|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster LEGACY-MISC-ADV - 43 candidates
I am proposing cluster LEGACY-MISC-ADV for review and voting by the Editorial Board. Name: LEGACY-MISC-ADV Description: Candidates confirmed in miscellaneous bulletins, 1999 and earlier Size: 43 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-1999-1100 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1100 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CISCO:19980616 PIX Private Link Key Processing and Cryptography Issues Reference: URL:http://www.cisco.com/warp/public/770/pixkey-pub.shtml Reference: XF:cisco-pix-parse-error(1579) Reference: URL:http://xforce.iss.net/static/1579.php Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. Analysis ---------------- ED_PRI CAN-1999-1100 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1102 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1102 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: MISC:http://www.phreak.org/archives/security/8lgm/8lgm.lpr Reference: BUGTRAQ:19940307 8lgm Advisory Releases Reference: URL:http://www.aenigma.net/resources/maillist/bugtraq/1994/0091.htm Reference: CIAC:E-25a Reference: URL:http://ciac.llnl.gov/ciac/bulletins/e-25.shtml lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. Analysis ---------------- ED_PRI CAN-1999-1102 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1117 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1117 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19961124 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&w=2&r=1&s=lquerypv&q=b Reference: BUGTRAQ:19961125 lquerypv fix Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=87602167420195&w=2 Reference: BUGTRAQ:19961125 AIX lquerypv Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=87602167420196&w=2 Reference: CIAC:H-13 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/h-13.shtml Reference: BID:455 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=455 Reference: XF:ibm-lquerypv(1752) Reference: URL:http://xforce.iss.net/static/1752.php lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. Analysis ---------------- ED_PRI CAN-1999-1117 1 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1175 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1175 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CISCO:19980513 Cisco Web Cache Control Protocol Router Vulnerability Reference: URL:http://www.cisco.com/warp/public/770/wccpauth-pub.shtml Reference: CIAC:I-054 Reference: URL:http://www.ciac.org/ciac/bulletins/i-054.shtml Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. Analysis ---------------- ED_PRI CAN-1999-1175 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1300 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1300 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CIAC:B-31 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/b-31.shtml Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration. Analysis ---------------- ED_PRI CAN-1999-1300 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1307 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1307 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: unknown Reference: BUGTRAQ:19941209 Novell security advisory on sadc, urestore and the suid_exec feature Reference: URL:http://www.dataguard.no/bugtraq/1994_4/0676.html Reference: CIAC:F-06 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/f-06.shtml Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges. Analysis ---------------- ED_PRI CAN-1999-1307 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1315 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1315 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CIAC:F-04 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/f-04.shtml Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service. Analysis ---------------- ED_PRI CAN-1999-1315 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1320 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1320 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CIAC:D-01 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/d-01.shtml Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing. Analysis ---------------- ED_PRI CAN-1999-1320 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1324 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1324 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: Reference: CIAC:D-06 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/d-06.shtml VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing. Analysis ---------------- ED_PRI CAN-1999-1324 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1325 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1325 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CIAC:C-19 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/c-19.shtml SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges. Analysis ---------------- ED_PRI CAN-1999-1325 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1379 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1379 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990730 Possible Denial Of Service using DNS Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=93348057829957&w=2 Reference: BUGTRAQ:19990810 Possible Denial Of Service using DNS Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=93433758607623&w=2 Reference: AUSCERT:AL-1999.004 Reference: URL:ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004.dns_dos Reference: CIAC:J-063 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/j-063.shtml DNS allows remote attackers to use DNS name servers as traffic amplifiers via a UDP DNS query with a spoofed source address, which produces more traffic to the victim than was sent by the attacker. Analysis ---------------- ED_PRI CAN-1999-1379 1 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1488 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1488 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BID:371 Reference: URL:http://www.securityfocus.com/bid/371 Reference: CIAC:I-079A Reference: URL:http://ciac.llnl.gov/ciac/bulletins/i-079a.shtml sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication. Analysis ---------------- ED_PRI CAN-1999-1488 1 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1074 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1074 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980501 Warning! Webmin Security Advisory Reference: URL:http://www.securityfocus.com/archive/1/9138 Reference: CONFIRM:http://www.webmin.com/webmin/changes.html Reference: BID:98 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=98 Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. Analysis ---------------- ED_PRI CAN-1999-1074 2 Vendor Acknowledgement: yes changelog Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1105 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1105 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CONFIRM:http://www.zdnet.com/eweek/reviews/1016/tr42bug.html Reference: MISC:http://www.net-security.sk/bugs/NT/netware1.html Windows 95, when Remote Administration and File Sharing for Netware Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive. Analysis ---------------- ED_PRI CAN-1999-1105 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1177 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1177 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: MISC:http://www.w3.org/Security/Faq/wwwsf4.html Reference: CONFIRM:http://www-genome.wi.mit.edu/WWW/tools/CGI_scripts/server_publish/nph-publish Directory traversal vulnerability in nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the pathname for an upload operation. Analysis ---------------- ED_PRI CAN-1999-1177 2 Vendor Acknowledgement: yes changelog Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1287 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1287 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CONFIRM:http://www.statslab.cam.ac.uk/~sret1/analog/security.html Reference: XF:analog-remote-file(1410) Reference: URL:http://xforce.iss.net/static/1410.php Vulnerability in Analog 3.0 and earlier allows remote attackers to read arbitrary files via the forms interface. Analysis ---------------- ED_PRI CAN-1999-1287 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1290 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1290 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19981117 nftp vulnerability (fwd) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91127951426494&w=2 Reference: CONFIRM:http://www.ayukov.com/nftp/history.html Reference: XF:nftp-bo(1397) Reference: URL:http://xforce.iss.net/static/1397.php Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string. Analysis ---------------- ED_PRI CAN-1999-1290 2 Vendor Acknowledgement: yes changelog Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1293 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1293 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980106 Apache security advisory Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88413292830649&w=2 Reference: CONFIRM:http://www.apache.org/info/security_bulletin_1.2.5.html mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. Analysis ---------------- ED_PRI CAN-1999-1293 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1327 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1327 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980601 Re: SECURITY: Red Hat Linux 5.1 linuxconf bug (fwd) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221103125826&w=2 Reference: CONFIRM:http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable. Analysis ---------------- ED_PRI CAN-1999-1327 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1328 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1328 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980826 [djb@redhat.com: Unidentified subject!] Reference: BUGTRAQ:19980823 Security concerns in linuxconf shipped w/RedHat 5.1 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90383955231511&w=2 Reference: CONFIRM:http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack. Analysis ---------------- ED_PRI CAN-1999-1328 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1329 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1329 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. Analysis ---------------- ED_PRI CAN-1999-1329 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1330 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1330 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: Reference: BUGTRAQ:19970709 [linux-security] so-called snprintf() in db-1.85.4 (fwd) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=87602661419259&w=2 Reference: CONFIRM:http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html Reference: CONFIRM:http://www.redhat.com/support/errata/rh42-errata-general.html The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf. Analysis ---------------- ED_PRI CAN-1999-1330 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1331 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1331 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CONFIRM:http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface. Analysis ---------------- ED_PRI CAN-1999-1331 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1332 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1332 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980128 GZEXE - the big problem Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88603844115233&w=2 Reference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#gzip gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. Analysis ---------------- ED_PRI CAN-1999-1332 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1333 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1333 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980319 ncftp 2.4.2 MkDirs bug Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=89042322924057&w=2 Reference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. Analysis ---------------- ED_PRI CAN-1999-1333 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1334 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1334 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980129 KSR[T] Advisory #7: filter Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88609666024181&w=2 Reference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#elm Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command line argument. Analysis ---------------- ED_PRI CAN-1999-1334 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1335 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1335 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: CF Reference: CONFIRM:http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. Analysis ---------------- ED_PRI CAN-1999-1335 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1339 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1339 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990722 Re: ping -R causes kernel panic on a forwarding machine ( 2.2.5 a nd 2 .2.10) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=93277766505061&w=2 Reference: BUGTRAQ:19990722 Linux +ipchains+ ping -R Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=93277426802802&w=2 Reference: CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.2/patch-2.2.11.gz Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command. Analysis ---------------- ED_PRI CAN-1999-1339 2 Vendor Acknowledgement: yes patch Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1382 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1382 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980108 NetWare NFS Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88427711321769&w=2 Reference: BUGTRAQ:19980812 Re: Netware NFS (fwd) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90295697702474&w=2 Reference: CONFIRM:http://support.novell.com/cgi-bin/search/tidfinder.cgi?2940551 NetWare NFS mode 1 and 2 implements the "Read Only" flag in UNIX by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program. Analysis ---------------- ED_PRI CAN-1999-1382 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1386 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1386 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980308 another /tmp race: `perl -e' opens temp file not safely Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=88932165406213&w=2 Reference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#perl Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file. Analysis ---------------- ED_PRI CAN-1999-1386 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1456 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1456 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19980819 thttpd 2.04 released (fwd) Reference: URL:http://www.securityfocus.com/archive/1/10368 Reference: CONFIRM:http://www.acme.com/software/thttpd/thttpd.html#releasenotes Reference: XF:thttpd-file-read(1809) Reference: URL:http://xforce.iss.net/static/1809.php thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename. Analysis ---------------- ED_PRI CAN-1999-1456 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1462 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1462 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990426 FW: Security Notice: Big Brother 1.09b/c Reference: URL:http://www.securityfocus.com/archive/1/13440 Reference: CONFIRM:http://bb4.com/README.CHANGES Reference: BID:142 Reference: URL:http://www.securityfocus.com/bid/142 Reference: XF:http-cgi-bigbrother-bbhist(3755) Reference: URL:http://xforce.iss.net/static/3755.php Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attacker to read portions of arbitrary files. Analysis ---------------- ED_PRI CAN-1999-1462 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1474 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1474 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CONFIRM:http://www.microsoft.com/windows/ie/security/powerpoint.asp Reference: XF:nt-ppt-patch(179) Reference: URL:http://xforce.iss.net/static/179.php PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer. Analysis ---------------- ED_PRI CAN-1999-1474 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1481 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1481 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19991025 [squid] exploit for external authentication problem Reference: URL:http://www.securityfocus.com/archive/1/33295 Reference: BUGTRAQ:19991103 [squid]exploit for external authentication problem Reference: URL:http://www.securityfocus.com/archive/1/33295 Reference: CONFIRM:http://www.squid-cache.org/Versions/v2/2.2/bugs/ Reference: BID:741 Reference: URL:http://www.securityfocus.com/bid/741 Reference: XF:squid-proxy-auth-access(3433) Reference: URL:http://xforce.iss.net/static/3433.php Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair. Analysis ---------------- ED_PRI CAN-1999-1481 2 Vendor Acknowledgement: yes changelog ACKNOWLEDGEMENT: http://www.squid-cache.org/Versions/v2/2.2/bugs/ has a section titled "Newlines in passwords confuses the authenticator program" which addresses the problem. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1512 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1512 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990716 AMaViS virus scanner for Linux - root exploit Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=93219846414732&w=2 Reference: CONFIRM:http://www.amavis.org/ChangeLog.txt Reference: BID:527 Reference: URL:http://www.securityfocus.com/bid/527 Reference: XF:amavis-command-execute(2349) Reference: URL:http://xforce.iss.net/static/2349.php The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field. Analysis ---------------- ED_PRI CAN-1999-1512 2 Vendor Acknowledgement: yes readme ACKNOWLEDGEMENT: The 1999-07-17 entry in the change log says "fixed possible exploit published on BugTraq." Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-0808 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0808 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 19991125 Category: SF Reference: BUGTRAQ:19980518 DHCP 1.0 and 2.0 SECURITY ALERT! (fwd) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925960&w=2 Reference: CIAC:I-053 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/i-053.shtml Reference: MISC:ftp://ftp.isc.org/isc/dhcp/dhcp-1.0-history/dhcp-1.0.0-1.0pl1.diff.gz Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options. Analysis ---------------- ED_PRI CAN-1999-0808 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC While the public announcements do not provide the details, analysis of the source diff in dhcp-1.0.0-1.0pl1.diff.gz clearly indicates that the problem is related to long buffers and options processing. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1042 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1042 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CISCO:19980813 CRM Temporary File Vulnerability Reference: URL:http://www.cisco.com/warp/public/770/crmtmp-pub.shtml Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings. Analysis ---------------- ED_PRI CAN-1999-1042 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1126 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1126 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: CF Reference: CISCO:19980813 CRM Temporary File Vulnerability Reference: URL:http://www.cisco.com/warp/public/770/crmtmp-pub.shtml Reference: CIAC:I-086 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/i-086.shtml Reference: XF:cisco-crm-file-vuln(1575) Reference: URL:http://xforce.iss.net/static/1575.php Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_". Analysis ---------------- ED_PRI CAN-1999-1126 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1167 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1167 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CONFIRM:http://www.wired.com/news/technology/0,1282,20677,00.html Reference: MISC:http://www.wired.com/news/technology/0,1282,20636,00.html Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation. Analysis ---------------- ED_PRI CAN-1999-1167 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1206 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1206 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: BUGTRAQ:19990729 New ActiveX security problems in Windows 98 PCs Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=93336970231857&w=2 Reference: CONFIRM:http://www.systemsoft.com/l-2/l-3/support-systemwizard.htm Reference: BID:555 Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=555 SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control. Analysis ---------------- ED_PRI CAN-1999-1206 3 Vendor Acknowledgement: yes Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1355 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1355 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: NTBUGTRAQ:19990817 Compaq PFCUser account Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=93542118727732&w=2 Reference: NTBUGTRAQ:19990905 Case ID SSRT0620 - PFCUser account communication Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=93654336516711&w=2 Reference: NTBUGTRAQ:19990915 (I) UPDATE - PFCUser Account, Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=93759822430801&w=2 Reference: NTBUGTRAQ:19991105 UPDATE: SSRT0620 Compaq Foundation Agents v4.40B PFCUser issues Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=94183795025294&w=2 Reference: CONFIRM:http://www.compaq.com/products/servers/management/advisory.html Reference: XF:management-pfcuser(3231) Reference: URL:http://xforce.iss.net/static/3231.php BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges. Analysis ---------------- ED_PRI CAN-1999-1355 3 Vendor Acknowledgement: yes advisory Content Decisions: CF-PASS Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1464 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1464 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CISCO:19981105 Cisco IOS DFS Access List Leakage Reference: URL:http://www.cisco.com/warp/public/770/iosdfsacl-pub.shtml Reference: CIAC:J-016 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/j-016.shtml Reference: XF:cisco-acl-leakage(1401) Reference: URL:http://xforce.iss.net/static/1401.php Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564. Analysis ---------------- ED_PRI CAN-1999-1464 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC The Cisco advisory is vague about the details of the problems, but makes clear that there are 2 separate problems. Since the problem appear in different versions of IOS, CD:SF-LOC argues to create separate CVE items for the two problems. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-1999-1465 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1465 Final-Decision: Interim-Decision: Modified: Proposed: 20010912 Assigned: 20010831 Category: SF Reference: CISCO:19981105 Cisco IOS DFS Access List Leakage Reference: URL:http://www.cisco.com/warp/public/770/iosdfsacl-pub.shtml Reference: CIAC:J-016 Reference: URL:http://ciac.llnl.gov/ciac/bulletins/j-016.shtml Reference: XF:cisco-acl-leakage(1401) Reference: URL:http://xforce.iss.net/static/1401.php Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface. Analysis ---------------- ED_PRI CAN-1999-1465 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC The Cisco advisory is vague about the details of the problems, but makes clear that there are 2 separate problems. Since the problem appear in different versions of IOS, CD:SF-LOC argues to create separate CVE items for the two problems. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
