再保险:[最终]接受22遗留候选人各集群

好吧,这件事是注定要发生的。candidate-to-CVE映射原邮件中提供了旧数据(不小心离开旧文件+文件名完成=哦)。自然发出邮件5秒后我意识到问题;-)只会教我仔细检查一次。下面是正确的信息,以防有人使用这些信息来自动处理数据。——史蒂夫* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *我最终决定接受以下候选人。这些候选人现在分配CVE名称如下表示。所得的CVE条目将在不久的将来公布CVE的一个新版本。投票和评论细节的末尾提供了这份报告。——史蒂夫候选人CVE的名字- - - - - - - - - - - - - - - - - - - - - - - - 1999 - 0031 CVE - 1999 - 0031 - 1999 - 0118 CVE - 1999 - 0118 - 1999 - 0124 CVE - 1999 - 0124 - 1999 - 0142 CVE - 1999 - 0142 - 1999 - 0210 CVE - 1999 - 0210 - 1999 - 0225 CVE - 1999 - 0225 - 1999 - 0323 CVE - 1999 - 0323 - 1999 - 0407 CVE - 1999 - 0407 - 1999 - 0464 CVE - 1999 - 0464 - 1999 - 0491 CVE - 1999 - 0491 - 1999 - 0493 CVE - 1999 - 0493 - 1999 - 0668 CVE - 1999 - 0668 - 1999 - 0696 CVE - 1999 - 0696 - 1999 - 0719 CVE - 1999 - 0719 - 1999 - 0754 CVE - 1999 - 0754 - 1999 - 0874 CVE - 1999 - 0874 - 1999 - 1011 CVE - 1999 - 1011 - 2000 - 0323 CVE - 2000 - 0323 - 2000 - 0327 CVE - 2000 - 0327 - 2000 - 0328 CVE - 2000 - 0328 - 2000 - 0329 CVE - 2000 - 0329 - 2000 - 0330 CVE - 2000 - 0330 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0031:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:19990728分配:19990607类别:科幻参考:CERT: ca - 97.20。javascript参考:惠普:hpsbux9707 - 065参考:网址:http://www.codetalker.com/advisories/vendor/hp/hpsbux9707 - 065. - htmlJavaScript在Internet Explorer 3。x和4。x,网景2。x, 3。x和4。x,允许远程攻击者监控用户的网络活动,也就是贝尔实验室的脆弱性。修改:ADDREF惠普:hpsbux9707 - 065 DESC添加影响浏览器和版本中,提到了贝尔实验室的操作:可以最终- 1999 - 0031(20000602)最终决定当前投票:接受科尔(1)修改(2)征税,墙壁无操作(2)Northcutt, Christey评论:Christey > CERT咨询http://www.cert.org/advisories/CA-97.20.javascript.htmlChristey > Christey > ADDREF惠普:hpsbux9707 - 065 Christey >http://www.codetalker.com/advisories/vendor/hp/hpsbux9707 - 065. - htmlChristey > Christey >根据CERT咨询,这个问题影响互联网Christey > Explorer 3。x和4。x,网景2。x, 3。4. x, x。Christey >包含这个描述。利维>需要一个更好的描述漏洞有几个JS利维>漏洞在同一时间内,类似的结果但是利维>孔隙记录。贝尔实验室的漏洞,这就是其中之一。利维>这是一个其他的:征收>http://www.securityfocus.com/templates/archive.pike?list=1&msg=c%3dde%25a%3ddbp%25p%3dscn%25l%3dmchh9eea - 970711140700 - z - 970711140700 @de he01a.exchange.pn.siemens.de——妇幼保健墙>添加Internet Explorer 5还。看到墙>http://www.microsoft.com/technet/security/bulletin/ms99 - 043. - asp它允许墙> JavaScript阅读其他计算机上的文件。Christey >女士:ms99 - 043已经由cve - 1999 - 0793。这个是Christey >不同因为IE 3。x和4。x的影响;Christey > cve - 1999 - 0793,它影响4。倍和5.倍。同时,这个Christey >只允许某人读饼干,HTML表单数据,Christey > url访问。cve - 1999 - 0793允许攻击者Christey >阅读目标的计算机上的文件。因此这是Christey >不同cve - 1999 - 0793,和女士:ms99 - 043不应该Christey >补充道。Christey > Christey >描述提供的参考,以利亚2 bug,无论是Christey >的“贝尔实验室”的错误,即这个候选人(只是为了Christey >确认以利亚所说的话;CERT顾问明确由于Christey >贝尔实验室)。 