|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PROPOSAL] Cluster 2004-01-A - 37 candidates
I am proposing cluster 2004-01-A for review and voting by the Editorial Board. Name: 2004-01-A Description: CANs announced between 2004/01/02 and 2004/01/12 Size: 37 You may vote on candidates by modifying this email ballot and sending it back to me, or by using the CVE voting web site. The candidates are listed in order of priority. Priority 1 and Priority 2 candidates both deal with varying levels of vendor confirmation, so they should be easy to review and it can be trusted that the problems are real. Summary of votes to use (in ascending order of "severity") ---------------------------------------------------------- ACCEPT - voter accepts the candidate as proposed NOOP - voter has no opinion on the candidate MODIFY - voter wants to change some MINOR detail (e.g. reference/description) REVIEWING - voter is reviewing/researching the candidate, or needs more info RECAST - candidate must be significantly modified, e.g. split or merged REJECT - candidate is "not a vulnerability", or a duplicate, etc. 1) Please write your vote on the line that starts with "VOTE: ". If you want to add comments or details, add them to lines after the VOTE: line. 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2003-0969 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0969 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20031201 Category: SF Reference: DEBIAN:DSA-411 Reference: URL:http://www.debian.org/security/2004/dsa-411 Reference: XF:mpg321-mp3-format-string(14148) Reference: URL:http://xforce.iss.net/xforce/xfdb/14148 mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability. Analysis ---------------- ED_PRI CAN-2003-0969 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2003-0985 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20031216 Category: SF Reference: BUGTRAQ:20040105 Linux kernel mremap vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107332782121916&w=2 Reference: MISC:http://isec.pl/vulnerabilities/isec-0013-mremap.txt Reference: BUGTRAQ:20040105 Linux kernel do_mremap() proof-of-concept exploit code Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340358402129&w=2 Reference: BUGTRAQ:20040106 Linux mremap bug correction Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340814409017&w=2 Reference: SUSE:SuSE-SA:2004:001 Reference: SUSE:SuSE-SA:2004:003 Reference: URL:http://www.suse.com/de/security/2004_03_linux_kernel.html Reference: CONECTIVA:CLA-2004:799 Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799 Reference: ENGARDE:ESA-20040105-001 Reference: URL:http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html Reference: REDHAT:RHSA-2003:416 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-416.html Reference: REDHAT:RHSA-2003:417 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-417.html Reference: REDHAT:RHSA-2003:419 Reference: URL:http://www.redhat.com/support/errata/RHSA-2003-419.html Reference: DEBIAN:DSA-413 Reference: URL:http://www.debian.org/security/2004/dsa-413 Reference: DEBIAN:DSA-417 Reference: URL:http://www.debian.org/security/2004/dsa-417 Reference: DEBIAN:DSA-427 Reference: URL:http://www.debian.org/security/2004/dsa-427 Reference: DEBIAN:DSA-439 Reference: URL:http://www.debian.org/security/2004/dsa-439 Reference: DEBIAN:DSA-440 Reference: URL:http://www.debian.org/security/2004/dsa-440 Reference: DEBIAN:DSA-442 Reference: URL:http://www.debian.org/security/2004/dsa-442 Reference: IMMUNIX:IMNX-2004-73-001-01 Reference: MANDRAKE:MDKSA-2004:001 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:001 Reference: SGI:20040102-01-U Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U Reference: BUGTRAQ:20040105 TSLSA-2004-01 - kernel Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107332754521495&w=2 Reference: BUGTRAQ:20040107 [slackware-security] Kernel security update (SSA:2004-006-01) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107350348418373&w=2 Reference: BUGTRAQ:20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html Reference: BUGTRAQ:20040112 SmoothWall Project Security Advisory SWP-2004:001 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107394143105081&w=2 Reference: XF:linux-domremap-gain-privileges(14135) Reference: URL:http://xforce.iss.net/xforce/xfdb/14135 The mremap system call (do_mremap) in Linux kernel 2.4 and 2.6 does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. Analysis ---------------- ED_PRI CAN-2003-0985 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2003-1022 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1022 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20031219 Category: SF Reference: DEBIAN:DSA-416 Reference: URL:http://www.debian.org/security/2004/dsa-416 Reference: CIAC:O-048 Reference: URL:http://www.ciac.org/ciac/bulletins/o-048.shtml Reference: XF:fspsuite-dot-directory-traversal(14154) Reference: URL:http://xforce.iss.net/xforce/xfdb/14154 Reference: BID:9377 Reference: URL:http://www.securityfocus.com/bid/9377 Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. Analysis ---------------- ED_PRI CAN-2003-1022 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0011 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0011 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040105 Category: SF Reference: DEBIAN:DSA-416 Reference: URL:http://www.debian.org/security/2003/dsa-416 Reference: CIAC:O-048 Reference: URL:http://www.ciac.org/ciac/bulletins/o-048.shtml Reference: BID:9377 Reference: URL:http://www.securityfocus.com/bid/9377 Reference: XF:fsp-boundry-error-bo(14155) Reference: URL:http://xforce.iss.net/xforce/xfdb/14155 Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code. Analysis ---------------- ED_PRI CAN-2004-0011 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0013 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0013 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040105 Category: SF Reference: DEBIAN:DSA-414 Reference: URL:http://www.debian.org/security/2004/dsa-414 Reference: MANDRAKE:MDKSA-2004:005 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:005 jabber 1.4.3, 1.4.2a, and possibly other versions does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash). Analysis ---------------- ED_PRI CAN-2004-0013 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0015 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0015 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040105 Category: SF Reference: DEBIAN:DSA-418 Reference: URL:http://www.debian.org/security/2004/dsa-418 vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges. Analysis ---------------- ED_PRI CAN-2004-0015 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0016 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0016 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040105 Category: SF Reference: DEBIAN:DSA-419 Reference: URL:http://www.debian.org/security/2004/dsa-419 The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files. Analysis ---------------- ED_PRI CAN-2004-0016 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0028 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0028 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040106 Category: SF Reference: DEBIAN:DSA-420 Reference: URL:http://www.debian.org/security/2004/dsa-420 jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands. Analysis ---------------- ED_PRI CAN-2004-0028 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0044 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0044 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040112 Category: SF Reference: CISCO:20040108 Cisco Personal Assistant User Password Bypass Vulnerability Reference: URL:http://www.cisco.com/warp/public/707/cisco-sa-20040108-pa.shtml Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when "Allow Only Cisco CallManager Users" is enabled and the Corporate Directory settings refer to the directory service being used by Cisco CallManager, which allows remote attackers to gain access with a valid username. Analysis ---------------- ED_PRI CAN-2004-0044 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0049 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0049 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040114 Category: SF Reference: CONFIRM:http://service.real.com/help/faq/security/040112_dos/ Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. Analysis ---------------- ED_PRI CAN-2004-0049 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0070 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0070 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040115 Category: SF Reference: BUGTRAQ:20040110 Remote Code Execution in ezContents Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107392588915627&w=2 Reference: CONFIRM:http://www.ezcontents.org/forum/viewtopic.php?t=361 PHP remote code injection vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code. Analysis ---------------- ED_PRI CAN-2004-0070 1 Vendor Acknowledgement: unknown ACKNOWLEDGEMENT: the vendor's web site includes an item "Wed Feb 04, 2004 9:48 am" which explicitly lists CAN-2004-0070. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2003-0994 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0994 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20031216 Category: SF Reference: FULLDISC:20040112 SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM Reference: URL:http://lists.netsys.com/pipermail/full-disclosure/2004-January/015510.html Reference: BUGTRAQ:20040112 SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM Reference: URL:http://lists.netsys.com/pipermail/full-disclosure/2004-January/015510.html Reference: BUGTRAQ:20040112 Re: SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107393473928245&w=2 Reference: MISC:http://www.secnetops.biz/research/SRT2004-01-09-1022.txt The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges. Analysis ---------------- ED_PRI CAN-2003-0994 2 Vendor Acknowledgement: yes followup Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0035 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0035 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040107 Category: SF Reference: BUGTRAQ:20040105 Multiple Vulnerabilities in Phorum 3.4.5 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340481804110&w=2 Reference: XF:phorum-register-sql-injection(14146) Reference: URL:http://xforce.iss.net/xforce/xfdb/14146 SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the hide_email parameter. Analysis ---------------- ED_PRI CAN-2004-0035 2 Vendor Acknowledgement: yes advisory ACKNOWLEDGEMENT: The Phorum home page includes a news item for Phorum 3.4.6 that says it fixed some "cross sight scripting issues that were found by Calum Power [the Bugtraq poster]... [including] register.php." While the Phorum announcement implies it's an XSS issue, the coincidence with Power's post is sufficient enough to reasonably assume that Phorum's statement is erroneous with respect to implying that it's XSS instead of SQL injection. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0045 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0045 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040112 Category: SF Reference: BUGTRAQ:20040107 [SECURITY] INN: Buffer overflow in control message handling Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2004-01/0063.html Reference: BUGTRAQ:20040108 [OpenPKG-SA-2004.001] OpenPKG Security Advisory (inn) Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2004-01/0064.html Buffer overflow in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. Analysis ---------------- ED_PRI CAN-2004-0045 2 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0002 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0002 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040105 Category: SF Reference: CONFIRM:http://lists.freebsd.org/pipermail/cvs-src/2004-January/016271.html The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. Analysis ---------------- ED_PRI CAN-2004-0002 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0014 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0014 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040105 Category: SF Reference: DEBIAN:DSA-412 Reference: URL:http://www.debian.org/security/2004/dsa-412 Reference: XF:nd-long-string-bo(14141) Reference: URL:http://xforce.iss.net/xforce/xfdb/14141 Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings. Analysis ---------------- ED_PRI CAN-2004-0014 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0017 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0017 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040105 Category: SF Reference: DEBIAN:DSA-419 Reference: URL:http://www.debian.org/security/2004/dsa-419 Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations. Analysis ---------------- ED_PRI CAN-2004-0017 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-LOC, SF-EXEC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0029 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0029 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040106 Category: SF Reference: BUGTRAQ:20040106 Lotus Notes Domino 6.0.2 (linux) faulty default permissions Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340897710308&w=2 Reference: XF:lotus-notes-insecure-permissions(14153) Reference: URL:http://xforce.iss.net/xforce/xfdb/14153 Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges. Analysis ---------------- ED_PRI CAN-2004-0029 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0030 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0030 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040106 Category: SF Reference: BUGTRAQ:20040106 Vuln in PHPGEDVIEW 2.61 Multi-Problem Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340840209453&w=2 Reference: XF:phpgedview-pgvbasedirectory-file-include(14159) Reference: URL:http://xforce.iss.net/xforce/xfdb/14159 PHP remote code injection vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote attackers to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web server that contains the code. Analysis ---------------- ED_PRI CAN-2004-0030 3 Vendor Acknowledgement: unknown Content Decisions: SF-EXEC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0031 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0031 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040106 Category: SF Reference: BUGTRAQ:20040106 Vuln in PHPGEDVIEW 2.61 Multi-Problem Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340840209453&w=2 Reference: XF:phpgedview-modify-admin-password(14161) Reference: URL:http://xforce.iss.net/xforce/xfdb/14161 PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php. Analysis ---------------- ED_PRI CAN-2004-0031 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0032 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0032 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040106 Category: SF Reference: BUGTRAQ:20040106 Vuln in PHPGEDVIEW 2.61 Multi-Problem Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340840209453&w=2 Reference: XF:phpgedview-search-xss(14160) Reference: URL:http://xforce.iss.net/xforce/xfdb/14160 Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter. Analysis ---------------- ED_PRI CAN-2004-0032 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0033 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0033 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040106 Category: SF Reference: BUGTRAQ:20040106 Vuln in PHPGEDVIEW 2.61 Multi-Problem Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340840209453&w=2 Reference: XF:phpgedview-admin-info-disclosure(14162) Reference: URL:http://xforce.iss.net/xforce/xfdb/14162 admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command. Analysis ---------------- ED_PRI CAN-2004-0033 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0034 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0034 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040107 Category: SF Reference: BUGTRAQ:20040105 Multiple Vulnerabilities in Phorum 3.4.5 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340481804110&w=2 Reference: CONFIRM:http://phorum.org/ Reference: XF:phorum-common-xss(14145) Reference: URL:http://xforce.iss.net/xforce/xfdb/14145 Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error variable in login.php. Analysis ---------------- ED_PRI CAN-2004-0034 3 Vendor Acknowledgement: yes advisory Content Decisions: SF-EXEC ACKNOWLEDGEMENT: The Phorum home page includes a news item for Phorum 3.4.6 that says it fixed some "cross sight scripting issues that were found by Calum Power [the Bugtraq poster]." Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0036 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0036 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040107 Category: SF Reference: BUGTRAQ:20040105 vBulletin Forum 2.3.xx calendar.php SQL Injection Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340358202123&w=2 Reference: XF:vbulletin-calendar-sql-injection(14144) Reference: URL:http://xforce.iss.net/xforce/xfdb/14144 SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x allows remote attackers to steal sensitive information via the eventid parameter. Analysis ---------------- ED_PRI CAN-2004-0036 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0037 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0037 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040107 Category: SF Reference: BUGTRAQ:20040105 FirstClass Client 7.1: Command Execution via Email Web Link Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107340950611167&w=2 Reference: XF:firstclassclient-execute-code(14151) Reference: URL:http://xforce.iss.net/xforce/xfdb/14151 Reference: BID:9370 Reference: URL:http://www.securityfocus.com/bid/9370 FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages. Analysis ---------------- ED_PRI CAN-2004-0037 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0042 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0042 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040108 Category: SF Reference: MISC:http://www.securitytracker.com/alerts/2004/Jan/1008628.html vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames. Analysis ---------------- ED_PRI CAN-2004-0042 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0043 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0043 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040108 Category: SF Reference: BUGTRAQ:20040108 Yahoo Instant Messenger Long Filename Downloading Buffer Overflow Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107357996802255&w=2 Reference: FULLDISC:20040108 Yahoo Instant Messenger Long Filename Downloading Buffer Overflow Reference: URL:http://lists.netsys.com/pipermail/full-disclosure/2004-January/015334.html Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature. Analysis ---------------- ED_PRI CAN-2004-0043 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0046 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0046 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040112 Category: SF Reference: BUGTRAQ:20040106 SnapStream PVS LITE Cross Site Scripting Vulnerabillity Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107350313917867&w=2 Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a '"' (double quote) character. Analysis ---------------- ED_PRI CAN-2004-0046 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0055 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0055 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040114 Category: SF Reference: MISC:http://marc.theaimsgroup.com/?l=tcpdump-workers&m=107325073018070&w=2 Reference: REDHAT:RHSA-2004:008 Reference: URL:http://www.redhat.com/support/errata/RHSA-2004-008.html Reference: DEBIAN:DSA-425 Reference: URL:http://www.debian.org/security/2004/dsa-425 Reference: MANDRAKE:MDKSA-2004:008 Reference: URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:008 Reference: SGI:20040103-01-U Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc Reference: CONFIRM:http://docs.info.apple.com/article.html?artnum=61798 Reference: CONFIRM:http://lists.apple.com/mhonarc/security-announce/msg00046.html Reference: BUGTRAQ:20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107577418225627&w=2 Reference: CERT-VN:VU#955526 Reference: URL:http://www.kb.cert.org/vuls/id/955526 The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value. Analysis ---------------- ED_PRI CAN-2004-0055 3 Vendor Acknowledgement: yes Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0065 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0065 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040114 Category: SF Reference: BUGTRAQ:20040112 More phpGedView Vulnerabilities Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107394912715478&w=2 Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow remote attackers to execute arbitrary SQL via (1) timeline.php and (2) placelist.php. Analysis ---------------- ED_PRI CAN-2004-0065 3 Vendor Acknowledgement: unknown discloser-claimed Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0066 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0066 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040114 Category: SF Reference: BUGTRAQ:20040112 More phpGedView Vulnerabilities Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107394912715478&w=2 phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via malformed parameters to (1) indilist.php, (2) famlist.php, (3) placelist.php, (4) imageview.php, (5) timeline.php, (6) clippings.php, (7) login.php, and (8) gdbi.php. Analysis ---------------- ED_PRI CAN-2004-0066 3 Vendor Acknowledgement: unknown discloser-claimed Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0067 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0067 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040114 Category: SF Reference: BUGTRAQ:20040112 More phpGedView Vulnerabilities Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107394912715478&w=2 Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. Analysis ---------------- ED_PRI CAN-2004-0067 3 Vendor Acknowledgement: unknown discloser-claimed Content Decisions: SF-LOC Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0069 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0069 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040115 Category: SF Reference: BUGTRAQ:20040108 Windows FTP Server Format String Vulnerability Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107367110805273&w=2 Reference: BUGTRAQ:20040113 exploit for HD Soft Windows FTP Server 1.6 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107401398014761&w=2 Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function. Analysis ---------------- ED_PRI CAN-2004-0069 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0071 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0071 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040115 Category: SF Reference: BUGTRAQ:20040110 PHP Manpage lookup directory transversal / file disclosing Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107392764118403&w=2 Directory traversal vulnerability in buildManPage in class.manpagelookup.php for PHP Man Page Lookup allows remote attackers to read arbitrary files via the command parameter ($cmd variable) to index.php. Analysis ---------------- ED_PRI CAN-2004-0071 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0072 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0072 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040115 Category: SF Reference: BUGTRAQ:20040109 Directory Traversal in Accipiter Direct Server 6.0 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107392576215418&w=2 Reference: FULLDISC:20040109 Directory Traversal in Accipiter Direct Server 6.0 Reference: URL:http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0274.html Reference: XF:accipterdirectserver-directory-traversal(14198) Reference: URL:http://xforce.iss.net/xforce/xfdb/14198 Reference: BID:9389 Reference: URL:http://www.securityfocus.com/bid/9389 Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arbitrary files via encoded \.. (backslash .., "%5c%2e%2e") sequences in an HTTP request. Analysis ---------------- ED_PRI CAN-2004-0072 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0073 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0073 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040115 Category: SF Reference: BUGTRAQ:20040102 include() vuln in EasyDynamicPages v.2.0 Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107307457327707&w=2 PHP remote code injection vulnerability in config.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that contains a malicious serverdata.php script. Analysis ---------------- ED_PRI CAN-2004-0073 3 Vendor Acknowledgement: unknown Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2004-0074 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0074 Final-Decision: Interim-Decision: Modified: Proposed: 20040318 Assigned: 20040115 Category: SF Reference: BUGTRAQ:20040102 xsok local games exploit Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107307407027259&w=2 Reference: BUGTRAQ:20040103 xsok local games exploit (2) Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=107332542918529&w=2 Reference: BID:9352 Reference: URL:http://www.securityfocus.com/bid/9352 Reference: BID:9341 Reference: URL:http://www.securityfocus.com/bid/9341 Reference: XF:xsok-lang-bo(14910) Reference: URL:http://xforce.iss.net/xforce/xfdb/14910 Reference: XF:xsok-long-xsokdir-bo(14906) Reference: URL:http://xforce.iss.net/xforce/xfdb/14906 Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG environment variable, or (2) a long -xsokdir command line argument, a different vulnerability than CAN-2003-0949. Analysis ---------------- ED_PRI CAN-2004-0074 3 Vendor Acknowledgement: unknown Content Decisions: SF-LOC ABSTRACTION: since both overflows affect the same version and were reported at the same time, they are MERGED per CD:SF-LOC. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS:
|
||||
