(提案)集群RECENT-29 - 20的候选人

下面的集群包含20个候选人宣布7/13/2000和7/20/2000之间。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。如果你发现任何RECENT-XX集群是不完整的对过程中发现的问题相关的时间框架,请发送信息给我,这样候选人可以被指定。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。所以如果你没有足够的信息对候选人但你不想等待,使用一个回顾。 ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ================================= Candidate: CAN-2000-0622 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000803 Assigned: 20000802 Category: SF Reference: NAI:20000719 O'Reilly WebSite Professional Overflow Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2424参考:确认:http://website.oreilly.com/support/software/wspro25_releasenotes.txt参考:报价:1487参考:网址:http://www.securityfocus.com/bid/1487缓冲区溢出在Webfind CGI程序2 O ' reilly的网站专业的web服务器。x允许远程攻击者执行任意命令通过一个URL包含“关键词”参数。ED_PRI - 2000 - 0622 1投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0630:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:女士:ms00 - 044参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 044. - asp参考:报价:1488参考:网址:http://www.securityfocus.com/bid/1488IIS 4.0和5.0允许远程攻击者获得的源代码片段通过附加一个+。htr URL,一个变种“通过.HTR文件片段阅读”的漏洞。ED_PRI - 2000 - 0630 1投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0631:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:女士:ms00 - 044参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 044. - asp参考:报价:1476参考:网址:http://www.securityfocus.com/bid/1476从IIS 3.0管理脚本,后来在IIS 4.0和5.0,包括允许远程攻击者通过访问脚本导致拒绝服务没有一个特定的参数,即“没有目录浏览器参数”的弱点。ED_PRI - 2000 - 0631 1投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0632:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:奈:20000717[秘密- 2000 - 07]LISTSERV Web Archive远程溢出参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0222.html参考:确认:http://www.lsoft.com/万博下载包news/default.asp?item=Advisory1参考:报价:1490参考:网址:http://www.securityfocus.com/bid/1490缓冲区溢出的web存档组件ot L-Soft其实早1.8 d和允许远程攻击者执行任意命令通过一个查询字符串。ED_PRI - 2000 - 0632 1投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0653:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:女士:ms00 - 045参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 045. - asp参考:报价:1502参考:网址:http://www.securityfocus.com/bid/1502微软的Outlook Express允许远程攻击者监控用户的电子邮件通过创建一个持久的浏览器与windows Outlook Express,又名“持久Mail-Browser链接”的弱点。ED_PRI - 2000 - 0653 1投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0666:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000716很多很多乐趣与rpc。statd参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html参考:DEBIAN: 20000715 rpc。statd:远程根利用参考:网址:http://www.debian.org/security/2000/20000719a参考:REDHAT: RHSA-2000:043-03参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 043 - 03. - html参考:BUGTRAQ: 20000717 CONECTIVA LINUX安全公告——nfs-utils参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html参考:BUGTRAQ: 20000718 Trustix安全顾问——nfs-utils参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html参考:BUGTRAQ: 20000718[安全]宣布MDKSA-2000:021 nfs-utils更新参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html参考:火山口:综援- 2000 - 025.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 025.0.txt参考:报价:1480参考:网址:http://www.securityfocus.com/bid/1480rpc。statd nfs-utils包中在不同的Linux发行版本不正确清洁不可信的格式字符串,它允许远程攻击者获得根权限。ED_PRI - 2000 - 0666 1投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0667:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:火山口:综援- 2000 - 024.0参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0273.html参考:报价:1512参考:网址:http://www.securityfocus.com/bid/1512脆弱性在火山口中gpm Linux允许本地用户删除任意文件或进行拒绝服务。ED_PRI - 2000 - 0667 1投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0633:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000718 MDKSA-2000:020 usermode更新参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0251.html参考:报价:1489参考:网址:http://www.securityfocus.com/bid/1489脆弱性在Mandrake Linux usermode包允许本地用户重新启动或停止系统。ED_PRI - 2000 - 0633 2投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0623:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:NTBUGTRAQ: 20000719警报:缓冲区溢出是O ' reilly WebsitePro httpd32。