The first bug *sounds* a lot like this candidate, but Christey> didn't need Javascript. Refer to this as the "Danish bug" Christey> since it was "discovered by a Danish IS consultant company." Christey> Christey> The second bug describes the same symptoms as CVE-1999-0793. Christey> However, this reference only describes the problem for Christey> Netscape Nagivator; CVE-1999-0793 only mentions IE. Christey> Thus it's possible that the problem was identified and fixed Christey> for Netscape, and later "rediscovered" by Microsoft and Christey> addressed for Internet Explorer. (The CD:DISCOVERY-DATE content Christey> decision, when reviewed by the Board, will dictate what to Christey> do in these sorts of cases). But then again, they could be Christey> different bugs entirely, but they just happen to have the same Christey> symptoms. If the bug is more in the Javascript model than in Christey> the implementation, then maybe CD:SF-CODEBASE won't apply. Christey> We might be able to roll this second bug in with Christey> CVE-1999-0793; thus we may need to REASSESS CVE-1999-0793 in Christey> the future. Christey> Christey> It is possible that this second bug is the same as the Christey> "Singapore privacy bug" described here: Christey>http://www.securityfocus.com/templates/archive.pike?list=1&date=1997 - 07 - 28 - &msg=pine.sun.3.94.970728112219.25473b - 100000 @dfw.dfw.netChristey >http://www.securityfocus.com/templates/archive.pike?list=1&date=1997 - 07 - 22 - &msg=pine.sun.3.94.970726193056.27668b - 100000 @dfw.dfw.netChristey > Christey >这些职位是7月22日和28日。新加坡是过时后Christey >初始CERT LiveConnect咨询和引用,这Christey >“支持JavaScript和Java applet之间的沟通”。Christey >Kuo Chiang, the person referenced in the above posts as the Christey> discovered, sent a followup a week later on August 1: Christey> Christey>http://marc.theaimsgroup.com/?l=bugtraq&m=87602746719458&w=2Christey >,但这只是一个澄清的问题,作为Christey >职务包括ZDNet的引用文章写于7月25日Christey >。Christey > Christey >海报被伊莱亚斯,马提亚多明尼克,Christey >跟踪发送到CERT咨询说丹麦bug Christey >似乎是固定的,但贝尔实验室错误不是。Christey > Christey >http://www.securityfocus.com/templates/archive.pike?list=1&date=1997 - 07 - 8 &msg=c%3dde%25a%3ddbp%25p%3dscn%25l%3dmchh9eea - 970710145437 - z - 970710145437 - @de妇幼保健he01a.exchange.pn.siemens.deChristey > Christey >两个遗留候选人最终将被创建来处理Christey >这两个其他昆虫,例如新加坡和丹麦。Christey > Christey >同时,描述这个可以扩展Christey >提到贝尔实验室错误,包括指针回到一些Christey >的相关职位。Christey > Christey >如果这个烂摊子命名标准不是一个论点,我Christey >不知道是什么:-):-)在一个更严重的注意,这是一个Christey > CVE为什么它可能是重要的指标提供一种Christey >区分不同缺陷的发现在相同Christey >软件大约在同一时间(CD: SF-LOC将解决这个问题,Christey >,是第一张CD的我们将讨论当我再次Christey >)。利维>添加“贝尔实验室”来描述或名称。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0118:最终决定:20000602阶段性裁决:20000530修改:20000106 - 02年提议:19990714分配:19990607类别:科幻参考:BUGTRAQ: 19981119 rsi.0011.11 aix - 09 - 98.。INFOD参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=91158980826979&w=2参考:XF: aix-infod AIX infod允许本地用户获得root访问通过X显示。