|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster MISC-2001-003 - 36 candidates
I am proposing cluster MISC-2001-003 for review and voting by the Editorial Board. Name: MISC-2001-003 Description: Misc. Candidates announced between 8/3/2001 and 12/6/2001 Size: 36 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-1227 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1227 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020411 Category: SF Reference: REDHAT:RHSA-2001:115 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-115.html Reference: MANDRAKE:MDKSA-2001:080 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-080.php3 Reference: BID:3425 Reference: URL:http://online.securityfocus.com/bid/3425 Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. Analysis ---------------- ED_PRI CAN-2001-1227 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1231 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1231 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010814 Fwd: Security Alert: Groupwise - Action Required Reference: URL:http://www.securityfocus.com/archive/1/204672 Reference: CONFIRM:http://support.novell.com/padlock/details.htm Reference: XF:novell-groupwise-admin-privileges(6998) Reference: URL:http://xforce.iss.net/static/6998.php Reference: BID:3189 Reference: URL:http://www.securityfocus.com/bid/3189 GroupWise 5.5 and 6 running in live remove or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix. Analysis ---------------- ED_PRI CAN-2001-1231 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1234 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1234 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011002 results of semi-automatic source code audit Reference: URL:http://www.securityfocus.com/archive/1/218000 Reference: CONFIRM:http://prdownloads.sourceforge.net/gallery/gallery-1.2.5.tar.gz Reference: BID:3397 Reference: URL:http://www.securityfocus.com/bid/3397 Reference: XF:php-includedir-code-execution(7215) Reference: URL:http://www.iss.net/security_center/static/7215.php Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. Analysis ---------------- ED_PRI CAN-2001-1234 1 Vendor Acknowledgement: yes patch ACKNOWLEDGEMENT: The UPGRADING file in the distribution of 1.2.5 says: "Due to a security fix, you now have to modify index.php if you want to use the Gallery random photo block for Nuke... The file you tried to include is not on the approved file list. To include this file you must edit Gallery's index.php and add XXX to the $safe_to_include array." This clearly addresses the problem that was reported. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1252 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1252 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: CF Reference: BUGTRAQ:20010928 SNS-43: PGP Keyserver Permissions Misconfiguration Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-09/0230.html Reference: CONFIRM:http://www.pgp.com/support/product-advisories/keyserver.asp Reference: XF:pgp-keyserver-http-dos(7203) Reference: URL:http://www.iss.net/security_center/static/7203.php Reference: BID:3375 Reference: URL:http://online.securityfocus.com/bid/3375 Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs (1) console, (2) cs, (3) multi_config and (4) directory. Analysis ---------------- ED_PRI CAN-2001-1252 1 Vendor Acknowledgement: unknown discloser-claimed ACKNOWLEDGEMENT: the PGP advisory is referenced by the discloser. While it does not provide quite enough details to be certain that it's addressing the same problem, and advisory has no date to "line up" with the Bugtraq post, the poster is credited at the end of the advisory. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1278 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1278 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: REDHAT:RHSA-2001:115 Reference: URL:http://www.redhat.com/support/errata/RHSA-2001-115.html Reference: MANDRAKE:MDKSA-2001:080 Reference: URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-080.php3 Reference: BID:3425 Reference: URL:http://online.securityfocus.com/bid/3425 Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. Analysis ---------------- ED_PRI CAN-2001-1278 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1295 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1295 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: CONFIRM:http://www.greenepa.net/~averett/cerberus-releasenotes.htm#ReleaseNotes Reference: MISC:http://www.securiteam.com/windowsntfocus/5SP0M0055W.html Reference: XF:cerberus-ftp-directory-traversal(7004) Reference: URL:http://www.iss.net/security_center/static/7004.php Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command. Analysis ---------------- ED_PRI CAN-2001-1295 1 Vendor Acknowledgement: yes changelog ACKNOWLEDGEMENT: the release notes for version 1.6 beta, dated August 29, 2001, say "Fixed a major security bug that allowed unrestricted access to the server machine by using periods in the change directory path." Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1297 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1297 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011002 results of semi-automatic source code audit Reference: URL:http://www.securityfocus.com/archive/1/218000 Reference: CONFIRM:http://sourceforge.net/project/shownotes.php?release_id=58331 Reference: BID:3384 Reference: URL:http://www.securityfocus.com/bid/3384 Reference: XF:php-includedir-code-execution(7215) Reference: URL:http://www.iss.net/security_center/static/7215.php Actionpoll PHP script before 1.1.2 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. Analysis ---------------- ED_PRI CAN-2001-1297 1 Vendor Acknowledgement: yes changelog ACKNOWLEDGEMENT: The change log for 1.1.2 says "Fixed Security Bug" and references BID:3384, i.e. this item. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1299 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1299 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011002 results of semi-automatic source code audit Reference: URL:http://www.securityfocus.com/archive/1/218000 Reference: CERT-VN:VU#847803 Reference: URL:http://www.kb.cert.org/vuls/id/847803 Reference: CONFIRM:http://www.come.to/zorbat/ Reference: CONFIRM:http://www.kb.cert.org/vuls/id/JARL-53RJKV Reference: BID:3386 Reference: URL:http://www.securityfocus.com/bid/3386 Reference: XF:php-includedir-code-execution(7215) Reference: URL:http://www.iss.net/security_center/static/7215.php Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. Analysis ---------------- ED_PRI CAN-2001-1299 1 Vendor Acknowledgement: yes changelog ACKNOWLEDGEMENT: On the vendor's home page, an announcement for Zorbstats 0.9, dated October 21, 2001, says "Security problem corrected." Normally this is insufficient to be certain that the vendor is acknowledging *this* problem, but the vendor is also said to have fixed the issue in a CERT vuilnerability note. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1228 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1228 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020411 Category: SF Reference: VULN-DEV:20011118 New bugs discovered! Reference: VULN-DEV:20011120 New bugs, old bugs Reference: VULN-DEV:20011119 Killing Thread (New bugs discovered!) Reference: BUGTRAQ:20011230 gzip bug w/ patch.. Reference: URL:http://online.securityfocus.com/archive/1/247717 Reference: MANDRAKE:MDKSA-2002:011 Reference: DEBIAN:DSA-100 Reference: SGI:20020401-01-P Reference: BID:3712 Reference: URL:http://online.securityfocus.com/bid/3712 Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. Analysis ---------------- ED_PRI CAN-2001-1228 3 Vendor Acknowledgement: yes advisory Content Decisions: INCLUSION Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1232 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1232 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010815 Groupwise Webaccess, NetWare web server, and Novell Reference: URL:http://www.securityfocus.com/archive/1/204875 Reference: XF:netware-get-directory-listing(6988) Reference: URL:http://xforce.iss.net/static/6988.php Reference: BID:3188 Reference: URL:http://www.securityfocus.com/bid/3188 GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get". Analysis ---------------- ED_PRI CAN-2001-1232 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1233 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1233 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: CF Reference: BUGTRAQ:20010815 Groupwise Webaccess, NetWare web server, and Novell Reference: URL:http://www.securityfocus.com/archive/1/204875 Reference: XF:netware-nds-information-leak(6987) Reference: URL:http://xforce.iss.net/static/6987.php Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. Analysis ---------------- ED_PRI CAN-2001-1233 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1253 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1253 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010927 Two problems with Alexis/InternetPBX from COM2001 Reference: URL:http://online.securityfocus.com/archive/1/217200 Reference: XF:alexis-http-plaintext-information(7205) Reference: URL:http://www.iss.net/security_center/static/7205.php Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users. Analysis ---------------- ED_PRI CAN-2001-1253 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1254 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1254 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010927 Two problems with Alexis/InternetPBX from COM2001 Reference: URL:http://online.securityfocus.com/archive/1/217200 Reference: BID:3373 Reference: URL:http://online.securityfocus.com/bid/3373 Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing. Analysis ---------------- ED_PRI CAN-2001-1254 3 Vendor Acknowledgement: unknown discloser-claimed Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1255 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1255 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011002 WinMySQLadmin 1.1 Store MySQL password in clear text Reference: URL:http://online.securityfocus.com/archive/1/217848 Reference: BID:3381 Reference: URL:http://online.securityfocus.com/bid/3381 Reference: XF:winmysqladmin-password-plaintext(7206) Reference: URL:http://www.iss.net/security_center/static/7206.php WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. Analysis ---------------- ED_PRI CAN-2001-1255 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1259 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1259 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010807 Multiple vulnerabilities in Avaya Argent Office Reference: URL:http://online.securityfocus.com/archive/1/202344 Reference: XF:argent-office-udp-dos(6953) Reference: URL:http://www.iss.net/security_center/static/6953.php Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. Analysis ---------------- ED_PRI CAN-2001-1259 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1260 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1260 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010807 Multiple vulnerabilities in Avaya Argent Office Reference: URL:http://online.securityfocus.com/archive/1/202344 Reference: XF:argent-office-weak-encryption(6954) Reference: URL:http://www.iss.net/security_center/static/6954.php Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot. Analysis ---------------- ED_PRI CAN-2001-1260 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1261 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1261 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010807 Multiple vulnerabilities in Avaya Argent Office Reference: URL:http://online.securityfocus.com/archive/1/202344 Reference: XF:argent-office-change-music(6956) Reference: URL:http://www.iss.net/security_center/static/6956.php Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. Analysis ---------------- ED_PRI CAN-2001-1261 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1262 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1262 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010807 Multiple vulnerabilities in Avaya Argent Office Reference: URL:http://online.securityfocus.com/archive/1/202344 Reference: XF:argent-office-community-string(6955) Reference: URL:http://www.iss.net/security_center/static/6955.php Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length community string. Analysis ---------------- ED_PRI CAN-2001-1262 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1272 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1272 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: DEBIAN:DSA-092 Reference: URL:http://www.debian.org/security/2001/dsa-092 Reference: XF:wmtv-execute-commands(7669) Reference: URL:http://www.iss.net/security_center/static/7669.php Reference: BID:3658 Reference: URL:http://www.securityfocus.com/bid/3658 wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option. Analysis ---------------- ED_PRI CAN-2001-1272 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC ABSTRACTION: CD:SF-LOC suggests distinguishing between different types of problems. Therefore the buffer overflow and symlink problems in wmtv are separated. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1280 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1280 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011011 Vulnerabilities in Ipswitch IMail Server 7.04 Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-10/0076.html Reference: MISC:http://www.ipswitch.com/Support/IMail/news.html Reference: BID:3424 Reference: URL:http://online.securityfocus.com/bid/3424 POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system. Analysis ---------------- ED_PRI CAN-2001-1280 3 Vendor Acknowledgement: unknown vague Content Decisions: SF-LOC ACKNOWLEDGEMENT: The vendor's news page includes an entry for "IMail Server 7.04 Hotfix 1" dated October 10, 2001, which aligns with the announcement of the IMail 7.04 vulnerabilities. However, the vendor's descriptions of the vulnerabilities do not make it clear that the vendor has fixed *these* vulnerabilities; the announcement is too vague to be certain. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1281 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1281 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011011 Vulnerabilities in Ipswitch IMail Server 7.04 Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-10/0076.html Reference: MISC:http://www.ipswitch.com/Support/IMail/news.html Reference: BID:3429 Reference: URL:http://online.securityfocus.com/bid/3429 Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form. Analysis ---------------- ED_PRI CAN-2001-1281 3 Vendor Acknowledgement: unknown vague Content Decisions: SF-LOC ACKNOWLEDGEMENT: The vendor's news page includes an entry for "IMail Server 7.04 Hotfix 1" dated October 10, 2001, which aligns with the announcement of the IMail 7.04 vulnerabilities. However, the vendor's descriptions of the vulnerabilities do not make it clear that the vendor has fixed *these* vulnerabilities; the announcement is too vague to be certain. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1282 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1282 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011011 Ipswitch Imail 7.04 vulnerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html Reference: MISC:http://www.ipswitch.com/Support/IMail/news.html Reference: BID:3426 Reference: URL:http://online.securityfocus.com/bid/3426 Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information. Analysis ---------------- ED_PRI CAN-2001-1282 3 Vendor Acknowledgement: unknown vague Content Decisions: SF-LOC ACKNOWLEDGEMENT: The vendor's news page includes an entry for "IMail Server 7.04 Hotfix 1" dated October 10, 2001, which aligns with the announcement of the IMail 7.04 vulnerabilities. However, the vendor's descriptions of the vulnerabilities do not make it clear that the vendor has fixed *these* vulnerabilities; the announcement is too vague to be certain. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1283 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1283 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011011 Ipswitch Imail 7.04 vulnerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html Reference: MISC:http://www.ipswitch.com/Support/IMail/news.html Reference: BID:3427 Reference: URL:http://online.securityfocus.com/bid/3427 The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code. Analysis ---------------- ED_PRI CAN-2001-1283 3 Vendor Acknowledgement: unknown vague Content Decisions: SF-LOC ACKNOWLEDGEMENT: The vendor's news page includes an entry for "IMail Server 7.04 Hotfix 1" dated October 10, 2001, which aligns with the announcement of the IMail 7.04 vulnerabilities. However, the vendor's descriptions of the vulnerabilities do not make it clear that the vendor has fixed *these* vulnerabilities; the announcement is too vague to be certain. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1284 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1284 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011011 Ipswitch Imail 7.04 vulnerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html Reference: MISC:http://www.ipswitch.com/Support/IMail/news.html Reference: BID:3428 Reference: URL:http://online.securityfocus.com/bid/3428 Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. Analysis ---------------- ED_PRI CAN-2001-1284 3 Vendor Acknowledgement: unknown vague Content Decisions: SF-LOC ACKNOWLEDGEMENT: The vendor's news page includes an entry for "IMail Server 7.04 Hotfix 1" dated October 10, 2001, which aligns with the announcement of the IMail 7.04 vulnerabilities. However, the vendor's descriptions of the vulnerabilities do not make it clear that the vendor has fixed *these* vulnerabilities; the announcement is too vague to be certain. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1285 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1285 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011011 Ipswitch Imail 7.04 vulnerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html Reference: MISC:http://www.ipswitch.com/Support/IMail/news.html Reference: BID:3432 Reference: URL:http://online.securityfocus.com/bid/3432 Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. Analysis ---------------- ED_PRI CAN-2001-1285 3 Vendor Acknowledgement: unknown vague Content Decisions: SF-LOC ACKNOWLEDGEMENT: The vendor's news page includes an entry for "IMail Server 7.04 Hotfix 1" dated October 10, 2001, which aligns with the announcement of the IMail 7.04 vulnerabilities. However, the vendor's descriptions of the vulnerabilities do not make it clear that the vendor has fixed *these* vulnerabilities; the announcement is too vague to be certain. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1286 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1286 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011011 Ipswitch Imail 7.04 vulnerabilities Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html Reference: BUGTRAQ:20020310 IMail Account hijack through the Web Interface Reference: URL:http://online.securityfocus.com/archive/1/261096 Reference: MISC:http://www.ipswitch.com/Support/IMail/news.html Reference: BID:3432 Reference: URL:http://online.securityfocus.com/bid/3432 Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control. Analysis ---------------- ED_PRI CAN-2001-1286 3 Vendor Acknowledgement: unknown vague Content Decisions: SF-LOC ACKNOWLEDGEMENT: The vendor's news page includes an entry for "IMail Server 7.04 Hotfix 1" dated October 10, 2001, which aligns with the announcement of the IMail 7.04 vulnerabilities. However, the vendor's descriptions of the vulnerabilities do not make it clear that the vendor has fixed *these* vulnerabilities; the announcement is too vague to be certain. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1287 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1287 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011012 def-2001-29 Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-10/0083.html Reference: MISC:http://www.ipswitch.com/Support/IMail/news.html Reference: BID:3431 Reference: URL:http://online.securityfocus.com/bid/3431 Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. Analysis ---------------- ED_PRI CAN-2001-1287 3 Vendor Acknowledgement: unknown vague Content Decisions: SF-LOC ACKNOWLEDGEMENT: The vendor's news page includes an entry for "IMail Server 7.04 Hotfix 1" dated October 10, 2001, which aligns with the announcement of the IMail 7.04 vulnerabilities. However, the vendor's descriptions of the vulnerabilities do not make it clear that the vendor has fixed *these* vulnerabilities; the announcement is too vague to be certain. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1292 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1292 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010813 Sambar Telnet Proxy/Server multiple vulnerablietis Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-08/0160.html Reference: XF:sambar-telnet-bo(6973) Reference: URL:http://www.iss.net/security_center/static/6973.php Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password. Analysis ---------------- ED_PRI CAN-2001-1292 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1293 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1293 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010926 3Com(r) HomeConnect(r) Cable Modem Denial of Service Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-09/0217.html Reference: CERT-VN:VU#500027 Reference: URL:http://www.kb.cert.org/vuls/id/500027 Reference: BID:3366 Reference: URL:http://online.securityfocus.com/bid/3366 Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows remote attackers to cause a denial of service (crash) via a long HTTP request. Analysis ---------------- ED_PRI CAN-2001-1293 3 Vendor Acknowledgement: Content Decisions: SF-CODEBASE ABSTRACTION: CVE-2001-0740 describes a similar problem, but in OfficeConnect; in addition, the exploit for OfficeConnect could be a format string vulnerability and not an overflow. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1294 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1294 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: NTBUGTRAQ:20000117 Remote Buffer Exploit - InetServ 3.0 Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0001&L=ntbugtraq&F=P&S=&P=4592 Reference: BUGTRAQ:20010822 AVTronics InetServer DoS and BoF Vulnerabilities Reference: BID:3224 Reference: URL:http://online.securityfocus.com/bid/3224 Reference: XF:inetserv-webmail-bo(7022) Reference: URL:http://www.iss.net/security_center/static/7022.php Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remote attackers to cause a denial of service (crash) in the Webmail interface via a long username and password. Analysis ---------------- ED_PRI CAN-2001-1294 3 Vendor Acknowledgement: Content Decisions: SF-LOC, REDISCOVERY ABSTRACTION: a similar vulnerability was reported in CVE-2000-0065 for a long request to the webmail interface, and repeated in the Bugtraq post for this issue. CD:SF-LOC suggests combining problems of the same type that affect the same version, but there is insufficient information to know whether the "long request" problem affects the same versions or not. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1296 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1296 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011002 results of semi-automatic source code audit Reference: URL:http://www.securityfocus.com/archive/1/218000 Reference: MISC:http://www.moregroupware.org/index.php?action=detail&news_id=24 Reference: XF:php-includedir-code-execution(7215) Reference: URL:http://www.iss.net/security_center/static/7215.php Reference: BID:3383 Reference: URL:http://www.securityfocus.com/bid/3383 More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. Analysis ---------------- ED_PRI CAN-2001-1296 3 Vendor Acknowledgement: unknown vague ACKNOWLEDGEMENT: the release notes dated October 31, 2001 say that the new release includes "some neat security fixes," but it is unclear whether the vendor is fixing *this* issue. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1298 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1298 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20011002 results of semi-automatic source code audit Reference: URL:http://www.securityfocus.com/archive/1/218000 Reference: BID:3385 Reference: URL:http://www.securityfocus.com/bid/3385 Reference: XF:php-includedir-code-execution(7215) Reference: URL:http://www.iss.net/security_center/static/7215.php Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. Analysis ---------------- ED_PRI CAN-2001-1298 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1300 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1300 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: MISC:http://www.securiteam.com/windowsntfocus/5KP0N0A55M.html Reference: XF:dynuftp-dot-directory-traversal(7045) Reference: URL:http://www.iss.net/security_center/static/7045.php Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to read arbitrary files via a .. in the CD (CWD) command. Analysis ---------------- ED_PRI CAN-2001-1300 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1301 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1301 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010807 rcs2log Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html rcs2log, as used in Emacs 20.4, xemacs 21.1.10, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. Analysis ---------------- ED_PRI CAN-2001-1301 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1304 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1304 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010803 Denial of Service in SHOUTcast Server 1.8.2 Linux/w32/? Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-08/0048.html Reference: XF:shoutcast-http-field-bo(6938) Reference: URL:http://www.iss.net/security_center/static/6938.php Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header. Analysis ---------------- ED_PRI CAN-2001-1304 3 Vendor Acknowledgement: Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1305 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1305 Final-Decision: Interim-Decision: Modified: Proposed: 20020502 Assigned: 20020501 Category: SF Reference: BUGTRAQ:20010822 Hexyn / Securax Advisory #22 - ICQ Forced Auto-Add Users Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=99851887024728&w=2 Reference: BID:3226 Reference: URL:http://online.securityfocus.com/bid/3226 Reference: XF:icq-auto-add-user(7028) Reference: URL:http://www.iss.net/security_center/static/7028.php ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer. Analysis ---------------- ED_PRI CAN-2001-1305 3 Vendor Acknowledgement: Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
