(日期:][下一个日期][线程:][线程下][日期索引][线程索引]
临时决定:接受45不同候选人(最后9月10)
- 来:cve-editorial-board-list@lists.mitre.org
- 主题:临时决定:接受45不同候选人(最后9月10)
- 从:“史蒂文·m·Christey " <coley@linus.mitre.org>
- 日期-0400年:1999年9月5日太阳21:34:27(美国东部时间)
- 交货日期:1999年9月5日21:37:07
- 发送方:owner-cve-editorial-board-list@lists.mitre.org
我做了一个临时决定接受45以下候选人。15个来自CGI集群,21从缓冲区,并从MORELOW 9。他们是普遍的漏洞,不受任何杰出的内容决定,并有至少3 non-MITRE选票包含(例如接受或修改)。我将做出最终决定这些候选人星期五,9月10日。——史蒂夫= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0047:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:CERT: ca - 97.05。sendmail参考:XF: sendmail-mime-bo2 MIME转换在sendmail版本8.8.3和8.8.4缓冲区溢出。修改:ADDREF XF: sendmail-mime-bo2选票:接受(3)Northcutt,山,普罗塞修改(1)法国人评论:弗雷希> XF: sendmail-mime-bo2 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0058:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:奈:NAI-12参考:XF: http-cgi-phpbo缓冲区溢出在PHP cgi程序,PHP。cgi允许shell访问。修改:DELREF XF: http-phpbo选票:接受(3)Northcutt,山,普罗塞修改(1)法国人评论:弗雷希>删除XF: http-phpbo = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0063:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990726分配:19990607类别:科幻参考:AUSCERT: esb - 98.197参考:思科:http://www.cisco.com/warp/public/770/iossyslog-pub.shtml参考:XF: cisco-syslog-crash思科IOS 12.0和其他版本可以被恶意UDP数据包坠毁syslog端口。修改:ADDREF XF: cisco-syslog-crash DESC nmap,添加UDP / syslog票:接受(2)墙,Ozancin修改(1)法国人评论:弗雷希> XF: cisco-syslog-crash = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0064:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:BUGTRAQ: May28, 1997参考:XF: lquerylv-bo缓冲区溢出在AIX lquerylv程序给本地用户根访问。投票:接受(4)Northcutt,希尔,普罗塞,法国人评论:普罗塞>附加源普罗塞> AIX 4.2 lguerylv格奥尔基Guninski“普罗塞>http://www.securityfocus.com= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0066:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:BUGTRAQ: Jul31, 1995参考:XF: http-cgi-anyform AnyForm CGI远程执行修改:ADDREF BUGTRAQ: Jul31, 1995票:接受(3)Northcutt,普罗塞,法国人评论:普罗塞>可能想添加参考BUGTRAG普罗塞> AnyForm“安全漏洞:CGI普罗塞>http://www.securityfocus.com/bugtraq/= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0070:最终决定:阶段性裁决:19990906修改:建议:19990623分配:19990607类别:科幻参考:XF: http-cgi-test test-cgi程序允许攻击者列表文件服务器上的投票:接受(3)Northcutt,普罗塞,法国人= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0071:最终决定:阶段性裁决:19990906修改:建议:19990623分配:19990607类别:科幻参考:XF: http-apache-cookie参考:奈:NAI-2 Apache httpd饼干缓冲区溢出1.1.1和更早的版本。投票:接受(4)Northcutt,希尔,普罗塞,法国人= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0085:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:BUGTRAQ: Aug21, 1996参考:XF: rwhod参考:XF: rwhod-vuln rwhod缓冲区溢出在AIX中修改:ADDREF BUGTRAQ: Aug21, 1996票:接受(4)Northcutt,山,普罗塞,法国人评论:普罗塞>附加源普罗塞> BUGTRAQ普罗塞>“rwhod缓冲区溢出”David j . Meltzer普罗塞>http://www.securityfocus.com/bugtraq/1996_3/0380.htm= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0102:最终决定:阶段性裁决:19990906修改:建议:19990623分配:19990607类别:科幻参考:XF: slmail-fromheader-overflow SLmail 3中缓冲区溢出。x允许攻击者使用的大行执行命令。投票:接受(4)Northcutt,希尔,普罗塞,法国人= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0109:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:太阳:00140参考:AUSCERT: aa - 97.06参考:XF: ffbconfig-bo缓冲区溢出在Solaris ffbconfig 2.5.1修改:ADDREF XF: ffbconfig-bo选票:接受(2)Northcutt,希尔修改(2)普罗塞,法国人评论:普罗塞>根据太阳,影响2.5和2.5.1……添加裁判普罗塞>太阳安全公告140普罗塞>http://sunsolve.sun.com弗雷希> XF: ffbconfig-bo = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0112:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:BUGTRAQ: May20, 1997参考:XF: dtterm-bo缓冲区溢出在AIX dtterm CDE修改程序:ADDREF BUGTRAQ: May20, 1997 ADDREF XF: dtterm-bo选票:接受(3)Northcutt,山,普罗塞修改(1)法国人评论:普罗塞>添加裁判普罗塞> BUGTRAQ普罗塞>“AIX 4.2 dtterm利用“普罗塞>http://www.securityfocus.com弗雷希> XF: dtterm-bo = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0122:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:BUGTRAQ: Jul21, 1999参考:XF: lchangelv-bo缓冲区溢出在AIX lchangelv给根访问。修改:ADDREF BUGTRAQ: Jul21 1999 ADDREF XF: lchangelv-bo选票:接受(3)Northcutt,山,普罗塞修改(1)法国人评论:普罗塞>添加裁判普罗塞> BUGTRAQ普罗塞>“AIX lchangelv”普罗塞>http://www.securityfocus.com/弗雷希> XF: lchangelv-bo = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0139:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: sol-mkcookie参考:肢体重复性劳损症:rsi.0012.12 - 03 - 98. solaris。MKCOOKIE缓冲区溢位Solaris x86 MKCOOKIE允许本地用户获得根访问。修改:ADDREF XF: sol-mkcookie选票:接受(3)Northcutt,山,普罗塞修改(1)法国人评论:弗雷希> XF: sol-mkcookie = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0146:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:BUGTRAQ: Jul15, 1997参考:XF: http-cgi-campas坎CGI程序提供一些机子web服务器允许攻击者读取任意文件。修改:ADDREF BUGTRAQ: Jul15 1997票:接受(3)Northcutt,普罗塞,法国人评论:普罗塞>附加源,普罗塞> BUGTRAQ普罗塞>“旧金山托雷斯”普罗塞>http://www.securityfocus.com= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0147:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: http-cgi-glimpse参考:AUSCERT: aa - 97.28一瞥的aglimpse CGI程序包允许远程执行任意命令修改:ADDREF AUSCERT: aa - 97.28票:接受(3)Northcutt,普罗塞,法国人评论:普罗塞>附加源普罗塞> AUSCERT警报aa - 97.28普罗塞>http://www.auscert.org.au= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0148:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:SGI: 19970501 - 02 - px参考:XF: http-sgi-handler IRIX中的处理程序CGI程序允许任意的命令执行。修改:ADDREF SGI: 19970501 - 02 - px选票:接受(3)Northcutt,普罗塞,法国人评论:普罗塞>附加源普罗塞> SGI安全咨询19970501 - 02 - px普罗塞>http://www.sgi.com/Support/security/advisories.html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0149:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: http-sgi-wrap参考:SGI: 19970501 - 02 - px IRIX中的包装CGI程序允许从远程用户任意命令执行。修改:ADDREF SGI: 19970501 - 02 - px选票:接受(3)Northcutt,普罗塞,法国人评论:普罗塞>附加源普罗塞> SGI安全咨询19970501 - 02 - px普罗塞>http://www.sgi.com/Support/security/advisories.html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0172:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: http-cgi-formmail-exe参考:BUGTRAQ: Aug02 1995 FormMail CGI程序允许远程执行的命令。修改:ADDREF BUGTRAQ: Aug02 1995票:接受(3)Northcutt,普罗塞,法国人评论:普罗塞>附加源普罗塞> BUGTRAQ普罗塞>“安全漏洞:FormMail”普罗塞>http://www.securityfocus.com/bugtraq/1995= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0176:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:BUGTRAQ: Jul10, 1997参考:XF: http-webgais-query Webgais程序允许用户远程执行任意命令。修改:ADDREF BUGTRAQ: Jul10 1997票:接受(3)Northcutt,普罗塞,法国人评论:普罗塞>附加源普罗塞> BUGTRAQ普罗塞>“WEBgais脆弱性”Razvan Dragomirescu普罗塞>http://www.securityfocus.com/bugtraq/1997_3/0057.html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0182:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:CIAC: h - 110参考:CERT: vb - 97.10。samba参考:XF: nt-samba-bo samba缓冲区溢出,允许远程攻击者获得root访问通过指定一个密码。修改:ADDREF CERT: vb - 97.10。samba选票:接受(4)Northcutt,山,普罗塞,法国人评论:普罗塞>额外的裁判普罗塞> vb - 97.10。samba普罗塞>ftp://info.cert.org/pub/cert_bulletins/VB-97.10.sanba= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0192:最终决定:阶段性裁决:19990906修改:建议:19990623分配:19990607类别:科幻参考:SNI: SNI-20参考:XF: bsd-tel-tgetent缓冲区溢出的telnet守护进程tgetent路由通过TERMCAP允许远程攻击者获得root访问环境变量。投票:接受(4)Northcutt,希尔,普罗塞,法国人= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0196:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: http-webgais-smail参考:BUGTRAQ: Jul08 1997 websendmail项目Webgais程序允许远程用户访问任意文件。修改:ADDREF BUGTRAQ: Jul08 1997票:接受(3)Northcutt,普罗塞,弗雷希无操作(1)Christey评论:普罗塞>附加源普罗塞> BUGTRAQ普罗塞>“WEBgais脆弱性”Razvan Dragomirescu普罗塞>http://www.securityfocus.com/bugtraq/1997_3/0057.htmChristey >其实,适当的引用“脆弱性在Christey > websendmail”Razvan Dragomirescu,转发到Bugtraq Christey >的朱利安·阿桑奇7月8日1997 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0206:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: sendmail-mime-bo参考:AUSCERT: aa - 96.06 - Sendmail 8.8.0 MIME缓冲区溢出和8.8.1给根访问。修改:ADDREF XF: sendmail-mime-bo ADDREF AUSCERT: aa - 96.06 -一个投票:接受(3)Northcutt,山,普罗塞修改(1)法国人评论:普罗塞>额外的裁判普罗塞> AUSCERT咨询aa - 96.06 -普罗塞>http://www.auscert.org.au/弗雷希> XF: sendmail-mime-bo = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0219:最终决定:阶段性裁决:19990906修改:建议:19990623分配:19990607类别:科幻参考:XF: ftp-servu缓冲区溢出在Serv-U FTP服务器当用户执行一个慢性消耗病目录具有悠久的名字。投票:接受(4)Northcutt,希尔,普罗塞,法国人= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0230:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:思科:http://www.cisco.com/warp/public/770/pwbuf-pub.shtml缓冲区溢出在思科7 xx路由器通过telnet服务。修改:DESC改变至7 xx ADDREF思科:http://www.cisco.com/warp/public/770/pwbuf-pub.shtml投票:接受(2)Northcutt,希尔修改(2)普罗塞,弗雷希无操作(1)Christey评论:普罗塞>波影响脆弱的版本运行的任何7 xx路由器普罗塞> IOS / 700操作系统。额外裁判普罗塞>添加字段注意:普罗塞> 7 xx路由器密码缓冲区溢出普罗塞>http://www.cisco.com/warp/public/770/pwbuf-pub.shtml总结弗雷希>我们表明,这可能发生在7 xx路由器。弗伦奇>是明智的验证之前改变它,因为我没有整个数据库在我的前面。弗雷希> XF: cisco-7xxcrash Christey >验证7 xx版本= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0237:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: http-cgi-guestbook参考:CERT: vb - 97.02通过留言板CGI程序远程执行任意命令。修改:ADDREF CERT: vb - 97.02票:接受(3)Northcutt,普罗塞,法国人评论:普罗塞>附加源普罗塞> CERT供应商通报vb - 97 - 02年普罗塞>http://www.cert.org= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0244:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:奈:NAI-23参考:XF: radius-accounting-overflow利文斯顿半径代码有一个缓冲区溢出,可以允许远程执行的命令作为根。修改:ADDREF XF: radius-accounting-overflow选票:接受(3)Northcutt,山,普罗塞修改(1)法国人评论:弗雷希> XF: radius-accounting-overflow = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0256:最终决定:阶段性裁决:19990906修改:建议:19990623分配:19990607类别:科幻参考:XF: war-ftpd缓冲区溢出在战争中FTP允许远程执行的命令。投票:接受(4)Northcutt,希尔,普罗塞,法国人= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0262:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: http-cgi-faxsurvey参考:BUGTRAQ: Aug04 1998 faxsurvey Linux上的CGI脚本允许远程命令执行通过shell元字符。修改:ADDREF XF: http-cgi-faxsurvey ADDREF BUGTRAQ: Aug04, 1998票:接受(2)Northcutt,普罗塞修改(1)法国人评论:弗雷希> XF: http-cgi-faxsurvey = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0264:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: http-htmlscript-file-access参考:BUGTRAQ: Jan27 1998 htmlscript CGI程序允许远程读取访问文件。修改:ADDREF XF: http-htmlscript-file-access ADDREF BUGTRAQ: Jan27, 1998票:接受(2)Northcutt,普罗塞修改(1)法国人评论:弗雷希> XF: http-htmlscript-file-access = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0269:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: netscape-server-pageservices网景企业服务器可以通过PageServices查询列表文件。修改:ADDREF XF: netscape-server-pageservices选票:接受(2)Northcutt,普罗塞修改(1)法国人评论:弗雷希> XF: netscape-server-pageservices = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0276:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: msql-debug-bo参考:SEKURE: sekure.01 - 99。msql msql v2.0.1通过缓冲区溢出和低于允许远程执行。修改:ADDREF XF: msql-debug-bo ADDREF SEKURE: sekure.01 - 99。msql选票:接受(3)Northcutt,山,普罗塞修改(1)法国人评论:普罗塞>额外的裁判普罗塞> Sekure SDI咨询sekure.01 - 99。msql普罗塞>http://www.sekure.org弗雷希> XF: msql-debug-bo = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0278:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:女士:ms98 - 003参考:XF: iis-asp-data-check在IIS,远程攻击者可以获得源代码ASP文件通过添加“::$ DATA”的URL。修改:ADDREF女士:ms98 - 003 ADDREF XF: iis-asp-data-check选票:接受(2)Northcutt,普罗塞修改(1)法国人评论:普罗塞>附加源普罗塞>微软安全公告ms98 - 003普罗塞>http://www.microsoft.com/security弗雷希> XF: iis-asp-data-check = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0279:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:CERT: vb - 98.01。激发参考:XF: excite-cgi-search-vuln激发Web服务器(EWS)允许远程命令执行通过shell元字符。修改:ADDREF XF: excite-cgi-search-vuln选票:接受(2)Northcutt,普罗塞修改(1)法国人评论:弗雷希> XF: excite-cgi-search-vuln = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0315:最终决定:阶段性裁决:19990906修改:建议:19990623分配:19990607类别:科幻参考:XF: fdformat-bo参考:00138年太阳:缓冲区溢出在Solaris fdformat命令给本地用户根访问。