再保险:[VOTEPRI] 12 5/1/2000高优先级的候选人

* Steven m . Christey (coley@LINUS.MITRE.ORG)[000501 23:57): >以下12个候选人被分配一个优先。他们>软件供应商都是承认的。有些人需要更多的比一票承兑>,所以你的投票将不胜感激。> >其中最重要的是可以- 1999 - 0210 - 1999 - 0493。CERT >活动报告表明这些bug仍然被剥削。>请注意,还可以- 1999 - 0387最初提出的1999年7月,但>不包括任何引用。自那时以来,微软>发布了一个安全公告。> > -史蒂夫> > >总结的选票使用(“严重程度”的按升序)> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > >接受——选民接受候选人提出>等待-选民对候选人没有意见>修改-选民想要改变一些小细节(例如参考/描述)>回顾-选民正在审查/研究候选人,或需要更多信息>重塑-候选人必须大幅修改,如分割或合并>拒绝候选人不是“漏洞”,或重复等。> > 1)请写你的投票在直线上,从“投票:”开始。如果>你想添加评论或细节,将它们添加到行>后投票:行。> > 2)如果你看到任何失踪的引用,请提及他们,使他们>可以包括在内。 References help greatly during mapping. > > 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. > So if you don't have sufficient information for a candidate but you > don't want to NOOP, use a REVIEWING. > > ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** > > Please keep in mind that your vote and comments will be recorded and > publicly viewable in the mailing list archives or in other formats. > > KEY FOR INFERRED ACTIONS > ------------------------ > > Inferred actions capture the voting status of a candidate. They may > be used by the moderator to determine whether or not a candidate is > added to CVE. Where there is disagreement, the moderator must resolve > the issue and achieve consensus, or make the final decision if > consensus cannot be reached. > > - ACCEPT = 3 non-MITRE votes to ACCEPT/MODIFY, and no REVIEWING or REJECT > - ACCEPT_ACK = 2 non-MITRE ACCEPT/MODIFY, and vendor acknowledgement > - MOREVOTES = needs more votes > - ACCEPT_REV = 3 non-MITRE ACCEPT's but is delayed due to a REVIEWING > - SMC_REJECT = REJECT by Steve Christey; likely to be rejected outright > - SMC_REVIEW = REVIEWING by Steve Christey; likely related to CD's > - REVIEWING = at least one member is REVIEWING > - REJECT = at least one member REJECTed > - REVOTE = members should review their vote on this candidate > > ================================= > Candidate: CAN-1999-0031 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 19990728 > Assigned: 19990607 > Category: SF > Reference: CERT:CA-97.20.javascript > > JavaScript allows remote attackers to monitor a user's web > activities. > > INFERRED ACTION: CAN-1999-0031 MOREVOTES-1 (1 accept, 1 ack, 0 review) > > Current Votes: > ACCEPT(1) Wall > MODIFY(1) Christey > NOOP(1) Northcutt > > Comments: > Christey> The CERT advisory is athttp://www.cert.org/advisories/CA-97.20.javascript.html> Christey > > Christey > ADDREF惠普:hpsbux9707 - 065 > Christey >http://www.codetalker.com/advisories/vendor/hp/hpsbux9707 - 065. - html> Christey > > Christey >根据CERT咨询,这个问题影响网络> Christey > Explorer 3。x和4。x,网景2。x, 3。4. x, x。> Christey >包含这个描述。> > >投票:修改需要一个更好的描述漏洞有几个JS漏洞在同一时间内,类似的结果,但孔隙记录。贝尔实验室的漏洞,这就是其中之一。这是一个其他的:http://www.securityfocus.com/templates/archive.pike?list=1&msg=c%3dde%25a%3ddbp%25p%3dscn%25l%3dmchh9eea - 970711140700 - z - 970711140700 @de he01a.exchange.pn.siemens.de——妇幼保健> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 1999 - 0124 >发表:>最终决定:>阶段性裁决::>修改>提出:19990623 >分配:19990607 >类别:科幻小说>参考:CERT: CA-93:11.UMN.UNIX.gopher。脆弱性>参考:XF: gopher-vuln > >漏洞在学院小田鼠和金花鼠+允许入侵者阅读>任何gopher守护进程可以访问的文件。> >推断行动:- 1999 - 0124 MOREVOTES-1(1接受,1 ack, 0评论)> >当前投票:弗伦奇> >接受(1)无操作(1)Christey > >评论:> Christey >修改描述,包括版本号> Christey > 1.12和2.0 x > Christey > > Christey >咨询在> Christey >http://www.cert.org/advisories/CA-93.11.UMN.UNIX.gopher.vulnerability.html> Christey > > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 1999 - 0210 >发表:>最终决定:>阶段性裁决:>修改:19991130 - 01 >提出:19990714 >分配:19990607 >类别:科幻小说>参考:BUGTRAQ: 19971126 Solaris 2.5.1 automountd利用(fwd) >参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=88053459921223&w=2>参考:BUGTRAQ: 19990103太阳几乎有一个线索!(automountd) >引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=91547759121289&w=2>参考:惠普:hpsbux9910 - 104 >参考:CERT: ca - 99 - 05年> >加载守护进程automountd允许本地或远程用户获得特权>通过shell元字符。:> >修改>改变描述和添加引用。> >推断行动:- 1999 - 0210 ACCEPT_ACK(2接受,2 ack, 0评论)> >当前投票:>修改(2)Shostack弗雷希>无操作(3)Northcutt,墙,Christey > >评论:> Shostack >我认为有一个SNI咨询这弗伦奇> >不是足够的信息;可能XF: sun-automountd(改变挂载选项)> Christey > > Christey > SNI没有发布一个顾问;然而,奥利弗·弗里德里希> Christey >发送一个帖子说SNI的安全工具测试它。> Christey >看到http://marc.theaimsgroup.com/?l=bugtraq&m=91553343311719&w=2> Christey > > Christey >这是一个艰难的一个。有老加载错误> Christey >只有局部可采,然后一个更新的rpc。statd缺陷允许远程> Christey >它是可利用的。至少有两个错误,> Christey >但应该有三个吗?> Christey > > Christey >也看到- 1999 - 0493 > > >可以投票:接受ADDREF:三个vulns报价:235。235,报价729,报价450。> = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 1999 - 0387 >发表:>最终决定:>阶段性裁决:>修改:19991206 - 01 >提出:19990728 >分配:19990607 >类别:科幻小说>参考:女士:ms99 - 052 >参考:网址:http://www.microsoft.com/technet/security/bulletin/ms99 - 052. - asp>参考:MSKB: Q168115 >参考:报价:829 >参考:网址:http://www.securityfocus.com/vdb/bottom.html?vid=829> >遗留凭证缓存机制用于Windows 95和Windows > 98网络系统允许攻击者读取明文密码。:> >修改> ADDREF女士:ms99 - 052 > ADDREF MSKB: Q168115 > ADDREF报价:829 > >推断行动:- 1999 - 0387可以再拨款(0,1)> >当前投票:弗伦奇> >回顾(1)重新投票(1)Christey > >评论:弗伦奇> >术语“遗产”是模糊的,可以解释。需要一个弗伦奇> >参考建立这个漏洞。> Christey >添加参考文献。有趣的是,这个候选人是分配> Christey > 6月7日,1999年,但没有引用到> Christey >微软咨询11月下旬。我失去了> Christey >原始参考。> > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 1999 - 0491 >发表:>最终决定:>阶段性裁决:>修改:20000418 - 02年>提出:19990728 >分配:19990607 >类别:科幻小说>参考:BUGTRAQ: 19990420 Bash虫>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=pine.lnx.4.10.9904202114070.6623 - 100000 @smooth.operator.org>参考:火山口:综援- 1999 - 008.0 >参考:网址:ftp://ftp.calderasystems.com/pub/openlinux/security/cssa - 1999 008.0.txt>参考:报价:119 >参考:网址:http://www.securityfocus.com/vdb/bottom.html?vid=119> >提示解析在bash中允许本地用户执行命令>另一个用户通过创建一个目录,执行命令的名称>。:> >修改> CHANGEREF BUGTRAQ[标题]> ADDREF火山口:综援008.0 - 1999 > >推断行动:- 1999 - 0491 MOREVOTES-1(1接受,1 ack, 0评论)> >当前投票:弗伦奇> >修改(1)无操作(1)Christey > >评论:弗伦奇> bash-prompt-pars-dir > Christey > > XF: bash-prompt-pars-dir不存在。> Christey > > Christey > ADDREF火山口:综援- 1999 - 008.0 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 1999 - 0493 >发表:>最终决定:>阶段性裁决:>修改:19991203 - 01 >提出:19990728 >分配:19990607 >类别:科幻小说>参考:CERT: ca - 99 - 05年>参考:网址:http://www.cert.org/advisories/ca - 99 - 05 - statd automountd.html>参考:太阳:00186 >参考:网址:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/186&type=0&nav=sec.sba>参考:BUGTRAQ: 19990103太阳几乎有一个线索!(automountd) >引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=91547759121289&w=2> > rpc。statd允许远程攻击者RPC调用转发给当地>操作系统通过SM_MON和SM_NOTIFY命令,进而>可以用来远程利用automountd等缺陷。> >修改:> > >添加大量引用推断行动:- 1999 - 0493 MOREVOTES-1 (1, 2 ack, 0评论)> >当前投票:>接受(1)Northcutt >等待(1)Christey > >评论:> Christey >这个候选人已经修改。> > >投票:接受ADDREF:报价:450 > > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0076 >发表:>最终决定:>阶段性裁决::>修改>提出:20000125 >分配:20000122 >类别:科幻小说>参考:BUGTRAQ: 19991230 vibackup。sh >参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=94709988232618&w=2>参考:DEBIAN: 20000109 nvi:不正确的文件启动脚本中删除>参考:网址:http://www.debian.org/security/2000/20000108> > nviboot引导脚本在Debian nvi包允许本地用户>删除文件通过在vi.recover畸形的条目。> >推断行动:- 2000 - 0076 MOREVOTES-2 (0, 1 ack, 0评论)> >当前投票:> > >投票:等待> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0092 >发表:>最终决定:>阶段性裁决::>修改>提出:20000208 >分配:20000202 >类别:科幻小说>参考:FREEBSD: FreeBSD-SA-00:01 >参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:01.make.asc>参考:报价:939 >参考:网址:http://www.securityfocus.com/vdb/bottom.html?vid=939> > BSD使程序允许本地用户修改文件通过一个符号链接>攻击时使用- j选项。> >推断行动:- 2000 - 0092 MOREVOTES-2 (0, 1 ack, 1审查)> >当前投票:>等待(1)墙>回顾(1)科尔> > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0113 >发表:>最终决定:>阶段性裁决:>修改:20000419 - 01 >提出:20000208 >分配:20000208 >类别:科幻小说>参考:BUGTRAQ: 20000128 SyGate 3.11端口7323 /远程管理洞>参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=94934808714972&w=2>参考:BUGTRAQ: 20000202 SV: SyGate 3.11端口7323 /远程管理洞>参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=94952641025328&w=2>参考:BUGTRAQ: 20000203更新:Sygate 3.11端口7323 Telnet洞>参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=94973281714994&w=2>参考:确认:http://www.sybergen.com/support/fix.htm>参考:报价:952 >参考:网址:http://www.securityfocus.com/vdb/bottom.html?vid=952> > SyGate远程管理程序不合理限制>的访问管理服务,它允许远程攻击者>导致拒绝服务,或访问网络流量统计。> >推断行动:- 2000 - 0113 MOREVOTES-1(1接受,1 ack, 0评论)> >当前投票:>接受科尔(1)>无操作(2)墙,Christey > >评论:> Christey > Sygate证实了这种563年01/2000——构建(β)> Christey >评论:“修复阻止外部telnet端口7323 > Christey >没有增强的安全。”>>>VOTE: ACCEPT > > ================================= > Candidate: CAN-2000-0157 > Published: > Final-Decision: > Interim-Decision: > Modified: 20000321-01 > Proposed: 20000223 > Assigned: 20000223 > Category: SF > Reference: NETBSD:1999-012 > Reference: URL:ftp://ftp.netbsd.org/pub/netbsd/misc/security/advisories/netbsd sa1999 txt.asc——012.>参考:XF: netbsd-ptrace > > NetBSD ptrace呼吁VAX允许本地用户获得特权>修改PSL内容在调试过程中。> >修改> ADDREF XF: netbsd-ptrace > >推断行动:- 2000 - 0157 MOREVOTES-2 (0, 1 ack, 1审查)> >当前投票:>无操作(2)墙,勒布朗>回顾(1)科尔> > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0229 >发表:>最终决定:>阶段性裁决:>修改:20000424 - 01 >提出:20000412 >分配:20000412 >类别:科幻小说>参考:BUGTRAQ: 20000322 gpm-root >参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000322182143.4498.qmail@securityfocus.com>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html>参考:SUSE: 20000405 gpm < 1.18.1 >参考安全漏洞:网址:http://www.suse.de/de/support/security/suse_security_announce_45.txt>参考:REDHAT: RHSA-2000:009-02 >参考:网址:http://www.redhat.com/support/errata/rhsa - 2000009 - 02. - html>参考:报价:1069 >参考:网址:http://www.securityfocus.com/bid/1069>参考:XF: linux-gpm-root > > gpm-root流量包中不适当放弃特权,>允许本地用户获得特权的开始> gpm-root效用。:> >修改> ADDREF SUSE: 20000405 gpm < 1.18.1 > ADDREF REDHAT的安全漏洞:RHSA-2000:009-02 > >推断行动:- 2000 - 0229 MOREVOTES-1 (1, 2 ack, 0评论)> >当前投票:弗伦奇> >接受(1)无操作(1)科尔> > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0230 >发表:>最终决定:>阶段性裁决:>修改:20000424 - 01 >提出:20000412 >分配:20000412 >类别:科幻小说>参考:BUGTRAQ: 20000316 & c开发咨询——都是imwheel >参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-03/0168.html>参考:REDHAT: RHSA-2000:016-02 >参考:网址:http://www.redhat.com/support/errata/rhsa - 2000016 - 02. - html>参考:报价:1060 >参考:网址:http://www.securityfocus.com/bid/1060> >缓冲区溢出imwheel允许本地用户获得根权限>通过imwheel-solo脚本和长家里环境变量。> >修改> ADDREF红帽:RHSA-2000:016-02 > >推断行动:- 2000 - 0230 MOREVOTES-1(1接受,1 ack, 0评论)> >当前投票:弗伦奇> >修改(1)无操作(1)科尔> >评论:弗伦奇> > XF: linux-imwheel-bo > > >投票:接受,以利亚利维SecurityFocus.comhttp://www.securityfocus.com/