再保险(建议):集群商- 15的候选人

* Steven m . Christey (coley@LINUS.MITRE.ORG)[000518 00:49): >以下集群包含15个候选人宣布> 4月13日至4月25日,2000年。> >中所列出的候选人优先秩序。优先级1和优先级> 2的候选人都应对不同层次的供应商>确认,所以他们应该易于检查和可以信任的>,问题是真实的。> >如果你发现任何RECENT-XX集群与尊重>是不完整的过程中发现的问题相关的时间框架,请>信息发送给我,这样候选人可以转让。> > -史蒂夫> > >总结的选票使用(“严重程度”的按升序)> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > >接受——选民接受候选人提出>等待-选民对候选人没有意见>修改-选民想要改变一些小细节(例如参考/描述)>回顾-选民正在审查/研究候选人,或需要更多信息>重塑-候选人必须大幅修改,如分割或合并>拒绝候选人不是“漏洞”,或重复等。> > 1)请写你的投票在直线上,从“投票:”开始。如果>你想添加评论或细节,将它们添加到行>后投票:行。> > 2)如果你看到任何失踪的引用,请提及他们,使他们>可以包括在内。在映射引用帮助极大。> > 3)请注意,“修改”被视为一个“接受”当计算选票。>如果你没有足够的信息对候选人但你>不想等待,使用一个回顾。 > > ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** > > Please keep in mind that your vote and comments will be recorded and > publicly viewable in the mailing list archives or in other formats. > > ================================= > Candidate: CAN-2000-0311 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000518 > Assigned: 20000511 > Category: SF > Reference: MS:MS00-026 > Reference: URL:http://www.microsoft.com/technet/security/bulletin/ms00 - 026. - asp>参考:报价:1145 >参考:网址:http://www.securityfocus.com/bid/1145> > 2000年Windows域控制器允许恶意用户修改Active Directory >通过修改一个不受保护的属性信息,>又名“混合对象访问”的弱点。> > > ED_PRI - 2000 - 0311 1 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0331 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000421 CMD。EXE溢出(CISADV000420) >引用:网址:http://archives.neohapsis.com/archives/bugtraq/2000-04/0147.html>参考:女士:ms00 - 027 >参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 027. - asp>参考:报价:1135 >参考:网址:http://www.securityfocus.com/bid/1135> >缓冲区溢出在微软为Windows命令处理程序(用于cmd . exe) > NT和Windows 2000允许本地用户造成拒绝服务>通过环境变量,又名“畸形的环境>变量”的弱点。> > > ED_PRI - 2000 - 0331 1 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0334 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:阿莱尔:ASB00-10 >参考:网址:http://www.allaire.com/handlers/index.cfm?ID=15411&Method=Full> >阿莱尔光谱容器编辑预览工具不正确>安全执行对象,它允许攻击者进行>未经授权的活动通过对象方法添加到>出版规则容器对象。> > > ED_PRI - 2000 - 0334 1 > > >投票:修改参考:出价1181 > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0336 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:REDHAT: RHSA-2000:012-05 >参考:网址:http://www.redhat.com/support/errata/rhsa - 2000012 - 05. - html> >在Red Hat Linux OpenLDAP服务器允许本地用户修改>任意文件通过一个符号链接攻击。> > > ED_PRI - 2000 - 0336 1 > > >投票:修改参考:出价1232 > > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0317 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000424 Solaris 7 x86 lpset利用。>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-04/0192.html>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-04/0236.html>参考:BUGTRAQ: 20000427 Re: Solaris / SPARC 2.7 lpset利用(不可能!)>参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=95729763119559&w=2>参考:SUNBUG: 4334568 >参考:报价:1138 >参考:网址:http://www.securityfocus.com/bid/1138> >缓冲区溢出在Solaris 7 lpset根>允许本地用户获得特权通过长- r选项。> > > ED_PRI - 2000 - 0317 2 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0316 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000424 Solaris 7 x86 lp利用>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-04/0191.html>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-04/0236.html>参考:报价:1143 >参考:网址:http://www.securityfocus.com/bid/1143> >缓冲区溢出在Solaris 7 lp根>允许本地用户获得特权通过长- d选项。> > > ED_PRI - 2000 - 0316 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0318 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:NTBUGTRAQ: 20000413安全问题与心房Mercur服务器3.20 >参考:网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0057.html>参考:报价:1144 >参考:网址:http://www.securityfocus.com/bid/1144> >心房Mercur邮件服务器3.2允许本地攻击者读取其他>用户的电子邮件和通过点点创建任意文件(. .)攻击。> > > ED_PRI - 2000 - 0318 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0319 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000424不安全fgets()发送邮件的邮件。当地>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=2694.000424@SECURITY.NNOV.RU>参考:报价:1146 >参考:网址:http://www.securityfocus.com/bid/1146> >邮件。当地在Sendmail 8.10。x不正确识别的。\ n >字符串标识消息文本,它允许远程攻击者>引起拒绝服务或腐败的邮箱通过>消息行2047个字符长,结束在。\ n。> > > ED_PRI - 2000 - 0319 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0320 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000421不安全fgets () qpopper >参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=9763.000421@SECURITY.NNOV.RU>参考:报价:1133 >参考:网址:http://www.securityfocus.com/bid/1133> > Qpopper 2.53和3.0不正确识别\ n弦>标识消息文本,它允许远程攻击者>引起拒绝服务或腐败的邮箱通过消息行>是1023个字符长,以\ n。> > > ED_PRI - 2000 - 0320 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0321 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000424 .14点>版本中缓冲区溢位参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-04/0190.html>参考:报价:1147 >参考:网址:http://www.securityfocus.com/bid/1147> >缓冲区溢出在IC半径包允许远程攻击者造成>拒绝服务通过用户名。> > > ED_PRI - 2000 - 0321 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0322 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000424食人鱼默认密码/利用>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=enip.bso.23.0004241601140.28851 - 100000 @www.whitehats.com>参考:报价:1149 >参考:网址:http://www.securityfocus.com/bid/1149> >密码。php3 CGI脚本在Red Hat食人鱼虚拟服务器>包允许本地用户execure任意命令通过shell元字符。> > > ED_PRI - 2000 - 0322 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0324 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000425对pcAnywhere拒绝服务。>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=pine.lnx.3.96.1000425150157.13567a - 100000 @sword.damocles.com>参考:报价:1150 >参考:网址:http://www.securityfocus.com/bid/1150> > pcAnywhere 8。x和9。x允许远程攻击者导致拒绝>服务通过TCP SYN扫描,如nmap。> > > ED_PRI - 2000 - 0324 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0326 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:报价:1151 >参考:网址:http://www.securityfocus.com/bid/1151>参考:确认:http://support.on.com/support/mmxp.nsf/31af51e08bcc93eb852565a90056138b/11af70407a16b165852568c50056a952?OpenDocument> >会议制造商使用弱加密密码(多字码替换>密码),它允许远程攻击者嗅嗅和>解密密码会议公司账户。> > > ED_PRI - 2000 - 0326 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0337 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000424 Solaris x86 Xsun溢出。>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-04/0188.html>参考:报价:1140 >参考:网址:http://www.securityfocus.com/bid/1140> >在Xsun缓冲区溢位Solaris 7 X服务器允许本地用户>通过长- dev参数获得根权限。> > > ED_PRI - 2000 - 0337 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0338 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:报价:1136 >参考:网址:http://www.securityfocus.com/bid/1136> >并发版本软件(CVS)使用可预测的临时文件>名称锁定,它允许本地用户引起的否定>服务通过创建锁目录之前为>一个合法使用CVS创建用户。> > > ED_PRI - 2000 - 0338 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0339 >发表:>最终决定:>阶段性裁决::>修改>提出:20000518 >分配:20000511 >类别:科幻小说>参考:BUGTRAQ: 20000420 ZoneAlarm >参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000421044123.2353.qmail@securityfocus.com>参考:报价:1137 >参考:网址:http://www.securityfocus.com/bid/1137> > ZoneAlarm 2.1.10早些时候,不过滤UDP数据包源>端口67,它允许远程攻击者绕过防火墙>规则。> > > ED_PRI - 2000 - 0339 3 > > >投票:接受,以利亚利维SecurityFocus.comhttp://www.securityfocus.com/如果那么,对位小独木船