[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[PROPOSAL] Cluster 49 - MISC-01 (35 candidates)
This cluster deals with miscellaneous issues in "obscure" software,
where "obscure" is approximately defined as "not having a distribution
as wide as HP, Sun, or Microsoft."
Proposed: 12/21
Scheduled Proposed: 12/20
Scheduled Interim Decision: 1/3
Scheduled Final Decision: 1/7
- Steve
Summary of votes to use (in ascending order of "severity"):
ACCEPT - voter accepts the candidate as proposed
NOOP - voter has no opinion on the candidate
MODIFY - voter wants to change some MINOR detail (e.g. reference/description)
REVIEWING - voter is reviewing/researching the candidate, or needs more info
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.
1) Please write your vote on the line that starts with "VOTE: ". If
you want to add comments or details, add them to lines after the
VOTE: line.
2) If you see any missing references, please mention them so that they
can be included. References help greatly during mapping.
3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes.
So if you don't have sufficient information for a candidate but you
don't want to NOOP, use a REVIEWING.
********** NOTE ********** NOTE ********** NOTE ********** NOTE **********
Please keep in mind that your vote and comments will be recorded and
publicly viewable in the mailing list archives or in other formats.
=================================
Candidate: CAN-1999-0671
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BID:572
Buffer overflow in ToxSoft NextFTP client through CWD command.
VOTE:
=================================
Candidate: CAN-1999-0672
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BID:573
Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics.
VOTE:
=================================
Candidate: CAN-1999-0673
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BID:574
Buffer overflow in ALMail32 POP3 client via From: or To: headers.
VOTE:
=================================
Candidate: CAN-1999-0679
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BUGTRAQ:19990813 w00w00's efnet ircd advisory (exploit included)
Reference: BID:581
Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows
remote attackers to execute commands via m_invite invite option.
VOTE:
=================================
Candidate: CAN-1999-0719
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BID:563
The Guile plugin for Gnumeric allows attackers to execute arbitrary code.
VOTE:
=================================
Candidate: CAN-1999-0741
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BUGTRAQ:19990818 QMS 2060 printer security hole
Reference: BID:593
Reference: XF:qms-2060-no-root-password
QMS CrownNet Unix Utilities for 2060 allows root to log on without a
password.
VOTE:
=================================
Candidate: CAN-1999-0750
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BUGTRAQ:19990913 Hotmail security vulnerability - injecting JavaScript using 'STYLE' tag
Reference: BID:630
Hotmail allows Javascript to be executed via the HTML STYLE tag,
allowing remote attackers to execute commands on the user's Hotmail
account.
VOTE:
=================================
Candidate: CAN-1999-0759
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BUGTRAQ:19990913 Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug
Reference: BID:634
Buffer overflow in FuseMAIL POP service via long USER and PASS
commands.
VOTE:
=================================
Candidate: CAN-1999-0778
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: KSRT:011
Reference: XF:accelx-bo
Buffer overflow in Xi Graphics Accelerated-X server allows local
users to gain root access via a long display or query parameter.
VOTE:
=================================
Candidate: CAN-1999-0788
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BID:662
Arkiea nlservd allows remote attackers to conduct a denial of service.
VOTE:
=================================
Candidate: CAN-1999-0791
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: KSRT:012
Hybrid Network cable modems do not include an authentication mechanism
for administration, allowing remote attackers to compromise the system
through the HSMP protocol.
VOTE:
=================================
Candidate: CAN-1999-0792
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: CF
Reference: ROOTSHELL:23
ROUTERmate has a default SNMP community name which allows remote
attackers to modify its configuration.
VOTE:
=================================
Candidate: CAN-1999-0801
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: XF:bmc-patrol-frames
Reference: BUGTRAQ:19990409 Patrol security bugs
BMC Patrol allows remote attackers to gain access to an agent by
spoofing frames.
VOTE:
=================================
Candidate: CAN-1999-0873
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BID:759
Buffer overflow in Skyfull mail server via MAIL FROM command.
VOTE:
=================================
Candidate: CAN-1999-0890
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19990928 Team Asylum: iHTML Merchant Vulnerabilities
iHTML Merchant allows remote attackers to obtain sensitive information
or execute commands via a code parsing error.
VOTE:
=================================
Candidate: CAN-1999-0896
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19991109 RealNetworks RealServer G2 buffer overflow.
Reference: BID:767
Buffer overflow in RealNetworks RealServer administration utility
allows remote attackers to execute arbitrary commands via a long
username and password.
VOTE:
=================================
Candidate: CAN-1999-0904
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19991103 Remote DoS Attack in BFTelnet Server v1.1 for Windows NT
Reference: BID:771
Buffer overflow in BFTelnet allows remote attackers to cause a denial
of service via a long username.
VOTE:
=================================
Candidate: CAN-1999-0916
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: CF
Reference: ISS:19990629 Bad Permissions on Passwords Stored by WebTrends Software
WebTrends software stores account names and passwords in a file which
does not have restricted access permissions.
VOTE:
=================================
Candidate: CAN-1999-0921
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19990409 Patrol security bugs
BMC Patrol allows any remote attacker to flood its UDP port, causing a
denial of service.
VOTE:
=================================
Candidate: CAN-1999-0925
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19990903 Web servers / possible DOS Attack / mime header flooding
UnityMail allows remote attackers to conduct a denial of service via a
large number of MIME headers.
VOTE:
=================================
Candidate: CAN-1999-0927
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: EEYE:AD05261999
NTMail allows remote attackers to read arbitrary files via a .. (dot
dot) attack.
VOTE:
=================================
Candidate: CAN-1999-0928
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19990525 Buffer overflow in SmartDesk WebSuite v2.1
Buffer overflow in SmartDesk WebSuite allows remote attackers to cause
a denial of service via a long URL.
VOTE:
=================================
Candidate: CAN-1999-0930
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19980903 wwwboard.pl vulnerability
wwwboard allows a remote attacker to delete message board articles via
a malformed argument.
VOTE:
=================================
Candidate: CAN-1999-0931
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19990930 Security flaw in Mediahouse Statistics Server v4.28 & 5.01
Reference: BID:734
Buffer overflow in Mediahouse Statistics Server allows remote
attackers to execute commands.
VOTE:
=================================
Candidate: CAN-1999-0932
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: CF
Reference: BUGTRAQ:19990930 Security flaw in Mediahouse Statistics Server v4.28 & 5.01
Reference: BID:735
Mediahouse Statistics Server allows remote attackers to read the
administrator password which is stored in cleartext in the ss.cfg
file.
VOTE:
=================================
Candidate: CAN-1999-0941
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19980728 mutt x.x
Mutt mail client allows a remote attacker to execute commands via
shell metacharacters.
VOTE:
=================================
Candidate: CAN-1999-0944
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19991024 password leak in IBM WebSphere / HTTP Server / ikeyman
IBM WebSphere ikeyman tool uses weak encryption to store
a password for a key database that is used for SSL connections.
VOTE:
=================================
Candidate: CAN-1999-0946
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19991102 Some holes for Win/UNIX softwares
Reference: BID:760
Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED
tag.
VOTE:
=================================
Candidate: CAN-1999-0948
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BID:757
Reference: BUGTRAQ:19991102 Some holes for Win/UNIX softwares
Buffer overflow in uum program for Canna input system allows local
users to gain root privileges.
VOTE:
=================================
Candidate: CAN-1999-0949
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BID:757
Reference: BUGTRAQ:19991102 Some holes for Win/UNIX softwares
Buffer overflow in canuum program for Canna input system allows local
users to gain root privileges.
VOTE:
=================================
Candidate: CAN-1999-0950
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19991027 WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability
Reference: BID:747
Buffer overflow in WFTPD FTP server allows remote attackers to gain
root access via a series of MKD and CWD commands that create nested
directories.
VOTE:
=================================
Candidate: CAN-1999-0954
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: CF
Reference: BUGTRAQ:19990916 More fun with WWWBoard
Reference: BID:649
WWWBoard has a default username and default password.
VOTE:
=================================
Candidate: CAN-1999-0957
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19970618 Security hole in MajorCool 1.0.3
MajorCool mj_key_cache program allows local users to modify files via
a symlink attack.
VOTE:
=================================
Candidate: CAN-1999-0968
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19981226 bnc exploit
Buffer overflow in BNC IRC proxy allows remote attackers to gain
privileges.
VOTE:
=================================
Candidate: CAN-1999-0970
Published:
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991208
Category: SF
Reference: BUGTRAQ:19990605 Remote Exploit (Bug) in OmniHTTPd Web Server
The OmniHTTPD visadmin.exe program allows a remote attacker to conduct
a denial of service via a malformed URL which causes a large number of
temporary files to be created.
VOTE: