 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1373 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990105 Re: Network Scan Vulnerability [SUMMARY] Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91651770130771&w=2 FORE PowerHub before 5.0.1 allows remote attackers to cause a denial of service (hang) via a TCP SYN scan with TCP/IP OS fingerprinting, e.g. via nmap. Analysis ---------------- ED_PRI CAN-1999-1373 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1374 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1374 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990427 Re: Shopping Carts exposing CC data Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92523159819402&w=2 perlshop.cgi shopping cart program stores sensitive customer information in directories and files that are under the web root, which allows remote attackers to obtain that information via an HTTP request. Analysis ---------------- ED_PRI CAN-1999-1374 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1375 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1375 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990211 Using FSO in ASP to view just about anything Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=91877455626320&w=2 Reference: BID:230 Reference: URL:http://www.securityfocus.com/bid/230 FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter. Analysis ---------------- ED_PRI CAN-1999-1375 3 Vendor Acknowledgement: It is unclear whether showfile.asp is the exploit, or a vulnerable program. In addition, it is unknown whether the FSO is expected to act this way (similar to an open() call). Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1376 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1376 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990114 MS IIS 4.0 Security Advisory Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=91632724913080&w=2 Reference: BUGTRAQ:19990114 MS IIS 4.0 Security Advisory Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91638375309890&w=2 Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-1999-1376 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1397 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1397 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990323 Index Server 2.0 and the Registry Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92242671024118&w=2 Reference: NTBUGTRAQ:19990323 Index Server 2.0 and the Registry Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=92223293409756&w=2 Reference: BID:476 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=476 Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed. Analysis ---------------- ED_PRI CAN-1999-1397 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1405 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1405 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990217 snap utility for AIX. Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91936783009385&w=2 Reference: BUGTRAQ:19990220 Re: snap utility for AIX. Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91954824614013&w=2 Reference: BID:375 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=375 snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. Analysis ---------------- ED_PRI CAN-1999-1405 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1422 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1422 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: CF Reference: BUGTRAQ:19990102 PATH variable in zip-slackware 2.0.35 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91540043023167&w=2 Reference: BID:211 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=211 The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users. Analysis ---------------- ED_PRI CAN-1999-1422 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1430 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1430 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990102 security problem with Royal daVinci Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91540043723185&w=2 Reference: BID:185 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=185 PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly accessing the files with a different application, such as Access. Analysis ---------------- ED_PRI CAN-1999-1430 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1431 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1431 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990107 WinNT, ZAK and Office 97 Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=91576100022688&w=2 Reference: NTBUGTRAQ:19990109 WinNT, ZAK and Office 97 Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=91606260910008&w=2 Reference: BID:181 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=181 ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe. Analysis ---------------- ED_PRI CAN-1999-1431 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1440 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1440 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990101 Win32 ICQ 98a flaw Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91522424302962&w=2 Reference: BID:132 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=132 Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. Analysis ---------------- ED_PRI CAN-1999-1440 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1453 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1453 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990222 New IE4 vulnerability : the clipboard again. Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=91979439932341&w=2 Reference: BID:215 Reference: URL:http://www.securityfocus.com/bid/215 Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. Analysis ---------------- ED_PRI CAN-1999-1453 3 Vendor Acknowledgement: unknown This is very similar to CVE-1999-0384, but that one deals with the Forms vulnerability. That problem had been announced and fixed on January 21, but this problem was announced on February 21, so CD:SF-LOC would suggest keeping them separate. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1482 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1482 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990219 Security hole: "zgv" Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-02-15&msg=Pine.LNX.3.96.990219175605.9622A-100000@ferret.lmh.ox.ac.uk SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes. Analysis ---------------- ED_PRI CAN-1999-1482 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1495 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1495 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: CF Reference: BUGTRAQ:19990218 xtvscreen and suse 6 Reference: URL:http://www.securityfocus.com/archive/1/12580 Reference: XF:xtvscreen-overwrite(1792) Reference: URL:http://xforce.iss.net/static/1792.php Reference: BID:325 Reference: URL:http://www.securityfocus.com/bid/325 xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file. Analysis ---------------- ED_PRI CAN-1999-1495 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1538 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1538 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990114 MS IIS 4.0 Security Advisory Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91638375309890&w=2 Reference: NTBUGTRAQ:19990114 MS IIS 4.0 Security Advisory Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=91632724913080&w=2 Reference: BID:189 Reference: URL:http://www.securityfocus.com/bid/189 When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password. Analysis ---------------- ED_PRI CAN-1999-1538 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1544 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1544 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990124 Advisory: IIS FTP Exploit/DoS Attack Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91722115016183&w=2 Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. Analysis ---------------- ED_PRI CAN-1999-1544 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1546 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1546 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990129 TROJAN: netstation.navio-comm.rte 1.1.0.1 Reference: URL:http://www.securityfocus.com/archive/1/12217 Reference: XF:navionc-config-script(1724) Reference: URL:http://xforce.iss.net/static/1724.php netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable. Analysis ---------------- ED_PRI CAN-1999-1546 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1551 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1551 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990302 Multiple IMail Vulnerabilites Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92038879607336&w=2 Reference: BID:505 Reference: URL:http://www.securityfocus.com/bid/505 Reference: XF:imail-websvc-overflow(1898) Reference: URL:http://xforce.iss.net/static/1898.php Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL. Analysis ---------------- ED_PRI CAN-1999-1551 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1553 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1553 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990301 [0z0n3] XCmail remotely exploitable vulnerability Reference: URL:http://www.securityfocus.com/archive/1/12730 Reference: BID:311 Reference: URL:http://www.securityfocus.com/bid/311 Reference: XF:xcmail-reply-overflow(1859) Reference: URL:http://xforce.iss.net/static/1859.php Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line. Analysis ---------------- ED_PRI CAN-1999-1553 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1557 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1557 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990301 Multiple IMail Vulnerabilites Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92038879607336&w=2 Reference: XF:imail-imap-overflow(1895) Reference: URL:http://xforce.iss.net/static/1895.php Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password. Analysis ---------------- ED_PRI CAN-1999-1557 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1559 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1559 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990331 Xylan OmniSwitch "features" Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92299263017061&w=2 Reference: XF:xylan-omniswitch-login(2064) Reference: URL:http://xforce.iss.net/static/2064.php Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time. Analysis ---------------- ED_PRI CAN-1999-1559 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
