(日期:][下一个日期][线程:][线程下][日期索引][线程索引]
(提案)集群近40 - 42的候选人
- 来:cve-editorial-board-list@lists.mitre.org
- 主题(建议):集群近40 - 42的候选人
- 从:“史蒂文·m·Christey " <coley@linus.mitre.org>
- 日期-0500年:星期二,2000年11月28日22:20:57(美国东部时间)
- 交货日期:2000年11月28日22:21:01星期二
- 发送方:owner-cve-editorial-board-list@lists.mitre.org
下面的集群包含29候选人宣布9月25日至10月4日,2000年。注意,投票网站将不会更新这个集群,直到周三的某个时候。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。如果你发现任何RECENT-XX集群是不完整的对过程中发现的问题相关的时间框架,请发送信息给我,这样候选人可以被指定。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。 So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2000-0803 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0803最终决定:阶段性裁决:修改:建议:20001129分配:20000922类别:科幻参考:国际空间站:20001004 GNU Groff公用事业从当前工作目录读取不可信的命令GNU Groff使用当前工作目录来找到一个设备描述文件,它允许本地用户获得更多的特权,包括恶意postpro指令描述文件,当另一个用户运行Groff执行。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0803 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0913网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0913最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20000929安全漏洞在Apache mod_rewrite参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0352.html参考:曼德拉草:MDKSA-2000:060参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 060 - 2. - php3?dis=7.1参考:REDHAT: RHSA-2000:088-04参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 088 - 04. - html参考:火山口:综援- 2000 - 035.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 035.0.txt参考:惠普:hpsbux0010 - 126参考:网址:http://archives.neohapsis.com/archives/hp/2000-q4/0021.html参考:BUGTRAQ: 20001011 Conectiva Linux安全公告——apache参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0174.html参考:报价:1728参考:网址:http://www.securityfocus.com/bid/1728参考:XF: apache-rewrite-view-files参考:网址:http://xforce.iss.net/static/5310.php在Apache mod_rewrite 1.3.12早些时候,允许远程攻击者读取任意文件如果RewriteRule指令扩展到包括一个文件名的名字包含正则表达式。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0913 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0917网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0917最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20000925格式字符串:错误# 2:LPRng参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html参考:火山口:综援- 2000 - 033.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 033.0.txt参考:REDHAT: RHSA-2000:065-06参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 065 - 06. - html参考:FREEBSD: FreeBSD-SA-00:56参考:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc参考:XF: lprng-format-string参考:网址:http://xforce.iss.net/static/5287.php参考:报价:1712参考:网址:http://www.securityfocus.com/bid/1712格式字符串漏洞在use_syslog()函数LPRng 3.6.24允许远程攻击者执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0917 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0929网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0929最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20000929畸形嵌入式Windows媒体播放器7“OCX附件”引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97024839222747&w=2参考:女士:ms00 - 068参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 068. - asp参考:报价:1714参考:网址:http://www.securityfocus.com/bid/1714参考:XF: mediaplayer-outlook-dos参考:网址:http://xforce.iss.net/static/5309.php微软Windows媒体播放器7允许攻击者导致RTF-enabled拒绝服务的电子邮件客户端通过嵌入式OCX控件不能正常关闭,又名“OCX附件”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0929 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0933网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0933最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:女士:ms00 - 069参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 069. - asp参考:报价:1729参考:网址:http://www.securityfocus.com/bid/1729参考:XF: win2k-simplified-chinese-ime参考:网址:http://xforce.iss.net/static/5301.php输入法编辑器(IME)简体中文版本的Windows 2000没有禁用访问特权功能,通常应限制,它允许本地用户获得特权,又名“简体中文输入法状态识别”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0933 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0947网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0947最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001002很可能远程根漏洞在cfengine参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0004.html参考:曼德拉草:MDKSA-2000:061参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 061. - php3?dis=7.1参考:NETBSD: NETBSD - sa2000 - 013参考:ftp://ftp.netbsd.org/pub/netbsd/misc/security/advisories/netbsd sa2000 txt.asc——013.参考:报价:1757参考:网址:http://www.securityfocus.com/bid/1757格式字符串漏洞在cfd守护进程在GNU CFEngine 1.6.0a11允许攻击者执行任意命令通过CAUTH命令格式字符。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0947 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0948网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0948最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001002 GnoRPM本地/ tmp脆弱性参考:网址:http://www.securityfocus.com/archive/1/136866参考:BUGTRAQ: 20001003 Conectiva Linux安全公告——gnorpm参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0043.html参考:曼德拉草:MDKSA-2000:055参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 055. - php3?dis=7.0参考:REDHAT: RHSA-2000:072-07参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 072. - html参考:BUGTRAQ: 20001011 Immunix OS的安全更新gnorpm包参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0184.html参考:报价:1761参考:网址:http://www.securityfocus.com/bid/1761参考:XF: gnorpm-temp-symlink参考:网址:http://xforce.iss.net/static/5317.phpGnoRPM之前0.95允许本地用户修改任意文件通过一个符号链接攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0948 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0949网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0949最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20000928参考非常有趣的traceroute缺陷:网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0344.html参考:火山口:综援- 2000 - 034.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 034.0.txt参考:曼德拉草:MDKSA-2000:053参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 053. - php3?dis=7.1参考:REDHAT: RHSA-2000:078-02参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 078 - 02. - html参考:DEBIAN: 20001013 traceroute:本地根利用参考:网址:http://www.debian.org/security/2000/20001013参考:涡轮:TLSA2000023-1参考:网址:http://www.turbolinux.com/pipermail/tl-security-announce/2000-October/000025.html参考:BUGTRAQ: 20000930 Conectiva Linux安全公告——traceroute参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0357.html参考:报价:1739参考:网址:http://www.securityfocus.com/bid/1739参考:XF: traceroute-heap-overflow参考:网址:http://xforce.iss.net/static/5311.php堆溢出早些时候在LBNL traceroute 1.4 a5和savestr函数允许本地用户通过- g选项执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0949 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0951网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0951最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:CF参考:ATSTAKE: A100400-1参考:网址:http://www.atstake.com/research/advisories/2000/a100400 - 1. - txt参考:MSKB: Q272079参考:网址:http://www.microsoft.com/technet/support/kb.asp?ID=272079参考:报价:1756参考:网址:http://www.securityfocus.com/bid/1756参考:XF: iis-index-dir-traverse参考:网址:http://xforce.iss.net/static/5335.phpIIS 5.0启用了索引服务器错误配置和索引属性设置允许远程攻击者在web根目录列表通过web分布式创作和版本控制(WebDAV)搜索。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0951 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0962网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0962最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:参考:BUGTRAQ: 20000925 Nmap对OpenBSD IPSEC协议扫描DoS参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0299.html参考:OPENBSD: 20000918坏ESP /啊包在一定条件下会崩溃。参考:报价:1723参考:网址:http://www.securityfocus.com/bid/1723IPSEC实现在OpenBSD 2.7不妥善处理空啊/ ESP数据包,它允许远程攻击者造成拒绝服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0962 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0993网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0993最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:OPENBSD: 20001003一个格式字符串漏洞存在于pw_error(3)函数。参考网址:http://www.openbsd.org/errata27.html pw_error参考:NETBSD: NETBSD - sa2000 - 015参考:网址:ftp://ftp.netbsd.org/pub/netbsd/misc/security/advisories/netbsd sa2000 txt.asc——015.参考:FREEBSD: FreeBSD-SA-00:58参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:58.chpass.asc参考:BUGTRAQ: 20001004 Re: OpenBSD安全咨询参考:网址:http://www.securityfocus.com/archive/1/137482参考:报价:1744参考:网址:http://www.securityfocus.com/bid/1744参考:XF: bsd-libutil-format参考:网址:http://xforce.iss.net/static/5339.php格式字符串漏洞在BSD libutil pw_error函数库允许本地用户通过畸形获得根权限密码如chpass或passwd命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0993 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0994网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0994最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001004 Re: OpenBSD安全咨询参考:网址:http://www.securityfocus.com/archive/1/137482参考:OPENBSD: 20001006有printf-style格式字符串在几个特权程序错误。参考:MISC:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch参考:报价:1746参考:网址:http://www.securityfocus.com/bid/1746参考:XF: bsd-fstat-format参考:网址:http://xforce.iss.net/static/5338.php格式字符串漏洞在OpenBSD fstat程序(可能还有其他基于bsd操作系统)允许本地用户获得根权限通过PWD环境变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0994 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0995网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0995最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:OPENBSD: 20001006有printf-style格式字符串在几个特权程序错误。参考:MISC:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch格式字符串漏洞在OpenBSD yp_passwd程序(可能还有其他基于bsd操作系统)允许攻击者获得根权限一个畸形的名字。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0995 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0996网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0996最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:OPENBSD: 20001006有printf-style格式字符串在几个特权程序错误。参考:MISC:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch格式字符串漏洞在苏OpenBSD项目(可能还有其他基于bsd的操作系统)允许本地攻击者获得根权限通过一个畸形的壳。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0996 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0997网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0997最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:OPENBSD: 20001006有printf-style格式字符串在几个特权程序错误。参考:MISC:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch参考:报价:1752参考:网址:http://www.securityfocus.com/bid/1752参考:XF: bsd-eeprom-format参考:网址:http://xforce.iss.net/static/5337.php格式字符串漏洞在OpenBSD eepm程序,NetBSD,可能还有其他操作系统允许本地攻击者获得根权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0997 1供应商确认:是的,这是不确定的OpenBSD源代码补丁需要哪些条件触发漏洞。有人可能会列出行号或影响函数,但可以随其他操作系统。CD: SF-LOC适用因为eepm有3种不同的代码需要补丁,所以这个项目应该是分裂。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0998网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0998最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:OPENBSD: 20001006有printf-style格式字符串在几个特权程序错误。参考:MISC:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch参考:FREEBSD: FreeBSD-SA-00:62参考:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:62.top.v1.1.asc参考:报价:1895参考:网址:http://www.securityfocus.com/bid/1895格式字符串漏洞在高级程序允许本地攻击者获得根权限通过“杀死”或“renice”功能。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0998 1供应商确认:是的抽象:CD: SF-LOC因为有很多行代码适用于高级的漏洞——一个生成的错误消息kill_procs(),和另一个消息由renice_procs ()。FreeBSD补丁应用在三个不同地方,所以CD: SF-LOC建议为每个单独的条目。然而,很难描述这些差异没有广泛的源代码审查所有的代码库的影响。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0999网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0999最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:OPENBSD: 20001006有printf-style格式字符串在几个特权程序错误。参考:MISC:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch格式字符串漏洞在OpenBSD ssh程序(可能还有其他基于bsd操作系统)允许攻击者获得根权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0999 1供应商确认:是的CD: SF-LOC因为有很多行代码适用于ssh的漏洞——看到OPenBSD补丁信息——但是如何显示CVE描述的差异?投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1011网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1011最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:FREEBSD: FreeBSD-SA-00:53参考:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc在catopen缓冲区溢出()函数在FreeBSD 5.0及之前,可能还有其他的操作系统,允许本地用户获得根权限通过环境变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1011 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1058网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1058最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:BUGTRAQ: 20000926 DST2K0014: BufferOverrun在惠普Openview网络节点管理器v6.1 (Round2)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97004856403173&w=2参考:惠普:hpsbux0009 - 121参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0274.html参考:XF: openview-nmm-snmp-bo参考:网址:http://xforce.iss.net/static/5282.php缓冲区溢出在惠普OpenView OverView5 CGI程序网络节点管理器(NNM) 6.1和更早的允许远程攻击者引起拒绝服务,并可能执行任意命令,在SNMP服务(snmp.exe),又名“Java SNMP MIB浏览器对象ID解析问题。”Analysis ---------------- ED_PRI CAN-2000-1058 1 Vendor Acknowledgement: yes advisory Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-0900 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0900最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001002 thttpd ssi:检索任意全局文件参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0025.html参考:XF: acme-thttpd-ssi参考:网址:http://xforce.iss.net/static/5313.php参考:报价:1737参考:网址:http://www.securityfocus.com/bid/1737目录遍历脆弱性在thttpd ssi CGI程序2.19和更早的允许远程攻击者读取任意文件通过一个“% 2 e % 2 e”字符串,一个变种的. .(点点)攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0900 2供应商确认:是的changelog投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0930网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0930最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001003飞马邮件文件阅读脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0039.html参考:BUGTRAQ: 20001030飞马邮件文件阅读脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0436.html参考:报价:1738参考:网址:http://www.securityfocus.com/bid/1738参考:XF: pegasus-file-forwarding参考:网址:http://xforce.iss.net/static/5326.php飞马邮件3.12允许远程攻击者通过嵌入式读取任意文件的URL调用mailto:协议- f开关。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0930 2供应商确认:是的补丁投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0932网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0932最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:NTBUGTRAQ: 20000926弗兰克-威廉姆斯:“SMTP MAILsweeper DOS为内容的技术。参考网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0181.html为SMTP MAILsweeper 3。x不妥善处理腐败的ZIP文件并挂CDA文档,它允许远程攻击者造成拒绝服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0932 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1059网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1059最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:CF参考:BUGTRAQ: 20000929曼德拉草7.1绕过Xauthority X会话安全。参考网址:http://www.securityfocus.com/archive/1/136495参考:曼德拉草:MDKSA-2000:052参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 052. - php3参考:报价:1735参考:网址:http://www.securityfocus.com/bid/1735参考:XF: xinitrc-bypass-xauthority参考:网址:http://xforce.iss.net/static/5305.phpXsession文件的缺省配置在Mandrake Linux 7.1和7.0绕过Xauthority访问控制机制的“xhost + localhost”命令,它允许本地用户嗅X Windows事件和获得的特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1059 2供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0906网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0906最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:参考:BUGTRAQ: 20001002此外Cached_Feed CGI漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0013.html参考:XF: moreover-cgi-dir-traverse参考:网址:http://xforce.iss.net/static/5334.php参考:报价:1762参考:网址:http://www.securityfocus.com/bid/1762目录遍历在Moreover.com cached_feed脆弱性。cgi脚本7月4.版本。00允许远程攻击者读取任意文件通过一个. .(点点)攻击类别或格式参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0906 3供应商确认:未知的海报声称,通用的评论内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0907网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0907最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:WIN2KSEC: 20000925 DST2K0030: DoS EServ 2.92构建2982参考:网址:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0131.htmlEServ 2.92构建2982允许远程攻击者可能导致拒绝服务和执行任意命令从命令通过直升机和邮件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0907 3供应商确认:没有大参考试图联系内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0925网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0925最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:CF参考:BUGTRAQ: 20001002 DST2K0035:信用卡(客户)细节暴露在CyberOff冰购物车v2参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97050819812055&w=2参考:WIN2KSEC: 20001002 DST2K0035:信用卡(客户)细节暴露在CyberOff冰购物车v2参考:网址:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0001.html参考:报价:1734参考:网址:http://www.securityfocus.com/bid/1734默认安装SmartWin CyberOffice购物车2(又名CyberShop)安装_private目录与世界可读权限,允许远程攻击者获取敏感信息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0925 3供应商确认:未知声称投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0926网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0926最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001002 DST2K0036:价格在CyberOffice购物车修改可能参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97050627707128&w=2参考:WIN2KSEC: 20001002 DST2K0036:价格修改可能在CyberOffice购物Ca rt参考:网址:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0000.html参考:报价:1733参考:网址:http://www.securityfocus.com/bid/1733SmartWin CyberOffice购物车2(又名CyberShop)允许远程攻击者修改价格信息通过改变“价格”隐藏的表单变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0926 3供应商确认:未知声称投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0927网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0927最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:NTBUGTRAQ: 20000928 DST2K0037: QuotaAdvisor 4.1 WQuinn容易alternati中绕开配额。