(提案)集群RECENT-33和RECENT-34 - 56的候选人

这个消息包含候选人2集群,由于候选人本周提出的体积。在投票网站集群分离。董事会成员可以使用web站点,而不是这个投票,投票发布其他董事会成员和作为一个公共记录的一部分。这些投票投票包括新的分析领域应用程序的前一篇文章中讨论与解释的内容决定。供应商确认的程度也更加突出。最后,添加了一个新的ACCEPT_REASON形式对董事会成员包括他们投票的原因接受或修改一个项目。RECENT-33包含30个候选人宣布8/9/2000和8/16/2000之间。RECENT-34包含26个问题宣布8/17/2000和8/24/2000之间。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。 2) If you see any missing references, please mention them so that they can be included. References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2000-0677 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000921 Assigned: 20000823 Category: SF Reference: ISS:20000907 Buffer Overflow in IBM Net.Data db2www CGI program. Reference: URL:http://xforce.iss.net/alerts/在IBM净缓冲区溢出。数据db2www CGI程序允许远程攻击者执行任意命令通过一个长PATH_INFO环境变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0677 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0678:最终决定:阶段性裁决:修改:建议:20000921分配:20000825类别:科幻参考:CERT: ca - 2000 - 18参考:网址:http://www.cert.org/advisories/ca - 2000 - 18. - html参考:报价:1606参考:网址:http://www.securityfocus.com/bid/1606PGP 5.5。x通过6.5.3不正确检查是否一个额外的解密密钥(理应)是存储在公共证书的签名部分,它允许攻击者可以修改一个受害者的公共证书解密加密的任何数据和修改后的证书。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0678 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0706:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:FREEBSD: FreeBSD-SA-00:36参考:网址:http://archives.neohapsis.com/archives/freebsd/2000-08/0095.html参考:DEBIAN: 20000830 ntop:仍然使用缓冲区溢出远程利用参考:网址:http://www.debian.org/security/2000/20000830参考:报价:1576参考:网址:http://www.securityfocus.com/bid/1576缓冲区溢出ntop运行在web模式允许远程攻击者执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0706 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0725:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:确认:http://www.zope.org/Products/Zope/Hotfix_08_09_2000/security_alert参考:REDHAT: RHSA-2000:052-02参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0131.html参考:DEBIAN: 20000821 zope:未经授权的升级特权(更新)参考:网址:http://www.debian.org/security/2000/20000821参考:BUGTRAQ: 20000821 Conectiva Linux安全公告——Zope参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0259.html参考:BUGTRAQ: 20000816 MDKSA-2000:035 Zope更新参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0198.html参考:报价:1577参考:网址:http://www.securityfocus.com/bid/1577Zope 2.2.1之前不适当的限制将getRoles方法,它允许用户可以编辑DTML添加或修改角色通过修改角色列表包含在请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0725 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0730:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:惠普:hpsbux0008 - 118参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0144.html参考:报价:1580参考:网址:http://www.securityfocus.com/bid/1580脆弱性newgrp命令在hp - ux 11.0允许本地用户获得特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0730 1供应商确认:是的咨询没有足够的信息来确定如果这是相同的漏洞cve - 1999 - 0050,这是几年前公布。分别是安全的,这是被记录下来。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0733:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000814 (LSD) IRIX telnetd远程漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0154.html参考:SGI: 20000801 - 02 - p参考:网址:ftp://sgigate.sgi.com/security/20000801-02-P参考:报价:1572参考:网址:http://www.securityfocus.com/bid/1572Telnetd telnet服务器IRIX 5.2到6.1不正确清洁user-injected格式字符串,它允许远程攻击者执行任意命令通过一个长行变量IAC-SB-TELOPT_ENVIRON请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0733 1供应商确认:是的咨询在SGI顾问描述这个缓冲区溢位问题,它实际上是一个格式字符串的问题,表示的引用,SGI包括咨询。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0754:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:惠普:hpsbux0008 - 119参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0144.html参考:报价:1581参考:网址:http://www.securityfocus.com/bid/1581脆弱性在惠普OpenView网络节点管理器(NMM) 6.1版本相关的密码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0754 1供应商确认:是的咨询惠普咨询并没有提供额外的细节。很难告诉什么影响/破坏,或是否在本地或远程利用的问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0763:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000816 xlock脆弱性参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000815231724.A14694@subterrain.net参考:DEBIAN: 20000816 xlockmore:可能的影子文件妥协引用:网址:http://www.debian.org/security/2000/20000816参考:FREEBSD: FreeBSD-SA-00:44。xlockmore参考:网址:http://archives.neohapsis.com/archives/freebsd/2000-08/0340.html参考:BUGTRAQ: 20000817 Conectiva Linux安全公告——xlockmore参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0212.html参考:BUGTRAQ: 20000823 MDKSA-2000:038——xlockmore更新参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0294.html参考:报价:1585参考:网址:http://www.securityfocus.com/bid/1585xlockmore和xlockf不正确清洁user-injected格式字符串,它允许本地用户通过- d选项获得根权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0763 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0765:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:女士:ms00 - 056参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 056. - asp参考:报价:1561参考:网址:http://www.securityfocus.com/bid/1561缓冲区溢出在HTML解释器在微软Office 2000允许攻击者执行任意命令通过一个长嵌入对象标签,又名“Microsoft Office HTML对象标记”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0765 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0767:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:女士:ms00 - 055参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 055. - asp参考:报价:1564参考:网址:http://www.securityfocus.com/bid/1564ActiveX控件的调用的脚本在Internet Explorer 4。x和5。x渲染任意文件类型而不是HTML,这允许攻击者读取任意文件,又名“小脚本呈现”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0767 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0768:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:女士:ms00 - 055参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 055. - asp参考:报价:1564参考:网址:http://www.securityfocus.com/bid/1564一个函数在Internet Explorer 4。x和5。x不正确验证的领域框架在一个浏览器窗口,它允许远程攻击者读取客户端文件,又名“帧域验证”的一种变体的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0768 1供应商确认:是的咨询原“帧域验证”中描述的问题是:女士ms00 - 033和cve - 2000 - 0465。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0770:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:女士:ms00 - 057参考:http://www.microsoft.com/technet/security/bulletin/ms00 - 057. - asp参考:报价:1565参考:网址:http://www.securityfocus.com/bid/1565IIS 4.0和5.0不适当限制某些类型的文件当父文件夹权限限制较少,这可能允许远程攻击者绕过访问限制一些文件,又名“文件权限规范化”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0770 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0778:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:女士:ms00 - 058参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 058. - asp参考:BUGTRAQ: 20000815翻译:f总结历史和思想参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=080D5336D882D211B56B0060080F2CD696A7C9@beta.mia.cz参考:NTBUGTRAQ: 20000816翻译:f参考:网址:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0008&L=ntbugtraq&F=&S=&P=5212参考:报价:1578参考:网址:http://www.securityfocus.com/bid/1578IIS 5.0允许远程攻击者获得asp的源代码文件和其他脚本通过HTTP GET请求“翻译:f”头,又名“专业头”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0778 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0787:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000817 XChat URL处理器vulnerabilty参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0215.html参考:报价:1601参考:网址:http://www.securityfocus.com/bid/1601参考:REDHAT: RHSA-2000:055-03参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 055 - 03. - html参考:BUGTRAQ: 20000824 MDKSA-2000:039——xchat更新参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0301.html参考:BUGTRAQ: 20000825 Conectiva Linux安全公告——xchat参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0305.htmlIRC客户机版本1.4.2 Xchat早些时候,允许远程攻击者执行任意命令shell元字符编码到一个URL Xchat用来启动一个web浏览器。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0787 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0800:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:SUSE: 20000810 knfsd安全漏洞,所有版本参考:网址:http://www.suse.de/de/support/security/suse_security_announce_58.txt在rpc字符串解析错误。kstatd linuxnfs或者knfsd包在SuSE和可能的其他Linux系统允许远程攻击者获得根权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0800 1供应商确认:是的描述:这听起来像是一个新格式字符串的问题,但咨询的措辞还不清楚。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0708:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:NTBUGTRAQ: 20000824远程DoS攻击在编译指示TelnetServer 2000(远程执行守护进程)脆弱性参考:网址:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0008&L=NTBUGTRAQ&P=R4247参考:报价:1605参考:网址:http://www.securityfocus.com/bid/1605编译指示系统中的缓冲区溢出TelnetServer 2000 4.0版允许远程攻击者造成拒绝服务通过一系列的空字符rexec端口。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0708 2供应商确认:是的网页供应商确认http://www.pragmasys.com/TelnetServer/:“USSRLabs报道一个缓冲区溢出安全漏洞为NT TelnetD服务器版本4构建4。这个问题已经纠正,现在可以下载“投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0709:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000823 Xato咨询:首页DOS设备DOS参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html参考:确认:http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp参考:报价:1608参考:网址:http://www.securityfocus.com/bid/1608shtml。exe组件的网页制作2000服务器扩展1.1允许远程攻击者造成拒绝服务的一些组件请求URL的名字包括一个标准的DOS设备名称。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0709 2供应商确认:是的补丁投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0718:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000812 MDKSA-2000:034 MandrakeUpdate更新参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0146.html参考:报价:1567参考:网址:http://www.securityfocus.com/vdb/bottom.html?vid=1567竞态条件MandrakeUpdate允许本地用户修改RPM文件时在/ tmp目录中安装。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0718 2供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0743:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000810远程漏洞Gopherd 2。x参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0112.html参考:报价:1569参考:网址:http://www.securityfocus.com/bid/1569缓冲区溢出在明尼苏达大学(学院)gopherd 2。x允许远程攻击者执行任意命令通过一个DES密钥生成请求(GDESkey)包含一个长票价值。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0743 2供应商确认:是的补丁确认:第503 - 501行gopher2_3.1 / gopherd /身份验证。c在以下分布提供补丁,建议在原来的职位:ftp://boombox.micro.umn.edu/pub/gopher/Unix/gopher2_3.1.tar.gz投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0744:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000810远程漏洞Gopherd 2。x参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0112.html参考:报价:1569参考:网址:http://www.securityfocus.com/bid/1569缓冲区溢出在明尼苏达大学(学院)gopherd 2。x允许远程攻击者执行任意命令通过一个DES密钥生成请求(GDESkey)包含一个长票价值。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0744 2供应商确认:是的补丁投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0745:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000821 Vuln。在所有网站使用PHP-Nuke版本小于3参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0243.html参考:报价:1592参考:网址:http://www.securityfocus.com/bid/1592管理。php3 PHP-Nuke不正确验证PHP-Nuke管理员密码,远程攻击者可以通过请求URL获得特权,不指定援助或pwd参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0745 2供应商确认:是的、确认:PHP-Nuke-3.0.tar更改文件。广州分布:http://www.ncc.org.ve/php-nuke.php3?op=download&location=&file=包括以下:> 2000年8月:3.0版本> = = = = = = = = = = = = = = = = = = = = = = = = > -固定安全缺陷管理。php3允许任何人进入到>管理部分没有登录名和密码投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0758:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000811 Lyris列表管理器管理洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0149.html参考:确认:http://www.lyris.com/lm/lm_updates.html参考:报价:1584参考:网址:http://www.securityfocus.com/bid/1584Lyris列表管理器3和4的web界面允许用户列表获取管理权限通过修改list_admin隐藏表单字段的值。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0758 2供应商确认:是的网页投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0761:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000815 OS / 2 4.5经FTP服务器DoS参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0166.html参考:确认:ftp://ftp.software.ibm.com/ps/products/tcpip/fixes/v4.3os2/ic27721/README参考:报价:1582参考:网址:http://www.securityfocus.com/bid/1582OS2 /经4.5 FTP服务器允许远程攻击者造成拒绝服务通过用户名。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0761 2供应商确认:是的补丁投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0780:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000830脆弱性报告IPSWITCH IMail参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=96767207207553&w=2参考:确认:http://www.ipswitch.com/Support/IMail/万博下载包news.html参考:报价:1617参考:网址:http://www.securityfocus.com/bid/16176.04和更早的web服务器在IPSWITCH IMail允许远程攻击者读取和删除任意文件通过一个. .(点点)攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0780 2供应商确认:是的新闻投票部分- - -万博下载包 - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0782:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000817 Netauth:基于Web的电子邮件管理系统参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=NEBBJCLKGNOGCOIOBJNAGEHLCPAA.marc@eeye.com参考:确认:http://netwinsite.com/netauth/updates.htm参考:报价:1587参考:网址:http://www.securityfocus.com/bid/1587netauth。cgi程序在Netwin Netauth早4.2 e和允许远程攻击者读取任意文件通过一个. .(点点)攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0782 2供应商确认:是的changelog投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0792:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000819安全更新Gnome-Lokkit参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0252.html参考:报价:1590参考:网址:http://www.securityfocus.com/bid/1590Gnome Lokkit防火墙包之前0.41不适当限制访问某些港口,即使用户不提供任何服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0792 2供应商确认:是的文章投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0686:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000823拍卖WeaverT LITE 1.0参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0310.html参考:报价:1630参考:网址:http://www.securityfocus.com/bid/16301.03和更早的拍卖韦弗CGI脚本允许远程攻击者读取任意文件通过一个. .(点点)袭击fromfile参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0686 3供应商确认:是的补丁内容决定:SF-LOC现在还不确定这个问题是否固定在1.02或1.03。的源代码http://www.cgiscriptcenter.com/awl/awl10.zip表明catdir参数是洁净比fromfile参数在不同的代码行。因此CD: SF-LOC说为fromfile vs catdir有单独的条目。fromfile和catdir参数也遭受了一个shell元字符的问题,所以CD: SF-LOC说让他们独立。此外,至少有一个版本,这个问题但不是shell元字符的问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0687:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000823拍卖WeaverT LITE 1.0参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0310.html参考:报价:1630参考:网址:http://www.securityfocus.com/bid/16301.03和更早的拍卖韦弗CGI脚本允许远程攻击者读取任意文件通过一个. .(点点)袭击catdir参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0687 3供应商确认:是的补丁内容决定:SF-LOC现在还不确定这个问题是否固定在1.02或1.03。一看源代码http://www.cgiscriptcenter.com/awl/awl10.zip表明catdir参数是洁净比fromfile参数在不同的代码行。因此CD: SF-LOC说为fromfile vs catdir有单独的条目。fromfile和catdir参数也遭受了一个shell元字符的问题,所以CD: SF-LOC说让他们独立。此外,至少有一个版本,这个问题但不是shell元字符的问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0688:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000823订阅我脆弱参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0292.html参考:BUGTRAQ: 20000823 Re:订阅我CGI漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=96722957421029&w=2参考:确认:http://www.cgiscriptcenter.com/subscribe/参考:报价:1607参考:网址:http://www.securityfocus.com/bid/1607订阅我LITE不正确验证试图修改管理员密码,它允许远程攻击者获得特权的客户经理通过直接调用订阅。pl脚本与setpwd参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0688 3供应商确认:是的email-followup内容决定:SF-EXEC这是相同类型的问题的客户经理LITE。虽然两个产品是同一供应商提供的,他们分别分布,因此不是同一个包的一部分。因此CD: SF-EXEC说保持这一个独立于订阅我LITE的问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0689:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000823客户经理CGI漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0291.html参考:确认:http://www.cgiscriptcenter.com/acctlite/参考:报价:1604参考:网址:http://www.securityfocus.com/bid/1604客户经理LITE不正确验证试图修改管理员密码,它允许远程攻击者获得特权直接调用amadmin为客户经理。pl脚本与setpasswd参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0689 3供应商确认:未知的内容决定:SF-EXEC这是相同类型的问题的订阅我LITE。虽然两个产品是同一供应商提供的,他们分别分布,因此不是同一个包的一部分。因此CD: SF-EXEC说保持这一个独立于订阅我LITE的问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0692:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000822 DOS RealSecure 3.2参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0267.html参考:报价:1597参考:网址:http://www.securityfocus.com/bid/1597ISS RealSecure 3.2.1、3.2.2允许远程攻击者通过大量分散导致拒绝服务包设置了SYN标志。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0692 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0698:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000819 RH 6.1/6.2小型计算机脆弱性参考:网址:http://www.securityfocus.com/archive/1/77361参考:报价:1599参考:网址:http://www.securityfocus.com/bid/1599小型计算机1.82.1早些时候,在一些Linux系统允许本地用户创建任意文件通过一个符号链接攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0698 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0702:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000821 (HackersLab bugpaper] hp - ux网。init rc脚本参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0261.html参考:报价:1602参考:网址:http://www.securityfocus.com/bid/1602净。init rc脚本在hp - ux 11.00 (S008net.init)允许本地用户通过符号链接攻击覆盖任意文件/ tmp / stcp点。conf目标文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0702 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0710:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000823 Xato咨询:首页DOS设备DOS参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html参考:确认:http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp参考:报价:1608参考:网址:http://www.securityfocus.com/bid/1608shtml。exe组件的网页制作2000服务器扩展1.1允许远程攻击者确定服务器的物理路径组件通过请求一个无效的URL名字包括一个标准的DOS设备名称。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0710 3供应商确认:是的补丁内容决定:DESIGN-REAL-PATH CD: DESIGN-REAL-PATH说,揭示物理路径信息,远程攻击者是一个接触,因此应该被包括在CVE。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0716:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:NTBUGTRAQ: 20000809会话劫持在Alt-N MDaemon 2.8参考:网址:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0008&L=ntbugtraq&F=&S=&P=459参考:报价:1553参考:网址:http://www.securityfocus.com/bid/1553WorldClient MDaemon 2.8邮件客户端包括推荐人的会话ID字段的一个HTTP请求时,用户点击一个URL,它允许访问网站hijcak会话ID和阅读用户的电子邮件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0716 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0719:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000810 VariCAD 7.0 premission脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0126.htmlVariCAD 7.0安装对外公开的文件,它允许本地用户VariCAD程序替换为一个特洛伊木马程序。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0719 3供应商确认:未知的内容决定:INSTALL-PERM抽象问题:像这样的一些问题有关的安装文件,设置不适当的权限。每一个单独的文件要一个单独的CVE条目吗?或者点符号应使用?这个问题已经被贴上CD: INSTALL-PERM。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0721:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000810旗舰v4.48.7449 premission脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0114.html参考:报价:1586参考:网址:http://www.securityfocus.com/bid/1586FlagShip_c, FSserial旗舰包安装和FlagShip_p项目对外公开,它允许本地用户取代特洛伊木马。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0721 3供应商确认:未知的内容决定:INSTALL-PERM抽象问题:像这样的一些问题有关的安装文件,设置不适当的权限。每一个单独的文件要一个单独的CVE条目吗?或者点符号应使用?这个问题已经被贴上CD: INSTALL-PERM。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0722:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000819多个本地漏洞在螺旋Gnome安装程序参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=e13qayl - 0007 - il - 00 - @the village.bc.nu参考:BUGTRAQ: 20000820螺旋代码安全顾问——螺旋GNOME更新参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0240.html参考:BUGTRAQ: 20000820(螺旋β)螺旋代码安全顾问——螺旋GNOME安装程序参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0251.html参考:报价:1593参考:网址:http://www.securityfocus.com/bid/15930.5和更早的螺旋GNOME Updater helix-update允许本地用户安装任意RPM包通过创建/ tmp /前helix-install安装目录的根已经开始安装包。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0722 3供应商确认:对咨询内容的决定:SF-LOC, EX-BETA包含:海报表明这软件是处于测试阶段,在这种情况下,CD: EX-BETA可能会认为这个问题应该从CVE被排除在外。然而,海报还说,看来,很多人可能会使用的产品,在这种情况下,CD: EX-BETA会破例,认为这应该是包括在内。抽象:CD: SF-LOC适用,因为可能有多个bug在同一个软件,即这个和覆盖各种/等文件。然而,/只适用于一些操作系统的影响等问题,这是一个指示器,虫子不发生在相同的代码行。因此CD: SF-LOC,在没有更多信息的情况下,表明这些问题保持分裂。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0723:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000819多个本地漏洞在螺旋Gnome安装程序参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=e13qayl - 0007 - il - 00 - @the village.bc.nu参考:BUGTRAQ: 20000820(螺旋β)螺旋代码安全顾问——螺旋GNOME安装程序参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0251.html参考:报价:1596参考:网址:http://www.securityfocus.com/bid/15960.5和更早的螺旋GNOME Updater helix-update不正确创建/ tmp目录,它允许本地用户创建空/etc/config.等系统配置文件d / bashrc, (/etc/config.d/csh.cshrc, /etc/rc.config.分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0723 3供应商确认:对咨询内容的决定:SF-LOC, EX-BETA包含:海报表明这软件是处于测试阶段,在这种情况下,CD: EX-BETA可能会认为这个问题应该从CVE被排除在外。然而,海报还说,看来,很多人可能会使用的产品,在这种情况下,CD: EX-BETA会破例,认为这应该是包括在内。抽象:CD: SF-LOC适用,因为可能有多个bug在同一个软件,即这个和rpm的安装在/ tmp / helix-install。然而,/只适用于一些操作系统的影响等问题,这是一个指示器,虫子不发生在相同的代码行。因此CD: SF-LOC,在没有更多信息的情况下,表明这些问题保持分裂。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0724:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000829多螺旋代码安装问题(go-gnome)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0351.html参考:BUGTRAQ: 20000829螺旋代码安全顾问——go-gnome pre-installer参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0356.html参考:报价:1622参考:网址:http://www.securityfocus.com/bid/1622go-gnome螺旋GNOME pre-installer允许本地用户覆盖任意文件通过一个符号链接攻击在/ tmp的各种文件,包括uudecode,狼吞虎咽,一些安装文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0724 3供应商确认:对咨询内容的决定:EX-BETA包含:海报表明这软件是处于测试阶段,在这种情况下,CD: EX-BETA可能会认为这个问题应该从CVE被排除在外。然而,海报还说,看来,很多人可能会使用的产品,在这种情况下,CD: EX-BETA会破例,认为这应该是包括在内。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0735:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000818贝基!互联网邮件缓冲区溢位参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0234.html参考:确认:http://member.nifty.ne.jp/rimarts/becky-e/Readme.txt参考:报价:1588参考:网址:http://www.securityfocus.com/bid/1588缓冲区溢出在贝基!互联网邮件客户端1.26.03早些时候,允许远程攻击者造成拒绝服务通过一个长- type: MIME头当用户回复消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0735 3供应商确认:是的日志内容决定:SF-LOC抽象:虽然这个漏洞是几乎一模一样,当用户转发消息,直到1.26.04转发问题不是固定的。自从转发错误仍然存在这一个固定后,CD: SF-LOC表明这两项应该保持分裂。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0736:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000818贝基!互联网邮件缓冲区溢位参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0234.html参考:确认:http://member.nifty.ne.jp/rimarts/becky-e/Readme.txt参考:报价:1588参考:网址:http://www.securityfocus.com/bid/1588缓冲区溢出在贝基!互联网邮件客户端1.26.04早些时候,允许远程攻击者造成拒绝服务通过一个长- type: MIME头当用户转发消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0736 3供应商确认:是的日志内容决定:SF-LOC抽象:虽然这个漏洞是几乎一模一样,当用户回复一条消息时,固定在1.26.03回复错误。因为这个错误应答后仍然存在缺陷是固定的,CD: SF-LOC表明这两项应该保持分裂。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0738:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:NTBUGTRAQ: 20000818 WebShield SMTP无限循环DoS攻击参考:网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0101.html参考:报价:1589参考:网址:http://www.securityfocus.com/bid/1589WebShield SMTP 4.5允许远程攻击者造成拒绝服务通过:发送电子邮件地址的。(时期)最后,导致WebShield本身不断发送电子邮件的副本。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0738 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0746:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000821 IIS 5.0跨站脚本漏洞——使用.shtml文件或/ _vti_bin / shtml。dll的引用:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=39A12BD6.E811BF4F@nat.bg参考:女士:ms00 - 060参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 060. - asp参考:报价:1594参考:网址:http://www.securityfocus.com/bid/1594参考:报价:1595参考:网址:http://www.securityfocus.com/bid/1595漏洞在IIS 4.0和5.0不正确防范跨站点脚本攻击(CSS)。他们允许恶意网站运营商中嵌入脚本链接到一个可信的网站,没有引用返回的错误消息返回给客户机。然后客户端执行这些脚本在同一上下文作为受信任站点,又名“IIS跨站点脚本漏洞。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0746 3供应商确认:对咨询内容的决定:SF-LOC, SF-EXEC抽象:CD: SF-LOC建议为每个不同的CSS条目创建一个单独的条目,但咨询和FAQ不提供足够的细节。原始Bugtraq邮报声称有两个独立的问题,一个在首页通过/ _vti_bin / shtml扩展。dll,另一个通过任何以.shtml的文件名。然而,它可能是.shtml文件重定向到shtml.dll;如果是这样,那么有可能只nbe一个错误(在shtml.dll),和CD: SF-LOC将应用和建议使用只有一个条目。然而,由于首页和所有安装IIS不是必需的,那么这两个问题都是不一样的“基本”软件包的一部分。所以CD: SF-EXEC建议提供单独的条目,一个用于网页制作扩展,和另一个IIS。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。 VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-0753 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000921 Assigned: 20000919 Category: SF Reference: BUGTRAQ:20000824 Outlook winmail.dat Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=LAW2-F305bYiMCIqtQv0000069d@hotmail.com参考:报价:1631参考:网址:http://www.securityfocus.com/bid/1631微软的Outlook邮件客户端识别的物理路径在winmail发送方的机器。dat对富文本格式(RTF)文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0753 3供应商确认:未知的内容决定:DESIGN-REAL-PATH CD: DESIGN-REAL-PATH说,揭示物理路径信息,远程攻击者是一个接触,因此应该被包括在CVE。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0755:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:惠普:hpsbux0008 - 118参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0144.html参考:报价:1581参考:网址:http://www.securityfocus.com/bid/1581脆弱性newgrp命令在hp - ux 11.00允许本地用户获得特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0755 3供应商确认:对咨询内容的决定:DISCOVERY-DATE包含:惠普咨询并没有提供额外的细节,但这看起来可能是一个重复的cve - 1999 - 0050。没有进一步的信息,然而,这个问题应该保持分开cve - 1999 - 0050。抽象:CD: DISCOVERY-DATE也表明,如果一个问题出现在版本X, X + n版本中消失,在X + n + 1重新出现,那么应该创建单独的条目,因为(a)一个问题在供应商的过程中重新引入错误,和(b)工具和系统管理员可能不知道的新变化,所以有一个单独的条目是一种处理方式。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0762:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:CF参考:BUGTRAQ: 20000811 eTrust访问控制-根妥协为默认安装参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=004601c003a1 ba473260美元ddeaa2cd@itradefair.net参考:确认:http://support.ca.com/techbases/eTrust/etrust_access_control-response.html参考:报价:1583参考:网址:http://www.securityfocus.com/bid/1583默认安装eTrust访问控制(原名seo)使用一个默认加密密钥,它允许远程攻击者恶搞eTrust管理员和获得的特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0762 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0766:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000819。年代脆弱性vqServer参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008270354.UAA10952@user4.hushmail.com参考:报价:1610参考:网址:http://www.securityfocus.com/bid/1610缓冲区溢出在vqSoft vqServer 1.4.49允许远程攻击者造成拒绝服务或可能获得特权通过HTTP GET请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0766 3供应商确认:未知poster-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0769:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000824网络服务器Pro 2.3.7脆弱性参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=96715834610888&w=2参考:报价:1611参考:网址:http://www.securityfocus.com/bid/1611O ' reilly的网站Pro 2.3.7安装上传。exe程序与执行权限为所有用户,远程攻击者可以通过直接调用uploader.exe创建和执行任意文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0769 3供应商确认:未知的内容决定:DISCOVERY-DATE包含:这可能是一个复制的cve - 1999 - 0177,影响网站根据XF: 1.1和2.0 beta http-website-uploaderhttp://xforce.iss.net/static/294.php。也看原文http://marc.theaimsgroup.com/?l=bugtraq&m=87602880019759&w=2也看到http://ora.leftcoast.net/archives/website-talk/msg02835.html的回复“michael@oreilly.com”技术支持查询7月13日,2000年,似乎大致类似于供应商确认。然而,这个候选人的海报说问题不存在于2.3.3版本,这可能是一个再现的老错误。因此CD: DISCOVERY-DATE适用。假设这是同样的错误。cve - 1999 - 0177 <“安全”2.3.3版本<脆弱2.3.7版本。因此这个项目应该保持独立于cve - 1999 - 0177。CD: DISCOVERY-DATE表明,如果一个问题出现在版本X, X + n版本中消失,在X + n + 1重新出现,那么应该创建单独的条目,因为(a)一个问题在供应商的过程中重新引入错误,和(b)工具和系统管理员可能不知道的新变化,所以有一个单独的条目是一种处理方式。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0772:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:CF参考:BUGTRAQ: 20000810风滚草Worldsecure (MMS)空白“sa”帐户密码漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html参考:确认:http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm参考:报价:1562参考:网址:http://www.securityfocus.com/bid/1562风滚草的安装信息管理系统(MMS) 4.6和更早的(以前Worldtalk Worldsecure)创建一个默认的帐户“sa”没有密码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0772 3供应商确认:未知的抽象:CD: CF-PASS表明,单独的条目应该为每个“服务”创建默认密码,无论有多少违约。如果采用这种方法,那么这应该是与其他数据库默认帐号/密码。生成的线程的讨论是一个很好的指标不同的视角记录是否默认密码是“真实”的漏洞。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0776:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000810 (DeepZone咨询)统计服务器5.02 x堆栈溢出(Win2k远程利用)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0118.html参考:报价:1568参考:网址:http://www.securityfocus.com/bid/1568Mediahouse统计服务器5.02 x允许远程攻击者执行任意命令通过一个HTTP GET请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0776 3供应商确认:未知的包容:这表面上看起来像一个欺骗的cve - 1999 - 0931,但播音员声称一些版本比5.02 x并未表现出问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0783:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000815沃奇卫士燃烧室认证DoS参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0162.html参考:报价:1573参考:网址:http://www.securityfocus.com/bid/1573沃奇卫士燃烧室II允许远程攻击者造成拒绝服务通过发送一个畸形的URL身份验证服务在端口4100上。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0783 3供应商确认:未知声称投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0784:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000816远程根妥协所有RapidStream VPN设备参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0216.html参考:报价:1574参考:网址:http://www.securityfocus.com/bid/1574sshd项目Rapidstream 2.1 Beta VPN设备有一个硬编码的一个空“rsadmin”帐号和密码,远程攻击者可以通过ssh执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0784 3供应商确认:是的后续内容决定:EX-BETA包含:CD: EX-BETA表明,这不应该被包括在CVE因为它是一个beta版本,除非这是广泛分布的。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0789:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000816 WinU 4/5弱口令漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0201.htmlWinU 5。x和早期使用弱加密存储其配置密码,它允许本地用户解密密码并获得特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0789 3供应商确认:未知的内容决定:DESIGN-WEAK-ENCRYPTION投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0790:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000828 5.5/5。x的Win98可以执行任意文件,可以通过访问微软网络。本地管理员妥协也至少在默认的Windows 2000。参考网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=3998370D.732A03F1@nat.bg参考:报价:1571参考:网址:http://www.securityfocus.com/bid/1571基于web的文件夹显示功能在Windows 98微软Internet Explorer 5.5允许本地用户插入特洛伊木马程序通过修改文件夹。计画文件和使用InvokeVerb方法ShellDefView ActiveX控件指定一个默认的执行选项列出的第一个文件的文件夹。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0790 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0791:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000815 Trustix安全顾问——apache-ssl参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0179.html参考:报价:1575参考:网址:http://www.securityfocus.com/bid/1575Trustix安装httpsd Apache-SSL项目对外公开权限,允许本地用户换成一个特洛伊木马。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0791 3供应商确认:是的发布内容决策:INSTALL-PERM抽象:像这样的一些问题有关的安装文件,设置不适当的权限。每一个单独的文件要一个单独的CVE条目吗?或者点符号应使用?这个问题已经被贴上CD: INSTALL-PERM。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论: