(提案)集群44 - 28候选人

下面的集群包含28个候选人宣布10月18日至11月12日,2000年。注意,投票网站将不会更新这个集群,直到周三的某个时候。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。如果你发现任何RECENT-XX集群是不完整的对过程中发现的问题相关的时间框架,请发送信息给我,这样候选人可以被指定。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。 So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2000-1095 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1095最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001112 RedHat 7.0(和SuSE): modutils + netkit =根妥协。(fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html参考:SUSE: SuSE-SA: 2000:44参考:网址:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html参考:曼德拉草:MDKSA-2000:071参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 071 - 1. - php3?dis=7.1参考:REDHAT: RHSA-2000:108-05参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 108. - html参考:DEBIAN: 20001120 modutils:当地利用参考:网址:http://www.debian.org/security/2000/20001120参考:CONECTIVA: CLSA-2000:340参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000340参考:报价:1936参考:网址:http://www.securityfocus.com/bid/1936modprobe modutils 2.3。x包在Linux系统上通过允许本地用户执行任意命令shell元字符。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1095 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1149网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1149最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001108(核心SDI咨询)女士NT4.0终端服务器版吉娜缓冲区溢位参考:网址:http://www.securityfocus.com/archive/1/143991参考:女士:ms00 - 087参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 087. - asp参考:报价:1924参考:网址:http://www.securityfocus.com/bid/1924在RegAPI缓冲区溢出。DLL使用Windows NT 4.0终端服务器允许远程攻击者执行任意命令通过一个用户名,又名“终端服务器登录缓冲区溢出漏洞。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1149 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1125网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1125最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001104 Redhat 6.2恢复利用参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97336034309944&w=2参考:报价:1914参考:网址:http://www.securityfocus.com/bid/1914在Red Hat Linux 6.2早些时候恢复0.4去往b15和信托RSH环境变量所指定的路径名,它允许本地用户获得根权限通过修改RSH变量指向一个特洛伊木马程序。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1125 2供应商确认:是的抽象:转储程序也是影响(- 2000 - 1009)。CD: SF-EXEC建议这些问题结合成一个单一的候选人。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1131网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1131最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001110 hacksware gbook。cgi远程命令执行漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0144.html参考:报价:1940参考:网址:http://www.securityfocus.com/bid/1940比尔Kendrick网站留言板(GBook)允许远程攻击者通过执行任意命令shell元字符在_MAILTO表单变量中。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1131 2供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1140网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1140最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102捕人陷阱的追索权技术——命运咨询(11-01-00)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html参考:BUGTRAQ: 20001107供应商响应Re:捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html参考:报价:1908参考:网址:http://www.securityfocus.com/bid/1908追索权捕人陷阱1.6不适当隐藏进程从攻击者,这可能允许攻击者确定它们在蜜罐系统通过比较结果从杀死命令的过程清单/ proc文件系统。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1140 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1141网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1141最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102捕人陷阱的追索权技术——命运咨询(11-01-00)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html参考:BUGTRAQ: 20001107供应商响应Re:捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html参考:BUGTRAQ: 20001105捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97349791405580&w=2追索权捕人陷阱1.6修改内核,这样“…”没有出现在/ proc清单中,攻击者可以确定它们在蜜罐系统。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1141 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1142网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1142最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102捕人陷阱的追索权技术——命运咨询(11-01-00)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html参考:BUGTRAQ: 20001107供应商响应Re:捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html参考:BUGTRAQ: 20001105捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97349791405580&w=21.6追索权捕人陷阱生成一个错误当攻击者cd /proc/self/cwd和pwd命令,执行攻击者可以确定它们在蜜罐系统。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1142 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1143网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1143最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102捕人陷阱的追索权技术——命运咨询(11-01-00)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html参考:BUGTRAQ: 20001107供应商响应Re:捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html参考:BUGTRAQ: 20001105捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97349791405580&w=21.6追索权捕人陷阱隐藏了前4过程运行在Solaris系统中,攻击者可以确定它们在蜜罐系统。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1143 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1144网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1144最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102捕人陷阱的追索权技术——命运咨询(11-01-00)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html参考:BUGTRAQ: 20001107供应商响应Re:捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html参考:报价:1909参考:网址:http://www.securityfocus.com/bid/1909参考:BUGTRAQ: 20001105捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97349791405580&w=21.6追索权捕人陷阱设置chroot环境为了掩盖这一事实,它正在运行,但由此产生的“/”文件的inode号系统比正常高,攻击者可以确定他们在chroot环境中。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1144 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1145网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1145最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102捕人陷阱的追索权技术——命运咨询(11-01-00)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html参考:BUGTRAQ: 20001107供应商响应Re:捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html参考:BUGTRAQ: 20001105捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97349791405580&w=2追索权捕人陷阱1.6允许攻击者获得root访问使用工具如崩溃或fsdb /dev/mem和原始磁盘读取设备确定过程捕人陷阱或修改任意的数据文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1145 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1146网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1146最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102捕人陷阱的追索权技术——命运咨询(11-01-00)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html参考:BUGTRAQ: 20001107供应商响应Re:捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html参考:报价:1913参考:网址:http://www.securityfocus.com/bid/1913参考:BUGTRAQ: 20001105捕人陷阱咨询供应商跟踪-命运研究实验室参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97349791405580&w=2追索权捕人陷阱1.6允许攻击者造成拒绝服务通过一个命令序列导航的/proc/self目录并执行各种命令,如ls或pwd。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1146 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1148网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1148最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:CF参考:BUGTRAQ: 20001104文件系统访问+ VolanoChat = VChat admin (fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0072.html参考:BUGTRAQ: 20001106 Re:弗兰克-威廉姆斯:文件系统访问+ VolanoChat = VChat admin (fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0085.html参考:报价:1906参考:网址:http://www.securityfocus.com/bid/1906VolanoChatPro聊天服务器的安装设置全局权限配置文件和存储服务器管理员密码明文,它允许本地用户获得特权在服务器上。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1148 2供应商确认:是的跟踪投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1104网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1104最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:女士:ms00 - 060参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 060. - asp变体“IIS跨站点脚本漏洞的最初讨论女士:ms00 - 060(- 2000 - 0746)允许一个恶意网站运营商中嵌入脚本链接到一个可信的网站,没有引用返回的错误消息返回给客户机。然后客户端执行这些脚本在同一上下文作为受信任的网站。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1104 3供应商确认:对咨询内容的决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1105网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1105最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001110 IE 5。x Win2000索引服务漏洞参考:网址:http://www.securityfocus.com/archive/1/144270参考:WIN2KSEC: 20001110 IE 5。x Win2000索引服务漏洞参考:网址:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0074.html参考:报价:1933参考:网址:http://www.securityfocus.com/bid/1933ixsso。查询ActiveX对象标记为安全的脚本、恶意网站运营商可以嵌入一个远程脚本,它决定了存在的文件访问Windows 2000系统上启用索引服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1105 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1116网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1116最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:WIN2KSEC: 20001018 TransSoft代理FTP服务器3。x & 4。x远程DoS攻击漏洞参考:网址:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0041.html参考:XF: broker-ftp-username-dos参考:网址:http://xforce.iss.net/static/5388.php缓冲区溢出在TransSoft代理FTP服务器4.3.0.1允许远程攻击者可能导致拒绝服务和执行任意命令通过一个命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1116 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1127网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1127最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001108 hp - ux 10.20资源监控器服务引用:网址:http://www.securityfocus.com/archive/1/143845参考:报价:1919参考:网址:http://www.securityfocus.com/bid/1919注册在惠普资源监控器服务允许本地用户读取和修改任意文件,重命名原注册商。日志的日志文件,并创建一个符号链接到目标文件,注册附加日志信息和设置世界可读权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1127 3供应商确认:这可能是一样hpsbux0011 - 131;需要检查与惠普。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1128网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1128最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:CF参考:NTBUGTRAQ: 20001103特权利用标高和McAfee VirusScan 4.5参考:网址:http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0073.html参考:报价:1920参考:网址:http://www.securityfocus.com/bid/1920McAfee VirusScan 4.5的默认配置不引用ImagePath变量,而不当设置搜索路径,并允许本地用户一个特洛伊木马”常见的地方。exe”计划在C:\Program Files目录中。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1128 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1133网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1133最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001106 Authentix安全咨询参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97353881829760&w=2参考:BUGTRAQ: 20001107解释Authentix输入验证错误引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97362374200478&w=2参考:报价:1907参考:网址:http://www.securityfocus.com/bid/1907Authentix Authentix100允许远程攻击者绕过身份验证通过插入。(点)到一个受保护的目录的URL。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1133 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1134网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1134最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001028 tcsh:不安全tempfile在< <重定向参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html参考:BUGTRAQ: 20001130(副词/ EXP]: RH6。x从bash根/ tmp vuln +更多参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97561816504170&w=2参考:BUGTRAQ: 20001128 /bin/sh创建安全tmp文件参考:网址:http://www.securityfocus.com/archive/1/146657参考:DEBIAN: 20001111 tcsh:当地利用参考:网址:http://www.debian.org/security/2000/20001111a参考:曼德拉草:mdksa - 2000 - 069参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 069. - php3参考:FREEBSD: FreeBSD-SA-00:76参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc参考:CONECTIVA: CLSA-2000:354参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000354参考:火山口:综援- 2000 - 043.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 043.0.txt参考:火山口:综援- 2000 - 042.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2000 042.0.txt参考:REDHAT: RHSA-2000:117参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 117. - html参考:REDHAT: RHSA-2000:121参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 121. - html参考:曼德拉草:MDKSA-2000:075参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 075. - php3参考:报价:1926参考:网址:http://www.securityfocus.com/bid/1926参考:报价:2006参考:网址:http://www.securityfocus.com/bid/2006参考:CONECTIVA: CLA-2000:350参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000350tcsh, csh、sh和bash在各种Unix系统遵循符号链接在处理< <重定向(又名here文档或文档在这里),它允许本地用户覆盖其他用户的文件通过一个符号链接攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1134 3供应商确认:对咨询内容的决定:SF-CODEBASE, SF-EXEC如果tcsh csh bash来自同一个代码库,然后CD: SF-CODEBASE建议让他们在相同的条目。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1138网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1138最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001108 Lotus Notes R5客户——没有警告破签名或加密参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97370725220953&w=2参考:报价:1925参考:网址:http://www.securityfocus.com/bid/1925Lotus Notes客户机R5.0.5 R5和不适当的警告用户早些时候一个S / MIME邮件信息已被修改,这可能允许攻击者修改电子邮件在运输过程中不被检测到。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1138 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1147网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1147最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001103 IIS 19.95美元ASP黑客——IISHack 1.5参考:网址:http://www.securityfocus.com/archive/1/143070参考:报价:1911参考:网址:http://www.securityfocus.com/bid/1911缓冲区溢出在IIS ISAPI asp解析机制允许攻击者通过一个长字符串执行任意命令脚本标记的“语言”的论点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1147 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1156网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1156最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001108 StarOffice 5.2临时Dir脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0115.html参考:报价:1922参考:网址:http://www.securityfocus.com/bid/1922StarOffice 5.2遵循符号链接并设置为/ tmp / soffice全局权限。tmp目录,它允许本地用户阅读文件的用户使用StarOffice。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1156 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1157网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1157最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102远程利用缓冲区溢出奈的分布式嗅探器代理参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0038.html参考:报价:1901参考:网址:http://www.securityfocus.com/bid/1901缓冲区溢出在奈嗅探器代理允许远程攻击者执行任意命令通过一个长SNMP社区的名字。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1157 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1158网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1158最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102远程利用缓冲区溢出奈的分布式嗅探器代理参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0038.html奈嗅探剂使用base64编码进行身份验证,它允许攻击者轻易嗅探网络和用户名和密码进行解密。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1158 3供应商确认:内容决定:DESIGN-NO-ENCRYPTION投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1159网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1159最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102远程利用缓冲区溢出奈的分布式嗅探器代理参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0038.html参考:报价:1902参考:网址:http://www.securityfocus.com/bid/1902奈嗅探器代理允许远程攻击者获得特权在嗅探最初的UDP代理身份验证数据包和欺骗命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1159 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1160网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1160最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001102远程利用缓冲区溢出奈的分布式嗅探器代理参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0038.html参考:报价:1903参考:网址:http://www.securityfocus.com/bid/1903奈嗅探器代理允许远程攻击者造成拒绝服务(崩溃)通过发送大量的登录请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1160 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1172网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1172最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001110咨询:Gaim远程漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0204.html参考:报价:1948参考:网址:http://www.securityfocus.com/bid/1948缓冲区溢出在Gaim 0.10.3早些时候使用奥斯卡协议允许远程攻击者进行拒绝服务并可能执行任意命令通过一个漫长的HTML标签。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1172 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1176网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1176最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001107不安全输入balidation YaBB搜索。pl参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0110.html参考:报价:1921参考:网址:http://www.securityfocus.com/bid/1921目录遍历脆弱性YaBB搜索。pl CGI脚本允许远程攻击者读取任意文件通过一个. .(点点)攻击的“catsearch”表单字段。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1176 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论: