(提案)集群RECENT-35 - 18的候选人

下面的集群包含18个候选人宣布8/25/2000和8/31/2000之间。董事会成员可以使用web站点,而不是这个投票,投票发布其他董事会成员和作为一个公共记录的一部分。这些投票投票包括新的分析领域应用程序的前一篇文章中讨论与解释的内容决定。供应商确认的程度也更加突出。最后,添加了一个新的ACCEPT_REASON形式对董事会成员包括他们投票的原因接受或修改一个项目。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。 So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2000-0727 Published: Final-Decision: Interim-Decision: Modified: Proposed: 20000921 Assigned: 20000919 Category: SF Reference: BUGTRAQ:20000829 MDKSA-2000:041 - xpdf update Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=96766355023239&w=2参考:BUGTRAQ: 20000913 Conectiva Linux安全公告,xpdf参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=96886599829687&w=2xpdf参考:DEBIAN: 20000910:当地利用参考:网址:http://www.debian.org/security/2000/20000910a参考:REDHAT: RHSA-2000:060-03参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 060 - 03. - html参考:火山口:综援- 2000 - 031.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 031.0.txt参考:报价:1624参考:网址:http://www.securityfocus.com/bid/1624xpdf PDF查看器端早于0.91不正常启动一个web浏览器为嵌入式URL,它允许攻击者执行任意命令通过一个URL包含shell元字符。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0727 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0728:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000829 MDKSA-2000:041 xpdf——更新参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=96766355023239&w=2参考:BUGTRAQ: 20000913 Conectiva Linux安全公告,xpdf参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=96886599829687&w=2xpdf参考:DEBIAN: 20000910:当地利用参考:网址:http://www.debian.org/security/2000/20000910a参考:REDHAT: RHSA-2000:060-03参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 060 - 03. - html参考:火山口:综援- 2000 - 031.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 031.0.txt参考:报价:1624参考:网址:http://www.securityfocus.com/bid/1624xpdf PDF查看器端早于0.91允许本地用户覆盖任意文件通过一个符号链接攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0728 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0729:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:FREEBSD: FreeBSD-SA-00:41参考:网址:http://archives.neohapsis.com/archives/freebsd/2000-08/0337.html参考:报价:1625参考:网址:http://www.securityfocus.com/bid/1625FreeBSD 5。x 4。x,和3。x允许本地用户造成拒绝服务通过执行程序与畸形的精灵图像标题。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0729 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0749:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:FREEBSD: FreeBSD-SA-00:42参考:网址:http://archives.neohapsis.com/archives/freebsd/2000-08/0338.html参考:报价:1628参考:网址:http://www.securityfocus.com/bid/1628缓冲区溢出在FreeBSD Linux二进制兼容模块3。通过5 x。x允许本地用户获得根权限通过linux影子长文件名文件系统。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0749 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0771:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:女士:ms00 - 062参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 062. - asp参考:报价:1613参考:网址:http://www.securityfocus.com/bid/1613微软Windows 2000允许本地用户腐蚀导致拒绝服务的本地安全策略通过RPC交通畸形,又名“本地安全策略腐败”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0771 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0777:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:女士:ms00 - 061参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 061. - asp参考:报价:1615参考:网址:http://www.securityfocus.com/bid/1615微软钱的密码保护功能可以在明文存储密码,它允许攻击者与物理访问系统获取密码,又名“金钱密码”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0777 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0690:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000830与拍卖韦弗和CGI脚本中心更多的问题。参考网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0370.html参考网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0452.html1.02和更早的拍卖韦弗CGI脚本允许远程攻击者执行任意命令通过shell元字符fromfile参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0690 3供应商确认:是的email-followup内容决定:SF-LOC这个bug模模糊糊地提到在Readme。txt的下载http://www.cgiscriptcenter.com/awl/awl10.zip并承认在一封电子邮件跟踪。此外,你可以看到源代码的补丁。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0691:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000826咨询:mgetty当地妥协参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0329.html参考:确认:http://archives.neohapsis.com/archives/bugtraq/2000-08/0330.html参考:火山口:综援- 2000 - 029.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 029.0.txt参考:报价:1612参考:网址:http://www.securityfocus.com/bid/1612faxrunq和faxrunqd mgetty包允许本地用户创建或修改任意文件通过一个符号链接攻击从/var/spool/fax/outgoing/.创建一个符号链接last_run到目标文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0691 3供应商确认:是的后续内容决定:SF-EXEC抽象问题:CD: SF-EXEC表明保持faxrunq和相同的CVE faxrunqd项目因为有两个二进制文件在同一个包相同的缺陷。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0717:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000830 (EXPL) GoodTech FTP服务器容易DoS (RNTO)参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=02ff01c0124c a8c0@aviram e9387660 0201美元参考:报价:1619参考:网址:http://www.securityfocus.com/bid/1619GoodTech FTP服务器允许远程攻击者造成拒绝服务通过大量RNTO命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0717 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0720:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000929新闻出版商CGI漏洞参考:网址:万博下载包http://www.securityfocus.com/templates/archive.pike?list=1&msg=003301c0123b b29d4@e8s9s4 f8c1a0 18美元953美元参考:报价:1621参考:网址:http://www.securityfocus.com/bid/1621万博下载包新闻。cgi GWScripts新闻出版万博下载包商不正确验证请求添加一个作者作者索引,它允许远程攻击者直接添加新作者发布新的HTTP请求。cgi程序与一个addAuthor参数,设置新闻的推荐人。万博下载包cgi程序。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0720 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0726:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000829跟踪狂的CGImail给所有读访问服务器文件参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000829194618.H7744@thathost.com参考:报价:1623参考:网址:http://www.securityfocus.com/bid/1623CGIMail。exe Stalkerlab邮包1.1.2 CGI程序允许远程攻击者读取任意文件通过指定的文件附加美元隐藏表单变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0726 3供应商确认:未知的包容:海报表明他成功地在一个服务器上测试它,但供应商网站似乎正在下降。这不应该被包括在CVE没有强大的证明(或者是)一个已知的问题。然而,看来几ISP仍然是提供这种服务。分析:产品似乎是最好的文档:http://www.cnsp.com/cgimail/cgimailins.htm和“保留变量“当然表明潜在的滥用。这似乎已经被Mnemonix最初发现在1998年(http://ftp.hackzone.ru/nsp/info/www/cgi-bugs.htm)和复制更多的来源(如。http://webm43ac.ntx.net/Articles/cgimail.html),但这仍然是一个问题是否可以充分证明存在。cgichk CGI扫描仪包括这至少早在1999年代中期,但CGI扫描仪是臭名昭著的剪切和粘贴URL从其他的扫描仪,这使得它容易引入错误。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0731:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:NTBUGTRAQ: 20000825 DST2K0023:目录遍历可能&拒绝服务我们rm HTTP服务器参考:网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0111.html参考:报价:1626参考:网址:http://www.securityfocus.com/bid/1626蠕虫HTTP服务器允许远程攻击者读取任意文件通过一个. .(点点)攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0731 3供应商确认:未知的确认:9/16/2000,二进制不能从供应商网站下载,并没有漏洞的具体确认。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0732:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:NTBUGTRAQ: 20000825 DST2K0023:目录遍历可能&拒绝服务我们rm HTTP服务器参考:网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0111.html参考:报价:1626参考:网址:http://www.securityfocus.com/bid/1626蠕虫HTTP服务器允许远程攻击者通过一个长URL引起拒绝服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0732 3供应商确认:未知的确认:9/16/2000,二进制无法从供应商网站,下载,没有确认的脆弱性。这种产品似乎是免费软件。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0734:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000831远程DoS攻击在虹膜达1.01和间谍网CaptureNet v3.12参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=96774637326591&w=2参考:报价:1627参考:网址:http://www.securityfocus.com/bid/1627达虹膜1.01 beta允许远程攻击者造成拒绝服务通过大量的UDP连接。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0734 3供应商确认:未知的内容决定:EX-BETA包含:CD: EX-BETA表明,这不应该被包括在CVE因为它是一个beta版本,除非这是广泛分布的。这个线程还强调了许多相关问题CD: EX-BETA讨论,例如:http://marc.theaimsgroup.com/?l=bugtraq&m=96784626915584&w=2http://marc.theaimsgroup.com/?l=bugtraq&m=96783686531301&w=2投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0752:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:FREEBSD: FreeBSD-SA-00:43参考:网址:http://archives.neohapsis.com/archives/freebsd/2000-08/0339.html参考:报价:1629参考:网址:http://www.securityfocus.com/bid/1629缓冲区溢出可能brouted FreeBSD和其他操作系统允许本地用户获得根权限通过命令行参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0752 3供应商确认:对咨询内容的决定:SF-LOC CD: SF-LOC建议将这个对于每个缓冲区溢位,但源代码级别的更详细的分析是必要的。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0756:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000831电子名片DoS Outlook 2000参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Springmail.105.967737080.0.16997300@www.springmail.com参考:报价:1633参考:网址:http://www.securityfocus.com/bid/1633Microsoft Outlook 2000不正确流程长或畸形的字段在名片(.vcf)文件,它允许攻击者造成拒绝服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0756 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0764:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000828英特尔表达开关500系列DoS参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-08/0338.html参考:报价:1609参考:网址:http://www.securityfocus.com/bid/1609英特尔表达500系列交换机允许远程攻击者通过畸形引起拒绝服务IP数据包。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0764 3供应商确认:未知的确认:在网站找不到供应商确认。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:可以发表- 2000 - 0775:最终决定:阶段性裁决:修改:建议:20000921分配:20000919类别:科幻参考:BUGTRAQ: 20000828 (NT)海盗启用远程代码执行安全漏洞(长URL,解析日期)参考:网址:http://www.securityfocus.com/templates/archive.pike?list=1&msg=399a01c01122 a8c0@aviram 0 d7f2310 0201美元参考:确认:http://www.robtex.com/viking/bugs.htm参考:报价:1614参考:网址:http://www.securityfocus.com/bid/1614缓冲区溢出-370年RobTex维京服务器早于1.06允许远程攻击者造成拒绝服务或通过一个HTTP GET请求,执行任意命令或长Unless-Modified-Since If-Range或if - modified - since头。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0775 3供应商确认:对咨询内容的决定:SF-LOC抽象:有多种攻击会引发缓冲区溢出,在长得到以及MIME标头。如果这些都是由于相同的行代码(例如一个fgets()调用),然后CD: SF-LOC说将他们所有人。否则,如果有单独的行代码对于每一个坏头,那么应该创建单独的条目。但应该CD: SF-LOC条目的最大数量为每个不同的错误吗?写得很差的应用程序可能有数十或数百缓冲区溢位,但CVE应该为每一个单独的条目吗?这个候选人的抽象级别是一样的,可以- 2000 - 0623,也有HTTP GET和请求头的问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论: