(日期:][下一个日期][线程:][线程下][日期索引][线程索引]
(提案)集群RECENT-42 - 37的候选人
- 来:cve-editorial-board-list@lists.mitre.org
- 主题(建议):集群RECENT-42 - 37的候选人
- 从:“史蒂文·m·Christey " <coley@linus.mitre.org>
- 日期-0500年:星期二,2000年11月28日22:32:18(美国东部时间)
- 交货日期:2000年11月28日22:32:23星期二
- 发送方:owner-cve-editorial-board-list@lists.mitre.org
下面的集群包含37个候选人宣布10月13日至10月25日,2000年。注意,投票网站将不会更新这个集群,直到周三的某个时候。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。如果你发现任何RECENT-XX集群是不完整的对过程中发现的问题相关的时间框架,请发送信息给我,这样候选人可以被指定。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。 So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2000-0818 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0818最终决定:阶段性裁决:修改:建议:20001129分配:20001013类别:科幻/ CF / MP / SA / /未知参考:国际空间站:20001025漏洞在Oracle侦听器程序参考:网址:http://xforce.iss.net/alerts/advise66.php参考:确认:http://otn.oracle.com/deploy/security/pdf/listener_alert.pdf的默认安装Oracle 7.3.4侦听器程序,8.0.6,8.1.6允许攻击者造成日志信息附加到任意文件,并通过设置TRC_FILE或执行命令设置LOG_FILE命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0818 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0884网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0884最终决定:阶段性裁决:修改:建议:20001129分配:20001019类别:科幻参考:BUGTRAQ: 20001017 IIS % c1 % 1 c远程命令执行参考:女士:ms00 - 078参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 078. - asp参考报价:1806 IIS 4.0和5.0允许远程攻击者读取文档的web根外,并可能执行任意命令,通过url包含UNICODE编码字符畸形,又名“web服务器文件夹遍历”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0884 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0915网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0915最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001002 (sa2c@and.or.jp: bin / 21704:启用fingerd使世界可读文件]参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0017.html参考:FREEBSD: FreeBSD-SA-00:54参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:54.fingerd.asc参考:报价:1803参考:网址:http://www.securityfocus.com/bid/1803参考:XF: freebsd-fingerd-files参考:网址:http://xforce.iss.net/static/5385.phpfingerd FreeBSD以下4.4.1允许远程攻击者读取任意文件通过指定目标文件的名字而不是普通用户的名字。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0915 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0966网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0966最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:惠普:hpsbux0010 - 125参考:网址:http://archives.neohapsis.com/archives/hp/2000-q4/0020.html参考:XF: hp-lpspooler-bo参考:网址:http://xforce.iss.net/static/5379.php缓冲区溢出的lpspooler文件集PrinterMgmt。LP-SPOOL hp - ux 11.0和更早的允许本地用户获得特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0966 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0970网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0970最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:女士:ms00 - 080参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 080. - asp参考:XF: session-cookie-remote-retrieval参考:网址:http://xforce.iss.net/static/5396.phpIIS 4.0和5.0 asp页面发送相同的会话ID cookie安全和不安全的web会话,这可能允许远程攻击者的安全web会话劫持用户,如果用户移动到一个不安全的会话,又名“会话ID cookie标记”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0970 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0973网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0973最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:DEBIAN: 20001013旋度和curl-ssl:远程利用参考:网址:http://www.debian.org/security/2000/20001013a参考:REDHAT: RHBA-2000:092-01参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html参考:报价:1804参考:网址:http://www.securityfocus.com/bid/1804参考:XF: curl-error-bo参考:网址:http://xforce.iss.net/static/5374.php缓冲区溢出的旋度比6.0 - -1.1,curl-ssl早于6.0 - -1.2,允许远程攻击者通过强制执行任意命令生成的错误消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0973 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0983网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0983最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001018拒绝服务攻击电脑运行微软网络会议参考:网址:http://www.securityfocus.com/archive/1/140341参考:女士:ms00 - 077参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 077. - asp参考:MSKB: Q273854参考:报价:1798参考:网址:http://www.securityfocus.com/bid/1798参考:XF: netmeeting-desktop-sharing-dos参考:网址:http://xforce.iss.net/static/5368.php微软网络会议与远程桌面共享启用允许远程攻击者造成拒绝服务(CPU利用率)通过网络会议的null字节序列端口,即“网络会议桌面共享”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0983 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0984网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0984最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:思科:20001025思科IOS HTTP服务器查询漏洞参考:网址:http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml参考:XF: cisco-ios-query-dos参考:网址:http://xforce.iss.net/static/5412.phpHTTP服务器在思科IOS 12.0 12.1允许本地用户造成拒绝服务(崩溃和重载)通过一个URL包含”?