修改:ADDREF XF: aix-infod ADDREF BUGTRAQ: 19981119 rsi.0011.11 aix - 09 - 98.。INFOD推断行动:- 1999 - 0118最后(20000602)最终决定当前票:接受(2)Stracener,弗伦奇等待Northcutt修改(1)(6)Shostack,墙,Christey,勒布朗,科尔,阿姆斯特朗评论:弗雷希> XF: aix-infod Christey >看到BUGTRAQ: 19981119 rsi.0011.11 aix - 09 - 98.。INFOD Christey > AIX APAR的证实了这个问题:IX84642, IX89281,和IX84642 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0124:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:19990623分配:19990607类别:科幻参考:CERT: CA-93:11.UMN.UNIX.gopher。脆弱性参考:XF: gopher-vuln漏洞在学院小田鼠和金花鼠+版本1.12和2.0 x允许入侵者阅读任何文件都可以访问的金花鼠守护进程。修改:DESC添加版本推断行动:- 1999 - 0124最后(20000602)最终决定当前票:接受(2)抑郁症,利维等待(3)Christey,墙,科尔评论:Christey >修改描述,包括版本号Christey > 1.12和2.0 x Christey > Christey >咨询在Christey >http://www.cert.org/advisories/CA-93.11.UMN.UNIX.gopher.vulnerability.htmlChristey > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0142:最终决定:20000602阶段性裁决:20000530修改:20000526 - 02年提议:19990607分配:19990607类别:科幻参考:CERT: ca - 96.05。java_applet_security_mgr参考:XF: http-java-appletsecmgr Netscape Navigator 2.0中的Java Applet安全管理器实现和Java开发工具包1.0允许Applet连接到任意主机。修改:DESC包括网景和JDK版本号ADDREF XF: http-java-appletsecmgr推断行动:可以最终- 1999 - 0142(20000602)最终决定当前投票:接受(3)山,Shostack,弗伦奇等待墙修改(1)(1)Christey重塑(1)Northcutt评论:Northcutt >请注意我不是Java专家,但是我认为JDK 2.0和Northcutt >等没有一个沙箱的概念和applet(可能信任Northcutt > applet)可以连接到任意主机是理所当然的事。你Northcutt >可能想接触巩俐(li.gong@sun.com)或类似Northcutt >专家之前发出这一个。注意:另一个原因要考虑Northcutt >原始日期! ! !Christey >注意史蒂夫Northcutt的言论,也许我们需要修改Christey >描述有点区分当前Java版本和Christey >,这个漏洞。然而,CERT参考Christey >同事一般的地点和时间,这个漏洞Christey >出现,所以我不认为这是太大的一笔交易。弗雷希>参考:XF: http-java-appletsecmgr = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0210:最终决定:20000602阶段性裁决:20000530修改:20000526 - 02年提议:19990714分配:19990607类别:科幻参考:BUGTRAQ: 19971126 Solaris 2.5.1 automountd利用(fwd)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=88053459921223&w=2参考:BUGTRAQ: 19990103太阳几乎有一个线索!(automountd)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=91547759121289&w=2参考:惠普:hpsbux9910 - 104参考:CERT: ca - 99 - 05参考:报价:235自动安装守护程序automountd允许本地或远程用户获得特权通过shell元字符。修改:修改描述和添加引用。ADDREF报价:235推断行动:- 1999 - 0210最后(20000602)最终决定当前票:接受(2)征税,科尔修改(2)Shostack弗雷希无操作(3)Northcutt, Christey,墙评论:Shostack >我认为有一个SNI咨询这法国人>不是足够的信息;可能XF: sun-automountd(改变挂载选项)Christey > Christey > SNI没有发布一个顾问;然而,奥利弗·弗里德里希Christey >发送一个帖子说SNI的安全工具测试它。Christey >看到http://marc.theaimsgroup.com/?l=bugtraq&m=91553343311719&w=2Christey > Christey >这是一个艰难的一个。有老加载错误Christey >只有局部可采,然后一个更新的rpc。statd缺陷允许远程Christey >它是可利用的。至少有两个错误,Christey >但应该有三个吗?Christey > Christey >也看到可以Levy - 1999 - 0493 > ADDREF:报价:235三vulns利维>。235,报价729,报价450。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0225:最终决定:20000602阶段性裁决:20000530修改:20000524 - 02年提议:19990630分配:19990607类别:科幻参考:奈:19980214 Windows NT登录拒绝服务引用:网址:http://www.nai.com/nai_labs/asp_set/advisory/25_windows_nt_dos_adv.asp参考:MSKB: Q180963参考:网址:http://www.microsoft.com/technet/support/kb.asp?ID=180963参考:XF: nt-logondos Windows NT 4.0允许远程攻击者通过畸形引起拒绝服务SMB登录请求的实际数据大小不匹配指定的大小。修改:ADDREF MSKB: Q180963 ADDREF XF: nt-logondos重述规范化描述奈咨询推断行动:可以最终- 1999 - 0225(20000602)最终决定当前投票:接受(7)山,Magdych, Stracener,勒布朗,Northcutt,科尔,阿姆斯特朗弗伦奇等待修改(1)(1)墙评论:弗雷希> XF: nt-logondos = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0323:最终决定:20000602阶段性裁决:20000530修改:20000524 - 01提议:19990630分配:19990607类别:科幻参考:FreeBSD: FreeBSD-SA-98:04参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:04.mmap.asc参考:NETBSD: 1998 - 003参考:网址:ftp://ftp.netbsd.org/pub/netbsd/misc/security/advisories/netbsd sa1998 txt.asc——003.参考:XF: bsd-mmap FreeBSD mmap函数允许用户修改扩展或不变的文件。修改:ADDREF NETBSD: 1998 - 003 ADDREF XF: bsd-mmap推断行动:可以最终- 1999 - 0323(20000602)最终决定当前投票:接受(5)山,Stracener, Northcutt,科尔,阿姆斯特朗弗伦奇等待修改(1)(1)勒布朗评论:弗雷希> ADDREF XF: bsd-mmap(正在)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0407:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:19990728分配:19990607类别:科幻参考:BUGTRAQ: 19990209警报:IIS4允许代理密码攻击NetBIOS参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=91983486431506&w=2参考:BUGTRAQ: 19990209 Re: IIS4允许代理密码攻击NetBIOS参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=92000623021036&w=2参考:XF: iis-iisadmpwd默认情况下,IIS 4.0的虚拟目录/ IISADMPWD包含文件可以用作密码暴力破解攻击,代理或识别有效用户系统上。修改:修改Bugtraq ref KB文章和空间站ref DELREF MSKB: Q184619推断行动——不是指这个问题:可以最终- 1999 - 0407(20000602)最终决定当前投票:接受(4)Stracener,勒布朗,Northcutt,科尔弗伦奇等待修改(1)(2)Christey,阿姆斯特朗评论:弗雷希> ADDREF XF: iis-iisadmpwd Christey > Q184619不出现来描述这个问题。然而,Christey > Russ库珀确认后续邮件。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0464:最终决定:20000602阶段性裁决:20000530修改:19991205 - 01提议:19990728分配:19990607类别:科幻参考:BUGTRAQ: 19990104 Tripwire混乱. .参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=91553066310826&w=2参考:确认:http://marc.theaimsgroup.com/?l=bugtraq&m=91592136122066&w=2本地用户可以执行拒绝服务Tripwire 1.2和更早使用长文件名。修改:ADDREF BUGTRAQ: 19990104 Tripwire混乱. .最后推断行动:- 1999 - 0464(20000602)最终决定当前投票:接受(2)Stracener Northcutt弗伦奇等待修改(1)(4)Christey,勒布朗,科尔,阿姆斯特朗评论:弗雷希> XF: tripwire-long-filename-dos Christey > XF: tripwire-long-filename-dos不存在。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0491:最终决定:20000602阶段性裁决:20000530修改:20000418 - 02年提议:19990728分配:19990607类别:科幻参考:BUGTRAQ: 19990420 Bash错误引用:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=pine.lnx.4.10.9904202114070.6623 - 100000 @smooth.operator.org参考:火山口:综援- 1999 - 008.0参考:网址:ftp://ftp.calderasystems.com/pub/openlinux/security/cssa - 1999 008.0.txt参考:报价:119参考:网址:http://www.securityfocus.com/vdb/bottom.html?vid=119提示解析在bash中允许本地用户执行命令作为另一个用户通过创建一个目录,执行命令的名称。修改:CHANGEREF BUGTRAQ[标题]ADDREF火山口:综援- 1999 - 008.0推断行动:可以最终- 1999 - 0491(20000602)最终决定当前投票:接受(1)征收弗伦奇等待修改(1)(3)Christey,墙,科尔评论:弗雷希> bash-prompt-pars-dir Christey > XF: bash-prompt-pars-dir不存在。Christey > Christey > ADDREF火山口:综援- 1999 - 008.0 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0493:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:19990728分配:19990607类别:科幻参考:CERT: ca - 99 - 05参考:网址:http://www.cert.org/advisories/ca - 99 - 05 - statd automountd.html参考:太阳:00186参考:网址:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/186&type=0&nav=sec.sba参考:CIAC: j - 045参考:BUGTRAQ: 19990103太阳几乎有一个线索!(automountd)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=91547759121289&w=2参考报价:450 rpc。向前statd允许远程攻击者通过SM_MON RPC调用本地操作系统和SM_NOTIFY命令,进而可用于远程利用automountd等缺陷。修改:添加大量引用ADDREF报价:450 ADDREF CIAC: j - 045推断行动:可以最终- 1999 - 0493(20000602)最终决定当前投票:接受(3)Northcutt, Levy科尔等待(2)Christey,墙的评论:Christey >这个候选人已经修改。利维> ADDREF:报价:450 Christey > ADDREF CIAC: j - 045 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0668:最终决定:20000602阶段性裁决:20000530修改:19991227 - 01提议:19991208分配:19991123类别:科幻参考:BUGTRAQ: 19990821 IE 5.0允许执行程序参考:女士:ms99 - 032参考:CIAC: j - 064参考:网址:http://ciac.llnl.gov/ciac/bulletins/j - 064. shtml参考:报价:598参考:网址:http://www.securityfocus.com/vdb/bottom.html?vid=598参考:XF: ms-scriptlet-eyedog-unsafe参考:MSKB: Q240308小脚本。typelib ActiveX控件被标记为“安全的脚本”Internet Explorer,它允许远程攻击者执行任意命令Bubbleboy就证明了这点。修改:ADDREF XF: ms-scriptlet-eyedog-unsafe ADDREF MSKB: Q240308推断行动:可以最终- 1999 - 0668(20000602)最终决定当前投票:接受(4)科尔,墙,普罗塞,Ozancin修改(2)抑郁症,Stracener回顾(1)Christey评论:弗雷希> XF: ms-scriptlet-eyedog-unsafe墙>注意:这不是CVE 199 - 0376吗?Stracener >添加裁判:MSKB Q240308 Christey >应该- 1999 - 0669和668可以合并吗?如果不是,那么这是Christey >不合并的理由可以- 1999 - 0988 - 1999 - 0828。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0696:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:19991208分配:19991125类别:科幻参考:BUGTRAQ: 19990709利用rpc。cmsd参考:上海合作组织:某人- 99.12参考:太阳:00188参考:SUNBUG: 4230754参考:惠普:hpsbux9908 - 102参考:康柏:SSRT0614U_RPC_CMSD参考:CERT: ca - 99 - 08年参考:CIAC: j - 051参考:XF: sun-cmsd-bo缓冲区溢出在CDE日历管理器服务守护进程(rpc.cmsd)修改:ADDREF XF: sun-cmsd-bo ADDREF SUNBUG: 4230754 ADDREF BUGTRAQ: 19990709利用rpc。cmsd ADDREF上海合作组织:某人- 99.12 CHANGEREF惠普:00102马力:hpsbux9908 - 102推断行动:可以最终- 1999 - 0696(20000602)最终决定当前投票:接受(3)科尔,阿姆斯特朗,Ozancin修改(3)抑郁症,Stracener, Dik等待(1)Christey重塑(1)普罗塞评论:弗雷希> XF: sun-cmsd-bo普罗塞>纠正我如果我错了,因为我没有测试这个设备,但是普罗塞>太阳最初报道这个漏洞在0166年太阳公告,1998年3月。普罗塞> CVE董事会接受了CVE - 1999 - 0320。太阳00188年公告1999年7月普罗塞>的精确欺骗98公报除了一些普罗塞>额外补丁CDE SunOS / Solaris的后续版本。 The CERT and Prosser> other vendor alerts are additional information on this BO for other vendor's Prosser> systems(why it took over a year?), but we already have a CVE number Prosser> outstanding for this vulnerability. Are these seperate vulnerabilities? Or Prosser> the same one just found to affect more than originally thought? If so, Prosser> recommend merging this CAN into the existing CVE, and just adjust the Prosser> description in the existing CVE to reflect the additional vulnerable vendor Prosser> systems. Prosser> Additional reference: BID 486 and 524 Stracener> Redundant references to J-051. Christey> The confusion appears to be related to patch versions; 104976-03 is Christey> recommended for SUN:00166, and 104976-04 is recommended for SUN:00188. Christey> Did Sun create a new version, with the same patch ID, for the new bug? Christey> Or was there an error in the patch for the older bug? Dik> #166 addresses Sun bug 1265008: a file overwrite/remove vulnerability Dik> #188 addresses Sun bug 4230754: buffer overflows. Dik> Dik> (I.e., the reverse from what you state) Dik> Dik> These are two separate problems: first one is lack of checking the Dik> names of calendars for reserved characters (/) the second is lack Dik> of bounds checking. Dik> Dik> Sun typically assigns only one patchid to patch a certain part Dik> of Solaris. When more problems are found, the patch gets rev'ed. Dik> Dik> The #166 problem was addressed, e.g., w/ patch 104976-03; subsequently, Dik> we address the #188 problem w/ 104976-04. Dik> Dik> The history is recorded in the README file of each patch. Dik> Dik> ADDREF SUNBUG 4230754 Christey> ADDREF SCO:SB-99.12 Christey> URL:ftp://ftp.sco.com/sse/security_bulletins/sb - 99.12 aChristey > Christey > ADDREF BUGTRAQ: 19990709利用rpc。cmsd Christey >http://marc.theaimsgroup.com/?l=bugtraq&m=93154214531199&w=2Christey > Christey > CHANGEREF惠普:00102马力:hpsbux9908 - 102 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0719:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:19991222分配:19991125类别:科幻参考:BUGTRAQ: 19990802 Gnumeric潜在的安全漏洞。参考:REDHAT: RHSA-1999:023-01参考:XF: gnu-guile-plugin-export参考:报价:563参考:网址:http://www.securityfocus.com/vdb/bottom.html?vid=563Gnumeric电子表格的诡计插件包允许攻击者执行任意代码。修改:ADDREF BUGTRAQ: 19990802 Gnumeric潜在的安全漏洞。ADDREF XF: gnu-guile-plugin-export ADDREF REDHAT: RHSA-1999:023-01 DESC包括“gnumeric电子表格计划”的行动:可以最终- 1999 - 0719(20000602)最终决定当前投票:修改(3)Stracener Christey评论:法国人? Stracener >添加裁判:BUGTRAQ: 19990803 gnumeric潜在安全漏洞Stracener >添加裁判:REDHAT: RHSA-1999:023-01弗雷希> XF: gnu-guile-plugin-export Christey > BUGTRAQ: 19990802 gnumeric潜在的安全漏洞。Christey >http://www.securityfocus.com/templates/archive.pike?list=1&msg=199908031423.JAA12210@erandi.nuclecu.unam.mxChristey > Christey >改变desc包括“gnumeric表格包”= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0754:最终决定:20000602阶段性裁决:20000530修改:20000418 - 01提议:19991222分配:19991125类别:科幻参考:BUGTRAQ: 19990511客栈2.0和更高版本。根平衡电位参考:火山口:综援- 1999 - 011.0参考:SUSE: 19990518安全漏洞在酒店参考:MISC:http://www.redhat.com/corp/support/errata/inn99_05_22.html参考报价:255参考:XF: inn-innconf-env客栈inndstart程序允许本地用户获得特权通过指定一个替代使用INNCONF环境变量配置文件。修改:ADDREF火山口:综援- 1999 - 011.0 ADDREF SUSE: 19990518安全漏洞在客栈ADDREF MISC:http://www.redhat.com/corp/support/errata/inn99_05_22.htmlADDREF报价:255推断行动:- 1999 - 0754最后(20000602)最终决定当前票:接受(2)Stracener,弗雷希无操作(2)Ozancin, Christey评论:Christey >报价:255和报价:254有一个很好的解释为什么这是Christey >不同可以- 1999 - 0785 Christey > Christey > ADDREF火山口:综援- 1999 - 011.0 Christey > ADDREF SUSE: 19990518安全漏洞在客栈Christey >也看到http://www.redhat.com/corp/support/errata/inn99_05_22.html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 0874:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:19991208分配:19991208类别:科幻参考:女士:ms99 - 019参考:网址:http://www.microsoft.com/technet/security/bulletin/ms99 - 019. - asp参考:MSKB: Q234905参考:达:AD06081999参考:CERT: ca - 99 - 07年参考:CIAC: j - 048参考:XF: iis-htr-overflow缓冲区溢出在IIS 4.0允许远程攻击者通过畸形引起拒绝服务请求文件与.HTR .IDC或.STM扩展。修改:ADDREF XF: iis-htr-overflow DESC添加版本号,遥远,DoS推断行动:可以最终- 1999 - 0874(20000602)最终决定当前投票:接受(4)墙,普罗塞,Ozancin,弗伦奇重塑Stracener修改(1)(1)科尔评论:弗雷希> XF: iis-htr-overflow科尔>这个描述非常一般,覆盖了5种不同的科尔>利用IIS。科尔>要记住的是,微软有很多科尔> vulenrabilities科尔>你必须是非常具体的。我想添加以下:科尔>微软发布了一个补丁,在科尔> Taskpads特性消除了一个漏洞,这是科尔>的一部分,微软Windows��98资源工具包,Windows 98科尔>资源工具包取样器,和BackOffice�科尔>资源工具包,第二版。漏洞可能允许科尔>恶意网站运营商运行可执行文件科尔>的计算机访问用户。只有客户安装了科尔> >一个受影响的产品和科尔上网使用的机器安装在科尔>从这个漏洞风险。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 1999 - 1011:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:20000518分配:19991221类别:科幻参考:女士:ms98 - 004参考:网址:http://www.microsoft.com/technet/security/bulletin/ms98 - 004. - asp参考:女士:ms99 - 025参考:网址:http://www.microsoft.com/technet/security/bulletin/ms99 - 025. - asp参考:CIAC: j - 054参考:国际空间站:19990809漏洞在微软远程数据服务引用:报价:529参考:网址:http://www.ciac.org/ciac/bulletins/j - 054. shtml参考:XF: nt-iis-rds远程数据服务(RDS) DataFactory微软数据访问组件的组件(MDAC)在IIS 3。x和4。x暴露不安全的方法,它允许远程攻击者执行任意命令。修改:ADDREF XF: nt-iis-rds ADDREF报价:529 ADDREF空间站:19990809漏洞在微软远程数据服务的行动:可以最后- 1999 - 1011(20000602)最终决定当前投票:接受(4)勒布朗,科尔,普罗塞,弗伦奇等待墙修改(1)(2)Christey,阿姆斯特朗评论:弗雷希> XF: nt-iis-rds弗雷希>空间站:空间站安全咨询# 32岁的弗伦奇>漏洞在微软远程数据服务,http://xforce.iss.net/alerts/advise32.php3Christey > ADDREF报价:529 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0323:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:20000518分配:20000511类别:科幻参考:BUGTRAQ: 19990728警报:MS Office 97漏洞参考:http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-22&msg=19990729195531.25108.qmail@underground.org参考:http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-22&msg=D1A11CCE78ADD111A35500805FD43F58019792A3@RED-MSG-04参考:女士:ms99 - 030参考:网址:http://www.microsoft.com/technet/security/bulletin/ms99 - 030. - asp参考:XF: jet-text-isam参考:报价:595参考:网址:http://www.securityfocus.com/level2/?go=vulnerabilities&id=595Microsoft Jet数据库引擎允许攻击者修改文本文件通过一个数据库查询,又名“文本I-ISAM”漏洞。修改:ADDREF XF: jet-text-isam推断行动:- 2000 - 0323最后(20000602)最终决定当前票:接受(5)勒布朗,科尔,普罗塞,墙,阿姆斯特朗修改(1)法国人评论:弗雷希> XF: jet-text-isam = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0327:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:20000518分配:20000511类别:科幻参考:BUGTRAQ: 19991014 Disovered引用另一个微软Java缺陷:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=93993545118416&w=2参考:女士:ms99 - 045参考:网址:http://www.microsoft.com/technet/security/bulletin/ms99 - 045. - asp参考:XF: msvm-verifier-java微软虚拟机(VM)允许远程攻击者逃避Java沙箱和执行命令通过一个小应用程序,其中包含一个非法操作,又名“虚拟机验证器”的弱点。修改:ADDREF XF: msvm-verifier-java推断行动:- 2000 - 0327最后(20000602)最终决定当前票:接受(4)勒布朗,科尔,普罗塞,弗伦奇等待墙修改(1)(1)阿姆斯特朗评论:弗雷希> XF: msvm-verifier-java弗雷希>(注意:这个XF标签也分配给“cve - 1999 - 0766:微软弗伦奇> Java虚拟机允许恶意弗伦奇> Java applet来执行任意命令外的沙箱环境”。Reason: MS99-031 is vague and refers to Frech> the same Java issue.) ================================= Candidate: CAN-2000-0328 Published: Final-Decision: 20000602 Interim-Decision: 20000530 Modified: 20000526-01 Proposed: 20000518 Assigned: 20000511 Category: SF Reference: BUGTRAQ:19990824 NT Predictable Initial TCP Sequence numbers - changes observed with SP4 Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.19990824165629.00abcb40@192.168.124.1参考:女士:ms99 - 046参考:网址:http://www.microsoft.com/technet/security/bulletin/ms99 - 046. - asp参考:报价:604参考:网址:http://www.securityfocus.com/vdb/bottom.html?vid=604参考:XF: nt-sequence-prediction-sp4参考:XF: tcp-seq-predict Windows NT 4.0生成预测随机TCP初始序列号(是),它允许远程攻击者进行欺骗和会话劫持。修改:ADDREF XF: nt-sequence-prediction-sp4 ADDREF XF: tcp-seq-predict推断行动:可以最终- 2000 - 0328(20000602)最终决定当前投票:接受(5)勒布朗,科尔,普罗塞,墙,阿姆斯特朗修改(1)法国人评论:弗雷希> XF: nt-sequence-prediction-sp4弗雷希> XF:实际上tcp-seq-predict科尔>一个双重接受:)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0329:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:20000518分配:20000511类别:科幻参考:女士:ms99 - 048参考:网址:http://www.microsoft.com/technet/security/bulletin/ms99 - 048. - asp参考:XF: ie-active-setup-control Microsoft ActiveX控件允许远程攻击者执行恶意内阁文件通过附件和嵌入式脚本在HTML邮件,又名“主动设置控制”的弱点。修改:ADDREF XF: ie-active-setup-control推断行动:- 2000 - 0329最后(20000602)最终决定当前票:接受(3)勒布朗,普罗塞,弗伦奇等待墙修改(1)(2)科尔,阿姆斯特朗评论:弗雷希> XF: ie-active-setup-control = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0330:最终决定:20000602阶段性裁决:20000530修改:20000526 - 01提议:20000518分配:20000511类别:科幻参考:女士:ms99 - 049参考:网址:http://www.microsoft.com/technet/security/bulletin/ms99 - 049. - asp参考:XF: win-fileurl-overflow网络软件在Windows 95, Windows 98允许远程攻击者通过一个长文件名字符串执行命令,又名“文件访问URL”漏洞。修改:ADDREF XF: win-fileurl-overflow推断行动:- 2000 - 0330最后(20000602)最终决定当前票:接受(5)勒布朗,科尔,普罗塞,墙,阿姆斯特朗修改(1)法国人评论:弗雷希> XF: win-fileurl-overflow