再保险(建议):集群RECENT-25 - 16的候选人

* Steven m . Christey (coley@LINUS.MITRE.ORG)[000719二三35]:>以下集群包含16个候选人宣布> 6/19/2000和6/25/2000之间。> >中所列出的候选人优先秩序。优先级1和优先级> 2的候选人都应对不同层次的供应商>确认,所以他们应该易于检查和可以信任的>,问题是真实的。> >如果你发现任何RECENT-XX集群与尊重>是不完整的过程中发现的问题相关的时间框架,请>信息发送给我,这样候选人可以转让。> > -史蒂夫> > >总结的选票使用(“严重程度”的按升序)> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > >接受——选民接受候选人提出>等待-选民对候选人没有意见>修改-选民想要改变一些小细节(例如参考/描述)>回顾-选民正在审查/研究候选人,或需要更多信息>重塑-候选人必须大幅修改,如分割或合并>拒绝候选人不是“漏洞”,或重复等。> > 1)请写你的投票在直线上,从“投票:”开始。如果>你想添加评论或细节,将它们添加到行>后投票:行。> > 2)如果你看到任何失踪的引用,请提及他们,使他们>可以包括在内。在映射引用帮助极大。> > 3)请注意,“修改”被视为一个“接受”当计算选票。>如果你没有足够的信息对候选人但你>不想等待,使用一个回顾。 > > ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** > > Please keep in mind that your vote and comments will be recorded and > publicly viewable in the mailing list archives or in other formats. > > ================================= > Candidate: CAN-2000-0573 > Published: > Final-Decision: > Interim-Decision: > Modified: > Proposed: 20000719 > Assigned: 20000719 > Category: SF > Reference: BUGTRAQ:20000622 WuFTPD: Providing *remote* root since at least1994 > Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=96171893218000&w=2>参考:BUGTRAQ: 20000623 WUFTPD 2.6.0远程根利用>参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=96179429114160&w=2>参考:BUGTRAQ: 20000707发布的新版本的WuFTPD Sploit >参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=96299933720862&w=2>参考:BUGTRAQ: 20000623 ftpd:咨询版本>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail@fiver.freemessage.com>参考:AUSCERT: aa - 2000.02 >参考:网址:ftp://ftp.auscert.org.au/pub/auscert/advisory/aa - 2000.02>参考:CERT: ca - 2000 - 13 >参考:网址:http://www.cert.org/advisories/ca - 2000 - 13. - html>参考:DEBIAN: 20000622 wu-ftp:远程根利用wu-ftp >参考:网址:http://www.debian.org/security/2000/20000623>参考:火山口:综援- 2000 - 020.0 >参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 020.0.txt>参考:REDHAT: RHSA-2000:039-02 >参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 039 - 02. - html>参考:BUGTRAQ: 20000723 CONECTIVA LINUX安全公告——WU-FTPD(再发行)>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html>参考:BUGTRAQ: 20000702[安全]宣布wu-ftpd更新>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html>参考:FREEBSD: FreeBSD-SA-00:29 >参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1>参考:NETBSD: NETBSD - sa2000 - 009 >参考:网址:ftp://ftp.netbsd.org/pub/netbsd/misc/security/advisories/netbsd sa2000 txt.asc——010.>参考:XF: wuftp-format-string-stack-overwrite >参考:报价:1387 >参考:网址:http://www.securityfocus.com/bid/1387> >中的lreply函数wu-ftpd 2.6.0早些时候不正确>清理一个不可信的格式字符串,它允许远程攻击者通过网站>执行任意命令执行命令。> > > ED_PRI - 2000 - 0573 1 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0577 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000621网景FTP服务器——“专业”地狱:> >参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=pine.lnx.4.21.0006211351280.23780 - 100000 @nimue.tpi.pl>参考:BUGTRAQ: 20000629 (forw) Re:网景ftp服务器(fwd) >参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-06/0345.html>参考:报价:1411 >参考:网址:http://www.securityfocus.com/bid/1411>参考:XF: netscape-ftpserver-chroot > >网景专业服务FTP服务器1.3.6允许远程攻击者>读取任意文件通过一个. .(点点)攻击。> > > ED_PRI - 2000 - 0577 2 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0578 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000621可预测性问题IRIX Cron和编译器>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-06/0204.html>参考:报价:1412 >参考:网址:http://www.securityfocus.com/bid/1412> > SGI MIPSPro编译器C, c++, F77和法郎生成临时文件与可预见的文件名> / tmp,这可能允许本地用户>恶意内容插入到这些文件被另一个用户编译>。> > > ED_PRI - 2000 - 0578 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0579 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000621可预测性问题IRIX Cron和编译器>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-06/0204.html>参考:报价:1413 >参考:网址:http://www.securityfocus.com/bid/1413> > IRIX crontab创建临时文件和可预测的文件名和用户的umask >,这可能允许本地用户修改>另一个用户crontab文件正在编辑。> > > ED_PRI - 2000 - 0579 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0601 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000625 LeafChat拒绝服务>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=pine.bsf.4.10.10006252056110.74551 - 100000 @unix.za.net>参考:XF: irc-leafchat-dos >参考:报价:1396 >参考:网址:http://www.securityfocus.com/bid/1396> > LeafChat 1.7 IRC客户机允许远程IRC服务器导致拒绝服务>迅速发送大量的错误消息。> > > ED_PRI - 2000 - 0601 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0602 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000621 rh 6.2 - gid妥协,等>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=pine.lnx.4.21.0006211209500.22969 - 100000 @nimue.tpi.pl>参考:XF: redhat-secure-locate-path >参考:报价:1385 >参考:网址:http://www.securityfocus.com/bid/1385> >安全定位(slocate)在Red Hat Linux允许本地用户获得特权>通过一个畸形的配置文件中指定> LOCATE_PATH环境变量。> > > ED_PRI - 2000 - 0602 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0604 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:CF >参考:BUGTRAQ: 20000621 rh 6.2 - gid妥协,等>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=pine.lnx.4.21.0006211209500.22969 - 100000 @nimue.tpi.pl>参考:报价:1383 >参考:网址:http://www.securityfocus.com/bid/1383>参考:XF: redhat-gkermit > > gkermit在Red Hat Linux安装不当setgid uucp, >本地用户可以属于uucp修改文件。> > > ED_PRI - 2000 - 0604 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0606 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000619问题“kon2”包>引用:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=pine.lnx.4.21.0006192340340.19998 - 100000 @ferret.lmh.ox.ac.uk>参考:XF: linux-kon-bo >参考:报价:1371 >参考:网址:http://www.securityfocus.com/bid/1371> >缓冲区溢出在今敏在汉字程序控制台(今敏)包> Linux可能允许本地用户获得根权限通过长> -StartupMessage参数。> > > ED_PRI - 2000 - 0606 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0607 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000619问题“kon2”包>引用:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=pine.lnx.4.21.0006192340340.19998 - 100000 @ferret.lmh.ox.ac.uk>参考:XF: linux-kon-bo >参考:报价:1371 >参考:网址:http://www.securityfocus.com/bid/1371> >缓冲区溢出的盛名在汉字程序控制台(今敏)包> Linux可能允许本地用户获得根权限通过一个输入文件包含长CHARSET_REGISTRY或CHARSET_ENCODING设置>。> > > ED_PRI - 2000 - 0607 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0608 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000620 NetWin dMailWeb拒绝服务>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-15&msg=4.1.20000621113334.00996820@qlink.queensu.ca>参考:报价:1376 >参考:网址:http://www.securityfocus.com/bid/1376>参考:XF: dmailweb-long-pophost-dos > > NetWin dMailWeb和cwMail 2.6我之前,允许远程攻击者通过长>引起拒绝服务流行参数(pophost)。> > > ED_PRI - 2000 - 0608 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0609 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000620 NetWin dMailWeb拒绝服务>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-15&msg=4.1.20000621113334.00996820@qlink.queensu.ca>参考:XF: dmailweb-long-username-dos >参考:报价:1376 >参考:网址:http://www.securityfocus.com/bid/1376> > NetWin dMailWeb cwMail 2.6 g和早些时候允许远程攻击者通过很长的用户名>引起拒绝服务参数。> > > ED_PRI - 2000 - 0609 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0610 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000623 NetWin dMailWeb无限制的邮件中继>参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.20000623203007.00944760@qlink.queensu.ca>参考:报价:1390 >参考:网址:http://www.securityfocus.com/bid/1390> > NetWin dMailWeb cwMail 2.6 g和早些时候允许远程攻击者>绕过身份验证,并使用服务器进行邮件中继通过用户名>包含一个回车。> > > ED_PRI - 2000 - 0610 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0611 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:CF >参考:BUGTRAQ: 20000623 NetWin dMailWeb无限制的邮件中继>参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-06/0243.html>参考:报价:1391 >参考:网址:http://www.securityfocus.com/bid/1391> >的默认配置NetWin dMailWeb和cwMail信托所有流行>服务器,它允许攻击者绕过正常的认证和>导致拒绝服务。> > > ED_PRI - 2000 - 0611 3 > > >投票:接受> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0617 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000622生殖卫生图书馆6.2 xconq包-溢出收益gid游戏>引用:网址:http://archives.neohapsis.com/archives/bugtraq/2000-06/0222.html> >在xconq缓冲区溢出,cconq游戏节目Red Hat Linux >允许本地用户通过长期获得更多特权用户>环境变量。> > > ED_PRI - 2000 - 0617 3 > > >投票:回顾> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0618 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:BUGTRAQ: 20000622生殖卫生图书馆6.2 xconq包-溢出收益gid游戏>引用:网址:http://archives.neohapsis.com/archives/bugtraq/2000-06/0222.html> >在xconq缓冲区溢出,cconq游戏节目Red Hat Linux >允许本地用户获得更多特权通过长显示>环境变量。> > > ED_PRI - 2000 - 0618 3 > > >投票:回顾> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = >候选人:- 2000 - 0620 >发表:>最终决定:>阶段性裁决::>修改>提出:20000719 >分配:20000719 >类别:科幻小说>参考:报价:1409 >参考:网址:http://www.securityfocus.com/bid/1409> > libX11 X库允许远程攻击者通过资源导致拒绝服务> 0的面具,导致libX11进入一个无限循环。> > > ED_PRI - 2000 - 0620 3 > > >投票:接受,以利亚利维SecurityFocus.comhttp://www.securityfocus.com/如果那么,对位小独木船