/”字符串。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0984 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0991网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0991最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:女士:ms00 - 079参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 079. - asp参考:报价:1815参考:网址:http://www.securityfocus.com/bid/1815参考:XF: win-hyperterminal-telnet-bo参考:网址:http://xforce.iss.net/static/5387.phpHilgraeve缓冲区溢出,Inc .超级终端客户在Windows 98,我,和2000年允许远程攻击者通过telnet长URL执行任意命令,又名“超级终端缓冲区溢出漏洞。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0991 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1040网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1040最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:DEBIAN: 20001014 nis:当地利用参考:网址:http://www.debian.org/security/2000/20001014参考:曼德拉草:MDKSA-2000:064参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 064. - php3?dis=7.1参考:SUSE: SuSE-SA: 2000:042参考:网址:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html参考:REDHAT: RHSA-2000:086-05参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 086 - 05. - html参考:火山口:综援- 2000 - 039.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 039.0.txt参考:BUGTRAQ: 20001025 Immunix OS的安全更新ypbind包参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0356.html参考:BUGTRAQ: 20001030 Trustix安全顾问——萍gnupg ypbind参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html参考:XF: ypbind-printf-format-string参考:网址:http://xforce.iss.net/static/5394.php参考:报价:1820参考:网址:http://www.securityfocus.com/bid/1820格式字符串漏洞ypbind 3.3的日志功能,以调试模式运行时,泄漏的文件描述符,允许攻击者造成拒绝服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1040 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1041网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1041最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:曼德拉草:MDKSA-2000:064参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 064. - php3?dis=7.1参考:SUSE: SuSE-SA: 2000:042参考:网址:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html参考:火山口:综援- 2000 - 039.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 039.0.txt缓冲区溢出ypbind 3.3可能允许攻击者获得根权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1041 1供应商确认:是的咨询包括:各种来源说一个溢出的存在,但它可能不是可利用的。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1044网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1044最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:SUSE: SuSE-SA: 2000:042参考:网址:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html参考:报价:1820参考:网址:http://www.securityfocus.com/bid/1820格式字符串漏洞在SuSE ypbind-mt SuSE - 6.2,可能还有其他Linux操作系统,允许攻击者获得根权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1044 1供应商确认:是的咨询参考:在ypbind各种操作系统供应商报告问题,但专门提到ypbind-mt SuSE是唯一一个。咨询似乎暗示这是一个原始YP功能的重写。抽象:有可能,这是相同的格式字符串问题ypserv / vsyslog问题描述的曼德拉草:MDKSA-2000:064。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1050网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1050最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:BUGTRAQ: 20001023阿莱尔的JRUN未经身份验证的访问- inf目录参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97236316510117&w=2参考:阿莱尔:asb00 - 027参考:网址:http://www.allaire.com/handlers/index.cfm?ID=17966&Method=Full参考:XF: allaire-jrun-webinf-access参考:网址:http://xforce.iss.net/static/5407.php阿莱尔JRun http servlet 3.0服务器允许远程攻击者通过一个URL请求直接访问web - inf目录包含一个额外的“/”开始的请求(又名“额外的削减”)。