|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Cluster 06: VEN-others
- To: cve-review@linus.mitre.org
- Subject: RE: Cluster 06: VEN-others
- From: "Prosser, Mike" <mike.prosser@L-3Security.com>
- Date: Wed, 30 Jun 1999 16:40:37 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----Original Message----- From: Steven M. Christey [mailto:coley@linus.mitre.org] Sent: Thursday, June 17, 1999 2:11 PM To: cve-review@linus.mitre.org Subject: Cluster 06: VEN-others This cluster has 2 vulnerabilities. - ------------------------------------------ Candidate: CAN-1999-0358 Proposer: 001 Assigned: 19990617 Announced: 19990617 Category: SF Reference: BUGTRAQ:Jan29,1999 Reference: COMPAQ:SSRT0583U Digital Unix 4.0 has a buffer overflow in the inc program of the mh package. Modify: Ref'd SSRT has an 'at' vulnerable as well supposedly fixed by the patch. Shouldn't this be included as a seperate CVE in this cluster. ref:BugTraq "Digital Unix Buffer Overflows: Exploits" from Lamont Granquist for both as well. - ------------------------------------------ Candidate: CAN-1999-0433 Proposer: 001 Assigned: 19990617 Announced: 19990617 Category: SF Reference: SUSE:Mar28,1999 Reference: BUGTRAQ:Mar21,1999 XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. Accept -----BEGIN PGP SIGNATURE----- Version: PGP 6.0.2 iQA/AwUBN3qQ3RIUaHPadf5hEQKsIwCghsEhK1K5DADqO/8j4ioyDiO+mGgAoIpD 1CHkMIMD9JCdpP69rSmrLSVF =EBBr -----END PGP SIGNATURE-----
- Prev by Date: RE: Cluster 02: VEN-AIX
- Next by Date: Re: Cluster 02: VEN-AIX
- Prev by thread: Re: Cluster 06: VEN-others
- Next by thread: Cluster 07: VEN-ROUTER
- Index(es):