参考网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0173.html参考:BUGTRAQ: 20000928 DST2K0037: QuotaAdvisor 4.1 WQuinn容易alternati中绕开配额。参考网址:http://archives.neohapsis.com/archives/bugtraq/2000-09//0331.html参考:报价:1724参考:网址:http://www.securityfocus.com/bid/1724参考:XF: quotaadvisor-quota-bypass参考:网址:http://xforce.iss.net/static/5302.phpWQuinn QuotaAdvisor 4.1不正确记录文件大小是否存储在替代数据流,它允许用户绕开配额限制。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0927 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0931网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0931最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001004另一个飞马邮件脆弱性参考:网址:http://www.securityfocus.com/archive/1/137518参考:报价:1750参考:网址:http://www.securityfocus.com/bid/1750缓冲区溢出的飞马邮件3.11允许远程攻击者可能导致拒绝服务和执行任意命令通过很长的电子邮件信息包含二进制数据。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0931 3供应商确认:未知声称投票通知部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0959网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0959最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20000926 ld.so bug - LD_DEBUG_OUTPUT遵循符号链接参考:网址:http://www.securityfocus.com/archive/1/85028参考:报价:1719参考:网址:http://www.securityfocus.com/bid/1719参考:XF: glibc-unset-symlink参考:http://xforce.iss.net/static/5299.phpglibc2不正确清除LD_DEBUG_OUTPUT和LD_DEBUG环境变量从setuid程序产生一个程序时,可以允许本地用户覆盖文件通过一个符号链接攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0959 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0964网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0964最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20000928另一个物体。参考网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0336.html参考:报价:1727参考:网址:http://www.securityfocus.com/bid/1727参考:XF: hinet-ipphone-get-bo参考:网址:http://xforce.iss.net/static/5298.php缓冲区溢出的web管理服务HiNet LP5100 ip电话允许远程攻击者可能导致拒绝服务和执行任意命令通过一个GET请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0964 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0992网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0992最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20000930 scp文件传输孔参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0359.html参考:曼德拉草:MDKSA-2000:057参考:报价:1742参考:网址:http://www.securityfocus.com/bid/1742目录遍历脆弱性在scp sshd 1.2。xx允许远程恶意scp服务器覆盖任意文件通过一个. .(点点)攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0992 3供应商确认:未知声称投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1000网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1000最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001003 AOL的即时通讯DoS参考:网址:http://www.securityfocus.com/archive/1/137374参考:报价:1747参考:网址:http://www.securityfocus.com/bid/1747参考:XF: aim-file-transfer-dos参考:网址:http://xforce.iss.net/static/5314.php格式字符串漏洞在AOL的即时通讯(AIM) 4.1.2010允许远程攻击者可能导致拒绝服务和执行任意命令的传输一个文件名称包括格式字符。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1000 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1004网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1004最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001004 Re: OpenBSD安全咨询参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97068555106135&w=2参考:XF: bsd-photurisd-format参考:网址:http://xforce.iss.net/static/5336.php格式字符串漏洞在OpenBSD photurisd允许本地用户执行任意命令通过一个配置文件包含格式化字符的目录名称。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1004 3供应商确认:这是最初分配报价:1755,但不再可用。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1008网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1008最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:ATSTAKE: A092600 - 1参考:网址:http://www.atstake.com/research/advisories/2000/a092600 - 1. - txt参考:报价:1715参考:网址:http://www.securityfocus.com/bid/1715PalmOS 3.5.2和早期使用弱加密存储用户密码,它允许攻击者与Palm设备的物理访问解密密码和访问设备。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1008 3供应商确认:是的严重争议内容决定:DESIGN-WEAK-ENCRYPTION投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1012网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1012最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:FREEBSD: FreeBSD-SA-00:53参考:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asccatopen函数在FreeBSD 5.0及之前,可能还有其他的操作系统,允许本地用户读取任意文件通过朗环境变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1012 3供应商确认:对咨询内容的决定:SF-LOC FreeBSD建议的补丁的分析表明,朗变量是罪魁祸首。抽象:CD: SF-LOC规定catopen()和setlocale()应该分开,因为他们是不同的细菌在不同的在不同的源文件的代码行。这是推断通过检查FreeBSD补丁。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1013网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1013最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:FREEBSD: FreeBSD-SA-00:53参考:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.ascsetlocale函数在FreeBSD 5.0及之前,可能还有其他的操作系统,允许本地用户读取任意文件通过朗环境变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1013 3供应商确认:对咨询内容的决定:SF-LOC FreeBSD建议的补丁的分析表明,朗变量是罪魁祸首。抽象:CD: SF-LOC规定catopen()和setlocale()应该分开,因为他们是不同的细菌在不同的在不同的源文件的代码行。这是推断通过检查FreeBSD补丁。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1014网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1014最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20000927 Unixware SCOhelp http服务器格式字符串漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0325.html参考:报价:1717参考:网址:http://www.securityfocus.com/bid/1717参考:XF: unixware-scohelp-format参考:网址:http://xforce.iss.net/static/5291.phpsearch97格式字符串漏洞。cgi cgi脚本在上海合作组织帮助http服务器Unixware 7允许远程攻击者通过格式字符queryText执行任意命令参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1014 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1015网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1015最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:CF参考:BUGTRAQ: 20000929与Slashcode默认管理员密码。参考网址:http://archives.neohapsis.com/archives/bugtraq/2000-09/0366.html参考:报价:1731参考:网址:http://www.securityfocus.com/bid/1731参考:XF: slashcode-default-admin-passwords参考:网址:http://xforce.iss.net/static/5306.php的默认配置Slashcode 2.0 Alpha版本有一个默认的管理密码之前,它允许远程攻击者获得Slashcode特权,都和可能执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1015 3供应商确认:是的发布内容决策:CF-PASS投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1017网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1017最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:参考:BUGTRAQ: 20001002 DST2K0039: Webteachers Webdata:导入文件低于web ro不可能在数据库引用:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0007.html参考:BUGTRAQ: 20001003更新DST2K0039: Webteachers Webdata:导入文件降低t汉web根在数据库引用:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0032.html参考:报价:1732参考:网址:http://www.securityfocus.com/bid/1732Webteachers Webdata允许远程攻击者与有效Webdata账户读取任意文件发布请求文件导入到Webdata数据库。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1017 3供应商确认:未知声称补丁投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1027网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1027最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001003思科PIX防火墙允许外部用户发现内部ip参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97059440000367&w=2参考:报价:1877参考:网址:http://www.securityfocus.com/bid/1877思科安全PIX防火墙5.2(2)允许远程攻击者,以确定目标的实际IP地址被洪水PASV请求的服务器,FTP服务器响应中包括真正的IP地址当被动模式。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1027 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1060网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1060最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:CF参考:BUGTRAQ: 20001002本地漏洞在XFCE 3.5.1参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0022.html参考:报价:1736参考:网址:http://www.securityfocus.com/bid/1736参考:XF: xinitrc-bypass-xauthority参考:网址:http://xforce.iss.net/static/5305.phpXFCE 3.5.1绕过了Xauthority的默认配置访问控制机制与“xhost + localhost”命令xinitrc程序,它允许本地用户嗅X Windows交通和获得的特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1060 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:
- 上一页的日期:(提案)集群RECENT-39 - 29的候选人
- 下一个按日期:(提案)集群RECENT-41 - 42的候选人
- Prev线程:(提案)集群RECENT-39 - 29的候选人
- 下一个线程:(提案)集群RECENT-41 - 42的候选人
- 指数(es):
