|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster RECENT-97 - 36 candidates
I am proposing cluster RECENT-97 for review and voting by the Editorial Board. Name: RECENT-97 Description: CANs announced between 2002/07/03 and 2002/07/25 Size: 36 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. If you discover that any RECENT-XX cluster is incomplete with respect to the problems discovered during the associated time frame, please send that information to me so that candidates can be assigned. - Steve Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2002-0642 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0642 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020628 Category: CF Reference: MS:MS02-034 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms02-034.asp The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, has insecure permissions, which allows local users to gain privileges, aka "Incorrect Permission on SQL Server Service Account Registry Key." Analysis ---------------- ED_PRI CAN-2002-0642 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0644 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0644 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020628 Category: SF Reference: MS:MS02-038 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms02-038.asp Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code. Analysis ---------------- ED_PRI CAN-2002-0644 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0650 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0650 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020628 Category: SF/CF/MP/SA/AN/unknown Reference: BUGTRAQ:20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102760196931518&w=2 Reference: NTBUGTRAQ:20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=102760479902411&w=2 Reference: MS:MS02-039 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms02-039.asp The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two servers to exchange packets in an infinite loop. Analysis ---------------- ED_PRI CAN-2002-0650 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0668 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0668 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A071202-1 Reference: URL:http://www.atstake.com/research/advisories/2002/a071202-1.txt Reference: CONFIRM:http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the Call Forwarding settings and hijack calls. Analysis ---------------- ED_PRI CAN-2002-0668 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0671 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0671 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A071202-1 Reference: URL:http://www.atstake.com/research/advisories/2002/a071202-1.txt Reference: CONFIRM:http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing. Analysis ---------------- ED_PRI CAN-2002-0671 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0672 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0672 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF Reference: ATSTAKE:A071202-1 Reference: URL:http://www.atstake.com/research/advisories/2002/a071202-1.txt Reference: CONFIRM:http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null. Analysis ---------------- ED_PRI CAN-2002-0672 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0673 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0673 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A071202-1 Reference: URL:http://www.atstake.com/research/advisories/2002/a071202-1.txt Reference: CONFIRM:http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp The enrollment process for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to the phone to log out the current user and re-register the phone using MyPingtel Sign-In to gain remote access and perform unauthorized actions. Analysis ---------------- ED_PRI CAN-2002-0673 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0674 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0674 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A071202-1 Reference: URL:http://www.atstake.com/research/advisories/2002/a071202-1.txt Reference: CONFIRM:http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication. Analysis ---------------- ED_PRI CAN-2002-0674 1 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0678 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0678 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF/CF/MP/SA/AN/unknown Reference: BUGTRAQ:20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102635906423617&w=2 Reference: CERT:CA-2002-20 Reference: URL:http://www.cert.org/advisories/CA-2002-20.html Reference: CERT-VN:VU#299816 Reference: URL:http://www.kb.cert.org/vuls/id/299816 Reference: CALDERA:CSSA-2002-SCO.28 Reference: URL:ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. Analysis ---------------- ED_PRI CAN-2002-0678 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0685 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0685 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020711 Category: SF Reference: BUGTRAQ:20020710 EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102634756815773&w=2 Reference: NTBUGTRAQ:20020710 EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=102639521518942&w=2 Reference: CONFIRM:http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.04/hotfix/ReadMe.txt Buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message. Analysis ---------------- ED_PRI CAN-2002-0685 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0697 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0697 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020712 Category: SF Reference: MS:MS02-036 