投票:接受(4)Northcutt,希尔,普罗塞,法国人评论:普罗塞>添加裁判普罗塞>太阳安全公告00138普罗塞>http://sunsolve.sun.com/= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0339:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:XF: sol-sun-libauth参考:肢体重复性劳损症:rsi.0007.05 - 26 - 98缓冲区溢出在Solaris libauth库允许本地用户获得更多的特权,可能根访问。修改:ADDREF肢体重复性劳损症:rsi.0007.05 - 26 - 98票:接受(4)Northcutt,山,普罗塞,法国人评论:普罗塞>太阳从来没有发布一个公告BO但释放普罗塞>影响系统的补丁。添加ref,普罗塞> RSI预警咨询rsi.0007.05 - 26 - 98普罗塞> www.repsec.com = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0355:最终决定:阶段性裁决:19990906修改:建议:19990726分配:19990607类别:科幻参考:国际空间站:多个漏洞ControlIT (tm)远程(以前可能/ 32)企业管理软件参考:XF: controlit-reboot本地或远程用户可以力ControlIT 4.5重新启动或用户注销,导致拒绝服务。投票:接受(3)墙、Ozancin弗雷希= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0363:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990726分配:19990607类别:科幻参考:BUGTRAQ: Feb02, 1999参考:XF: plp-lpc-bo参考:科幻小说:328 SuSE 5.2 PLP lpc程序缓冲区溢出,导致根妥协。修改:DESC改变SuSe SuSe选票:接受(2)墙,Ozancin修改(1)法国人评论:弗雷希>改变SuSe SuSe。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0365:最终决定:阶段性裁决:19990906修改:建议:19990726分配:19990607类别:科幻参考:BUGTRAQ: Feb04, 1999参考:XF: metamail-header-commands metamail包允许远程命令执行使用shell元字符不引用一个mailcap条目。投票:接受(3)墙、Ozancin弗雷希= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0371:最终决定:阶段性裁决:19990906修改:建议:19990726分配:19990607类别:科幻参考:BUGTRAQ: Feb11、1999参考:XF: lynx-temp-files-race猞猁允许本地用户覆盖敏感文件/ tmp符号链接。投票:接受(3)墙、Ozancin弗雷希= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0404:最终决定:阶段性裁决:19990906修改:建议:19990726分配:19990607类别:科幻参考:BUGTRAQ:照片,1999参考:XF: mailmax-bo缓冲区溢出Mail-Max SMTP服务器的Windows系统允许远程命令执行。投票:接受(3)墙、Ozancin弗雷希= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0405:最终决定:阶段性裁决:19990906修改:19990905 - 01提议:19990623分配:19990607类别:科幻参考:伤害:002参考:BUGTRAQ: Feb18, 1999参考:XF: lsof-bo缓冲区溢出在lsof允许本地用户获得根权限。修改:ADDREF XF: lsof-bo选票:接受(3)Northcutt,山,普罗塞修改(1)法国人评论:弗雷希> XF: lsof-bo = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0410:最终决定:阶段性裁决:19990906修改:建议:19990726分配:19990607类别:科幻参考:BUGTRAQ: Mar5, 1999参考:XF: sol-cancel参考:科幻小说:293取消命令在Solaris 2.6 (i386)有一个缓冲区溢出,允许本地用户获得根访问。 VOTES: ACCEPT(3) Wall, Ozancin, Frech ================================= Candidate: CAN-1999-0417 Published: Final-Decision: Interim-Decision: 19990906 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: BUGTRAQ:Mar9,1999 Reference: XF:solaris-psinfo-crash Reference: SF:448 64 bit Solaris 7 procfs allows local users to perform a denial of service. VOTES: ACCEPT(3) Wall, Ozancin, Frech ================================= Candidate: CAN-1999-0441 Published: Final-Decision: Interim-Decision: 19990906 Modified: Proposed: 19990726 Assigned: 19990607 Category: SF Reference: EEYE:AD02221999 Reference: XF:wingate-redirector-dos Reference: SF:509 Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. VOTES: ACCEPT(3) Wall, Ozancin, Frech
- 上一页的日期:以逗号分隔的“官方”CVE条目
- 下一个按日期:最终决定:接受45个不同的候选人
- Prev线程:以逗号分隔的“官方”CVE条目
- 下一个线程:最终决定:接受45个不同的候选人
- 指数(es):