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1050 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1051网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1051最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:BUGTRAQ: 20001023阿莱尔JRUN 2.3任意文件检索引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97236692714978&w=2参考:阿莱尔:asb00 - 028参考:网址:http://www.allaire.com/handlers/index.cfm?ID=17968&Method=Full参考:XF: allaire-jrun-ssifilter-url参考:网址:http://xforce.iss.net/static/5405.php目录遍历脆弱阿莱尔JRun 2.3服务器允许远程攻击者通过SSIFilter servlet读取任意文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1051 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0810网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0810最终决定:阶段性裁决:修改:建议:20001129分配:20000926类别:科幻参考:BUGTRAQ: 20001016文件删除和其他缺陷在拍卖韦弗LITE 1.0 - 1.04参考:报价:1782拍卖韦弗1.0 1.04不正确验证表单字段的名称,它允许远程攻击者删除任意文件和目录通过. .(点点)攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0810 2供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0811网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0811最终决定:阶段性裁决:修改:建议:20001129分配:20000926类别:科幻参考:BUGTRAQ: 20001016文件删除和其他缺陷在拍卖韦弗LITE 1.0 - 1.04参考:报价:1783拍卖韦弗1.0到1.04允许远程攻击者读取任意文件通过一个. .(点点)攻击用户名或bidfile表单字段。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0811 2供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0968网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0968最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001016半衰期专用服务器漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html参考:BUGTRAQ: 20001024 Tamandua Sekure实验室安全咨询2000 - 01年参考:网址:http://www.securityfocus.com/archive/1/141060参考:BUGTRAQ: 20001027 Re:半衰期专用服务器补丁参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html参考:报价:1799参考:网址:http://www.securityfocus.com/bid/1799参考:XF: halflife-server-changelevel-bo参考:网址:http://xforce.iss.net/static/5375.php缓冲区溢出的半衰期专用服务器3104年建立之前允许远程攻击者通过长rcon命令执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0968 2供应商确认:是的跟踪似乎有冲突或重复Bugtraq报告。2文章中引用这个候选人似乎都描述一个rcon缓冲区溢出。后续的供应商没有提到changelevel命令结合缓冲区溢出。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0969网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0969最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001016半衰期专用服务器漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html参考:BUGTRAQ: 20001024 Tamandua Sekure实验室安全咨询2000 - 01年参考:网址:http://www.securityfocus.com/archive/1/141060参考:BUGTRAQ: 20001027 Re:半衰期专用服务器补丁参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html参考:XF: halflife-rcon-format-string参考:网址:http://xforce.iss.net/static/5413.php格式字符串漏洞在半衰期专用服务器构建3104年早些时候,允许远程攻击者执行任意命令通过注入格式字符串changelevel命令,通过系统控制台或rcon。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0969 2供应商确认:是的,跟踪供应商的跟踪表明,问题是在changelevel命令而不是rcon命令,所隐含的其他来源。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0981网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0981最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001023(核心SDI咨询)MySQL弱身份验证参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0318.html参考:确认:http://www.mysql.com/documentation/mysql/commented/manual.php?section=Security参考:XF: mysql-authentication参考:网址:http://xforce.iss.net/static/5409.phpMySQL数据库引擎使用弱身份验证方法泄漏信息,远程攻击者可以利用恢复密码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0981 2供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0990网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0990最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001016认证失败cmd5checkpw 0.21参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0258.html参考:确认:http://members.elysium.pl/brush/cmd5checkpw/changes.html参考:报价:1809参考:网址:http://www.securityfocus.com/bid/1809参考:XF: cmd5checkpw-qmail-bypass-authentication参考:网址:http://xforce.iss.net/static/5382.php0.21和更早的cmd5checkpw允许远程攻击者造成拒绝服务通过一个“SMTP AUTH”命令和一个未知的用户名。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0990 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1001网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1001最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 200024价格修改元素InstantShop引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97240616129614&w=2参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97267884631455&w=2add_2_basket。asp在元素InstantShop允许远程攻击者修改价格信息通过“价格”隐藏的表单变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1001 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1042网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1042最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:曼德拉草:MDKSA-2000:064参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 064. - php3?dis=7.1缓冲区溢出ypserv Mandrake Linux 7.1和更早的,可能还有其他Linux操作系统,允许攻击者获得根权限当构建ypserv没有vsyslog()函数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1042 2供应商确认:是的咨询参考:在ypbind各种操作系统供应商报告问题,但曼德拉草是唯一一个专门提到ypserv。有可能是其他供应商固定这ypserv问题但没有报告。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1043网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1043最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:曼德拉草:MDKSA-2000:064参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 064. - php3?dis=7.1格式字符串漏洞ypserv Mandrake Linux 7.1和更早的,可能还有其他Linux操作系统,允许攻击者获得根权限当构建ypserv没有vsyslog()函数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1043 2供应商确认:是的咨询参考:在ypbind各种操作系统供应商报告问题,但曼德拉草是唯一一个专门提到ypserv。有可能是其他供应商固定ypserv问题但没有报告。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0958网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0958最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001025 HotJava浏览器3.0 JavaScript安全漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0349.html参考:XF: hotjava-browser-dom-access参考:网址:http://xforce.iss.net/static/5428.phpHotJava浏览器3.0允许远程攻击者访问web页面的DOM通过打开一个javascript: URL在指定窗口。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0958 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0971网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0971最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001023 Avirt邮件4。x DoS参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0301.html参考:XF: avirt-mail-from-dos参考:网址:http://xforce.iss.net/static/5397.php参考:XF: avirt-rcpt-to-dos参考:网址:http://xforce.iss.net/static/5398.phpAvirt邮件4.0和4.2允许远程攻击者可能导致拒绝服务和执行任意命令通过一个长“收件人”或“邮件”命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0971 3供应商确认:未知大参考忽略内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0972网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0972最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:参考:BUGTRAQ: 20001020 (Hackerslab bug_paper] hp - ux crontab临时文件的符号链接漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0317.html参考:XF: hp-crontab-read-files参考:网址:http://xforce.iss.net/static/5410.phphp - ux 11.00 crontab允许本地用户读取任意文件通过- e选项创建一个符号链接到目标文件crontab会话期间,退出会话和阅读crontab生成的错误消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0972 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0986网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0986最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001020 (Hackerslab bug_paper] Linux甲骨文8.1.5脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0294.html参考:XF: oracle-home-bo参考:网址:http://xforce.iss.net/static/5390.php缓冲区溢出在Oracle 8.1.5应用,如名称、namesctl, onrsd, osslogin, tnslsnr tnsping trcasst, trcroute可能允许本地用户获得特权通过长ORACLE_HOME环境变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0986 3供应商确认:内容决定:SF-LOC, SF-EXEC抽象:多个二进制文件列出,但它是不确定如果这是一个图书馆的问题(在这种情况下,CD: SF-LOC建议将所有的二进制文件),或单独的缺陷在不同的程序(CD: SF-EXEC建议将二进制文件)。包含:当一个利用发布,它没有指定是否影响应用程序正在运行setuid / setgid溢出时发生,所以有可能这不是可利用的。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0987网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0987最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:XF: oracle-oidldap-bo参考:网址:http://xforce.iss.net/static/5401.php参考:BUGTRAQ: 20001018漏洞在Oracle互联网目录在Oracle 8.1.6参考:网址:http://www.securityfocus.com/archive/1/140340参考:BUGTRAQ: 20001020应对互联网发布10/18/2000漏洞在Oracle目录在Oracle 8.1.6参考:网址:http://www.securityfocus.com/archive/1/140709缓冲区溢出在甲骨文oidldapd 8.1.6允许本地用户权限通过“连接”命令行参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0987 3供应商确认:未知的后续内容决定:SF-LOC包含:而利用发布,它没有指定是否受影响的应用程序正在运行setuid / setgid溢出时发生,所以这是可能的,这不是可利用的。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0988网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0988最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001013 WinU后门密码! ! ! !参考网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0238.html参考:确认:http://www.bardon.com/pwdcrack.htm参考:报价:1801参考:网址:http://www.securityfocus.com/bid/1801参考:XF: winu-backdoor参考:网址:http://xforce.iss.net/static/5376.phpWinU 1.0到5.1有后门密码允许远程攻击者获得管理界面和修改配置。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0988 3供应商确认:对咨询内容的决定:CF-PASS确认:2000年10月20日发布的数据系统滑铲及时封后http://www.bardon.com/pwdcrack.htm:所使用的“紧急密码机制WinU 1.0到5.1,和1.0完全控制在2.6,妥协和出版。所有用户应立即升级到WinU 5.2或2.7完全控制是合适的。”投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0989网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0989最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:BUGTRAQ: 20001020 DoS在英特尔公司“InBusiness邮件站”参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0293.html参考:XF: intel-email-username-bo参考:网址:http://xforce.iss.net/static/5414.php缓冲区溢出在英特尔InBusiness邮件站1.04.87流行服务允许远程攻击者可能导致拒绝服务和执行命令通过一个用户名。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0989 3供应商确认:未知声称争端投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1007网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1007最终决定:阶段性裁决:修改:建议:20001129分配:20001124类别:科幻参考:NTBUGTRAQ: 20001025 I-gear 3.5。x为微软代理日志脆弱性+临时修复。参考网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0048.htmlI-gear 3.5.7早些时候不正确流程日志条目中超过255字符的URL时,攻击者可以导致报告错误。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1007 3供应商确认:未知声称投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1048网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1048最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:BUGTRAQ: 20001016温盖特4.1 Beta脆弱性引用:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0245.html参考:XF: wingate-view-files参考:网址:http://xforce.iss.net/static/5373.php在日志文件目录遍历漏洞的温盖特4.1 Beta早些时候,允许远程攻击者读取任意文件通过一个. .(点点)攻击通过一个HTTP GET请求,使用编码字符的URL。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1048 3供应商确认:内容决定:EX-BETA CD: EX-BETA并不适用,因为在最新版本的影响是一个beta版本,多个生产版本也受到影响。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1052网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1052最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:BUGTRAQ: 20001023阿莱尔JRUN 2.3任意文件检索引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97236692714978&w=2阿莱尔JRun 2.3服务器允许远程攻击者获得源代码可执行内容通过直接调用SSIFilter servlet。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1052 3供应商确认:对咨询内容的决定:SF-LOC这个问题会存在即使JRun 2.3没有目录遍历问题,因此CD: SF-LOC表明,这应该是单独记录。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1053网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1053最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:BUGTRAQ: 20001023阿莱尔JRUN 2.3远程命令执行参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97236125107957&w=2参考:阿莱尔:asb00 - 029参考:网址:http://www.allaire.com/handlers/index.cfm?ID=17969&Method=Full参考:XF: allaire-jrun-jsp-execute参考:网址:http://xforce.iss.net/static/5406.php阿莱尔JRun 2.3.3服务器允许远程攻击者编译和执行JSP代码插入它通过跨站点脚本攻击(CSS)和直接调用com.livesoftware.jrun.plugins。JSP servlet的JSP。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1053 3供应商确认:对咨询内容的决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1068网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1068最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:BUGTRAQ: 20001023 Re:调查v2.0 cgi(再次)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97236719315352&w=2pollit。cgi在调查2.0允许远程攻击者通过执行任意命令shell元字符的poll_options参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1068 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1069网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1069最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:BUGTRAQ: 20001023 Re:调查v2.0 cgi(再次)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97236719315352&w=2参考:XF: pollit-admin-password-var参考:网址:http://xforce.iss.net/static/5419.phppollit。2.01和更早的cgi在调查允许远程攻击者访问管理功能不知道真正的密码通过指定entered_password和admin_password参数相同的值。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1069 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1070网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1070最终决定:阶段性裁决:修改:建议:20001129分配:20001129类别:科幻参考:BUGTRAQ: 20001023 Re:调查v2.0 cgi(再次)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97236719315352&w=2pollit。cgi调查它2.01和更早的使用数据文件位于web文档根目录下,远程攻击者可以访问敏感或私人信息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1070 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:
- 上一页的日期:(提案)集群RECENT-41 - 42的候选人
- 下一个按日期:(提案)集群RECENT-43 - 40的候选人
- Prev线程:(提案)集群RECENT-41 - 42的候选人
- 下一个线程:(提案)集群RECENT-43 - 40的候选人
- 指数(es):