Reference: URL:http://www.microsoft.com/technet/security/bulletin/MS02-036.asp Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials. Analysis ---------------- ED_PRI CAN-2002-0697 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0698 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0698 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020712 Category: SF Reference: ISS:20020724 Remote Buffer Overflow Vulnerability in Microsoft Exchange Server Reference: URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20759 Reference: MSKB:Q326322 Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q326322 Reference: MS:MS02-037 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms02-037.asp Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response. Analysis ---------------- ED_PRI CAN-2002-0698 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0714 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0714 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020720 Category: SF Reference: REDHAT:RHSA-2002:130 Reference: URL:http://rhn.redhat.com/errata/RHSA-2002-130.html Reference: SUSE:SuSE-SA:2002:025 Reference: CONFIRM:http://www.squid-cache.org/Versions/v2/2.4/bugs/ Reference: CONFIRM:http://www.squid-cache.org/Advisories/SQUID-2002_3.txt Reference: CONECTIVA:CLA-2002:506 Reference: MANDRAKE:MDKSA-2002:044 Reference: URL:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.php Reference: BUGTRAQ:20020715 TSLSA-2002-0062 - squid Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102674543407606&w=2 FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses. Analysis ---------------- ED_PRI CAN-2002-0714 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0728 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0728 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020723 Category: SF Reference: CONFIRM:ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-list.200207 Buffer overflow in the progressive reader for libpng 1.2.4 and 1.0.14 allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk. Analysis ---------------- ED_PRI CAN-2002-0728 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0776 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0776 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020725 Category: SF Reference: BUGTRAQ:20020713 Hosting Controller Vulnerability Reference: URL:http://online.securityfocus.com/archive/1/282129 Reference: CONFIRM:http://hostingcontroller.com/english/logs/sp2log.html getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix. Analysis ---------------- ED_PRI CAN-2002-0776 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0663 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0663 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020702 Category: SF Reference: ATSTAKE:A071502-1 Reference: URL:http://www.atstake.com/research/advisories/2002/a071502-1.txt Reference: VULNWATCH:20020715 Re: [VulnWatch] Advisory Name: Norton Personal Internet Firewall HTTP Proxy Vulnerability Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request. Analysis ---------------- ED_PRI CAN-2002-0663 2 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0675 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0675 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A071202-1 Reference: URL:http://www.atstake.com/research/advisories/2002/a071202-1.txt Reference: MISC:http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmware upgrade, which allows unauthorized users to upgrade the phone. Analysis ---------------- ED_PRI CAN-2002-0675 2 Vendor Acknowledgement: no disputed ACKNOWLEDGEMENT: the vendor appears to dispute these claims in a point-by-point response to the @stake advisory: "The firmware can be upgraded in either of two ways. One way is through a phone's web browser user interface; only an authenticated 'admin' user is allowed to access the interface for upgrading a phone. The second way is through Pingtel's VersionCheck mechanism. While the second way does not require administrator privileges, this should not be an issue since the administrator controls which firmware upgrades are made available to an xpressa phone." Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0676 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0676 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF Reference: BUGTRAQ:20020706 MacOS X SoftwareUpdate Vulnerability Reference: MISC:http://www.cunap.com/~hardingr/projects/osx/exploit.html SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. Analysis ---------------- ED_PRI CAN-2002-0676 2 Vendor Acknowledgement: yes Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0624 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0624 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020612 Category: SF Reference: MS:MS02-034 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms02-034.asp Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure." Analysis ---------------- ED_PRI CAN-2002-0624 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0637 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0637 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020625 Category: SF/CF/MP/SA/AN/unknown Reference: MISC:http://www.securiteam.com/securitynews/5KP000A7QE.html InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express. Analysis ---------------- ED_PRI CAN-2002-0637 3 Vendor Acknowledgement: unknown discloser-claimed Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0641 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0641 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020628 Category: SF Reference: MS:MS02-034 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms02-034.asp Reference: BUGTRAQ:20020711 Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102639885223746&w=2 Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query. Analysis ---------------- ED_PRI CAN-2002-0641 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0643 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0643 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020628 Category: SF Reference: BUGTRAQ:20020711 SQL Server 7 & 2000 Installation process and Service Packs write encoded passwords to a file Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102640092826731&w=2 Reference: VULN-DEV:20020711 SQL Server 7 & 2000 Installation process and Service Packs write encoded passwords to a file Reference: URL:http://marc.theaimsgroup.com/?l=vuln-dev&m=102640394131103&w=2 Reference: MS:MS02-035 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms02-035.asp The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain privileges, aka "SQL Server Installation Process May Leave Passwords on System." Analysis ---------------- ED_PRI CAN-2002-0643 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC ABSTRACTION: it might be argued that there are 2 different types of issues here that deserve separate CVE identifiers, or maybe 3: bad permissions, weak encryption, and not deleting installation files. In this case, the problems are all so closely inter-related, it is difficult to separate them cleanly. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0645 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0645 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020628 Category: SF Reference: MS:MS02-038 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms02-038.asp SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2002-0645 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0649 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0649 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020628 Category: SF Reference: BUGTRAQ:20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102760196931518&w=2 Reference: NTBUGTRAQ:20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=102760479902411&w=2 Reference: MS:MS02-039 Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms02-039.asp Multiple buffer overflows in SQL Server 2000 Resolution Service allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption. Analysis ---------------- ED_PRI CAN-2002-0649 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0667 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0667 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: CF Reference: ATSTAKE:A071202-1 Reference: URL:http://www.atstake.com/research/advisories/2002/a071202-1.txt Reference: CONFIRM:http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone. Analysis ---------------- ED_PRI CAN-2002-0667 3 Vendor Acknowledgement: unknown Content Decisions: CF-PASS Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0670 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0670 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF/CF/MP/SA/AN/unknown Reference: ATSTAKE:A071202-1 Reference: URL:http://www.atstake.com/research/advisories/2002/a071202-1.txt Reference: CONFIRM:http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing. Analysis ---------------- ED_PRI CAN-2002-0670 3 Vendor Acknowledgement: unknown Content Decisions: INCLUSION, ABSTRACTION INCLUSION/ABSTRACTION: while the choice of base64 encoding in HTTP basic authentication does pose a security risk, this type of problem is reflective of a general class of issue of authentication information going over the network in plaintext or near-plaintext. Should every application that makes this choice get its own CAN? What about if it's implementing a standard protocol? Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0677 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0677 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020709 Category: SF Reference: BUGTRAQ:20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102635906423617&w=2 Reference: CERT:CA-2002-20 Reference: URL:http://www.cert.org/advisories/CA-2002-20.html Reference: CERT-VN:VU#975403 Reference: URL:http://www.kb.cert.org/vuls/id/975403 Reference: CALDERA:CSSA-2002-SCO.28 Reference: URL:ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. Analysis ---------------- ED_PRI CAN-2002-0677 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0680 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0680 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020710 Category: SF Reference: BUGTRAQ:20020710 wp-02-0001: GoAhead Web Server Directory Traversal + Cross Site Scripting Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102631742711795&w=2 Reference: VULNWATCH:20020710 [VulnWatch] wp-02-0001: GoAhead Web Server Directory Traversal + Cross Site Scripting Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0013.html Reference: BUGTRAQ:20020719 Re: [VulnWatch] wp-02-0001: GoAhead Web Server Directory Traversal + Cross Site Scripting Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102709382714597&w=2 Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CAN-2001-0228. Analysis ---------------- ED_PRI CAN-2002-0680 3 Vendor Acknowledgement: unknown Content Decisions: INCLUSION INCLUSION: Maybe this item should not be included in CVE. It was reported in CAN-2001-0228 that a "clean" (unencoded) .. affected the 2.1 server. If that is true, then this encoded version could be regarded as an alternate attack of the same underlying issue, and perhaps this item should be rejected. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0681 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0681 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020710 Category: SF Reference: BUGTRAQ:20020710 wp-02-0001: GoAhead Web Server Directory Traversal + Cross Site Scripting Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102631742711795&w=2 Reference: VULNWATCH:20020710 [VulnWatch] wp-02-0001: GoAhead Web Server Directory Traversal + Cross Site Scripting Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0013.html Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script. Analysis ---------------- ED_PRI CAN-2002-0681 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0682 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0682 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020710 Category: SF Reference: BUGTRAQ:20020710 wp-02-0008: Apache Tomcat Cross Site Scripting Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102631703811297&w=2 Reference: VULNWATCH:20020710 [VulnWatch] wp-02-0008: Apache Tomcat Cross Site Scripting Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0014.html Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet. Analysis ---------------- ED_PRI CAN-2002-0682 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0683 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0683 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020710 Category: SF Reference: BUGTRAQ:20020710 wp-02-0012: Carello 1.3 Remote File Execution Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102631808212876&w=2 Reference: VULNWATCH:20020710 [VulnWatch] wp-02-0012: Carello 1.3 Remote File Execution Reference: URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0015.html Directory traversal vulnerability in Carello 1.3 allows remote attackers to execute programs on the server via a .. (dot dot) in the VBEXE parameter. Analysis ---------------- ED_PRI CAN-2002-0683 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0686 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0686 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020712 Category: SF Reference: BUGTRAQ:20020709 Sun iPlanet Web Server Buffer Overflow (#NISR09072002) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102622220416889&w=2 Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and 6.0 allows remote attackers to execute arbitrary code via a long argument to the NS-rel-doc-name parameter. Analysis ---------------- ED_PRI CAN-2002-0686 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0713 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0713 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020720 Category: SF Reference: REDHAT:RHSA-2002:130 Reference: URL:http://rhn.redhat.com/errata/RHSA-2002-130.html Reference: SUSE:SuSE-SA:2002:025 Reference: CONFIRM:http://www.squid-cache.org/Versions/v2/2.4/bugs/ Reference: CONFIRM:http://www.squid-cache.org/Advisories/SQUID-2002_3.txt Reference: CONECTIVA:CLA-2002:506 Reference: MANDRAKE:MDKSA-2002:044 Reference: URL:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.php Reference: BUGTRAQ:20020715 TSLSA-2002-0062 - squid Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102674543407606&w=2 Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated. Analysis ---------------- ED_PRI CAN-2002-0713 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC, VAGUE Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0715 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0715 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020720 Category: SF Reference: REDHAT:RHSA-2002:130 Reference: URL:http://rhn.redhat.com/errata/RHSA-2002-130.html Reference: SUSE:SuSE-SA:2002:025 Reference: CONFIRM:http://www.squid-cache.org/Versions/v2/2.4/bugs/ Reference: CONFIRM:http://www.squid-cache.org/Advisories/SQUID-2002_3.txt Reference: CONECTIVA:CLA-2002:506 Reference: MANDRAKE:MDKSA-2002:044 Reference: URL:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.php Reference: BUGTRAQ:20020715 TSLSA-2002-0062 - squid Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102674543407606&w=2 Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password. Analysis ---------------- ED_PRI CAN-2002-0715 3 Vendor Acknowledgement: yes advisory Content Decisions: VAGUE Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0717 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0717 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020722 Category: SF Reference: BUGTRAQ:20020722 PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102734515923277&w=2 Reference: BUGTRAQ:20020722 Advisory 02/2002: PHP remote vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102734516023281&w=2 Reference: CERT:CA-2002-21 Reference: URL:http://www.cert.org/advisories/CA-2002-21.html Reference: CERT-VN:VU#929115 Reference: URL:http://www.kb.cert.org/vuls/id/929115 Reference: XF:php-multipart-handler-bo(9635) Reference: URL:http://www.iss.net/security_center/static/9635.php PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed. Analysis ---------------- ED_PRI CAN-2002-0717 3 Vendor Acknowledgement: yes advisory Content Decisions: VAGUE Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0729 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0729 Final-Decision: Interim-Decision: Modified: Proposed: 20020726 Assigned: 20020725 Category: SF Reference: BUGTRAQ:20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102760196931518&w=2 Reference: NTBUGTRAQ:20020725 Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002) Reference: URL:http://marc.theaimsgroup.com/?l=ntbugtraq&m=102760479902411&w=2 Microsoft SQL Server 2000 allows remote attackers to cause a denial of service via a malformed 0x08 packet that is missing a colon separator. Analysis ---------------- ED_PRI CAN-2002-0729 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