exe (CISADV000717)参考:网址:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=5946参考:报价:1492参考:网址:http://www.securityfocus.com/bid/1492缓冲区溢位O ' reilly的网站专业web server 2.4和更早的允许远程攻击者执行任意命令通过GET请求或介绍人头。ED_PRI - 2000 - 0623 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0624:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000720 Winamp M3U播放列表解析器缓冲区溢位安全漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0289.html参考:报价:1496参考:网址:http://www.securityfocus.com/bid/1496早些时候在WinAmp 2.64和缓冲区溢出允许远程攻击者执行任意命令通过一个长# EXTINF:扩展M3U播放列表。ED_PRI - 2000 - 0624 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0625:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:L0PHT: 20000718 NetZero密码加密算法参考:网址:http://www.l0pht.com/advisories/netzero.txt参考:报价:1483参考:网址:http://www.securityfocus.com/bid/1483NetZero 3.0和更早的使用弱加密存储用户的登录信息,它允许本地用户解密密码。ED_PRI - 2000 - 0625 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0626:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000718多个bug在阿里巴巴2.0参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0237.html参考:报价:1482参考:网址:http://www.securityfocus.com/bid/1482缓冲区溢位在阿里巴巴web服务器允许远程攻击者造成拒绝服务通过一个GET请求。ED_PRI - 2000 - 0626 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0627:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000718黑板Courseinfo v4.0用户身份验证参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0254.html参考:报价:1486参考:网址:http://www.securityfocus.com/bid/1486黑板CourseInfo 4.0不恰当地对用户进行身份验证,它允许本地用户修改CourseInfo数据库信息和获得特权通过直接调用user_update_passwd等支持CGI程序。pl和user_update_admin.pl。ED_PRI - 2000 - 0627 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0634:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000717 s21sec - 003:漏洞在CommuniGate Pro v3.2.4参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0223.html参考:报价:1493参考:网址:http://www.securityfocus.com/bid/1493早些时候CommuniGate Pro 3.2.5 web管理界面,允许远程攻击者读取任意文件通过一个. .(点点)攻击。ED_PRI - 2000 - 0634 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0636:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000719惠普Jetdirect——无效的FTP命令DoS参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0265.html参考:报价:1491参考:网址:http://www.securityfocus.com/bid/1491惠普打印机JetDirect版本G.08.20和H.08.20早些时候,允许远程攻击者造成拒绝服务通过一个畸形的FTP引用命令。ED_PRI - 2000 - 0636 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0643:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000711的DoS WEBactive win65 / NT服务器参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671@Rage.Resentment.org参考:报价:1470参考:网址:http://www.securityfocus.com/bid/1470缓冲区溢出WebActive HTTP Server 1.00允许远程攻击者通过一个长URL引起拒绝服务。ED_PRI - 2000 - 0643 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0649:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:NTBUGTRAQ: 20000713 IIS4基本身份验证领域问题参考:网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0025.html参考:报价:1499参考:网址:http://www.securityfocus.com/bid/1499IIS 4.0允许远程攻击者获得服务器的内部IP地址通过一个HTTP 1.0 web页面请求保护的基本身份验证,也没有定义的领域。ED_PRI - 2000 - 0649 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0662:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000714 IE 5.5和5.01的弱点——阅读至少来自任何主机的本地和文本和html文件解析参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=396EF9D5.62EEC625@nat.bg参考:报价:1474参考:网址:http://www.securityfocus.com/bid/1474Internet Explorer 5。x和Microsoft Outlook允许远程攻击者读取任意文件重定向使用DHTML IFRAME的内容编辑控件(DHTML)。ED_PRI - 2000 - 0662 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0665:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:NTBUGTRAQ: 20000717 DoS Gamsoft TelSrv telnet服务器Windows 95/98 / NT / 2 k女士。参考网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0031.html参考:报价:1478参考:网址:http://www.securityfocus.com/bid/1478AMSoft TelSrv telnet服务器1.5和更早的允许远程攻击者通过长导致拒绝服务用户名。ED_PRI - 2000 - 0665 3投票:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0675:最终决定:阶段性裁决:修改:建议:20000803分配:20000802类别:科幻参考:BUGTRAQ: 20000713 MDMA船员的看门人利用参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=00af01bfece2 e1ec4@kungphusion a52cbd80 367美元参考:报价:1477参考:网址:http://www.securityfocus.com/bid/1477早些时候在Infopulse看门人3.5和缓冲区溢出允许远程攻击者执行任意命令通过一个长字符串。ED_PRI - 2000 - 0675 3投票: