(日期:][日期下][线程:][线程下][日期索引][线程索引]
(提案)集群RECENT-47 - 27的候选人
- 来:cve-editorial-board-list@lists.mitre.org
- 主题(建议):集群RECENT-47 - 27的候选人
- 从:“史蒂文·m·Christey " <coley@linus.mitre.org>
- 日期:2000年12月19日,星期二17:11:58 -0500(美国东部时间)
- 交货日期:2000年12月19日17:12:02星期二
- 发送方:owner-cve-editorial-board-list@lists.mitre.org
下面的集群包含27个候选人宣布11月29日至12月13日,2000年。注意,投票网站将不会更新这个集群,直到周三的某个时候。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。如果你发现任何RECENT-XX集群是不完整的对过程中发现的问题相关的时间框架,请发送信息给我,这样候选人可以被指定。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。 So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2000-1039 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1039最终决定:阶段性裁决:修改:建议:20001219分配:20001128类别:科幻/ CF / MP / SA / /未知参考:BINDVIEW: 20001130 NAPTHA DoS漏洞参考:网址:http://razor.bindview.com/publish/advisories/adv_NAPTHA.html参考:WIN2KSEC: 20001204 NAPTHA咨询更新- BindView剃须刀参考:网址:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0105.html参考:CERT: ca - 2000 - 21参考:网址:http://www.cert.org/advisories/ca - 2000 - 21. - html参考:女士:ms00 - 091参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 091. - asp参考:报价:2022参考:网址:http://www.securityfocus.com/bid/2022各种TCP / IP栈和网络应用程序允许远程攻击者因洪水导致拒绝服务与TCP连接尝试和完成目标主机的TCP / IP握手没有攻击者主机上保持连接状态,又名“NAPTHA”类的漏洞。注意:这个候选人可能变化显著的安全社区讨论NAPTHA的技术性质和学习更多关于受影响的应用程序。这个候选人是比典型的CVE的更高层次的抽象。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1039 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1085网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1085最终决定:阶段性裁决:修改:建议:20001219分配:20001201类别:科幻/ CF / MP / SA / /未知参考:ATSTAKE: 20001201 SQL Server 2000扩展存储过程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97570884410184&w=2参考:女士:ms00 - 092参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 092. - asp参考:报价:2040参考:网址:http://www.securityfocus.com/bid/2040xp_peekqueue函数在Microsoft SQL Server 2000和SQL Server桌面引擎(MSDE)不适当的限制一个缓冲区的长度在调用srv_paraminfo函数扩展存储过程的SQL Server API (XP),它允许攻击者造成拒绝服务或执行任意命令,又名“扩展存储过程参数解析”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1085 1供应商确认:是的咨询抽象:CD: SF-LOC表明有单独的条目,一个用于每个缓冲区溢出在每个单独的“代码”。Thus xp_peekqueue, xp_printstatements, xp_proxiedmetadata, and xp_SetSQLSecurity should be separate. However, CD:SF-LOC is still under discussion by the Editorial Board, so these may be MERGED together. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-1086 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1086最终决定:阶段性裁决:修改:建议:20001219分配:20001201类别:科幻/ CF / MP / SA / /未知参考:ATSTAKE: 20001201 SQL Server 2000扩展存储过程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97570884410184&w=2参考:女士:ms00 - 092参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 092. - asp参考:报价:2041参考:网址:http://www.securityfocus.com/bid/2041xp_printstatements函数在Microsoft SQL Server 2000和SQL Server桌面引擎(MSDE)不适当的限制一个缓冲区的长度在调用srv_paraminfo函数扩展存储过程的SQL Server API (XP),它允许攻击者造成拒绝服务或执行任意命令,又名“扩展存储过程参数解析”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1086 1供应商确认:是的咨询抽象:CD: SF-LOC表明有单独的条目,一个用于每个缓冲区溢出在每个单独的“代码”。Thus xp_peekqueue, xp_printstatements, xp_proxiedmetadata, and xp_SetSQLSecurity should be separate. However, CD:SF-LOC is still under discussion by the Editorial Board, so these may be MERGED together. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-1087 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1087最终决定:阶段性裁决:修改:建议:20001219分配:20001201类别:科幻/ CF / MP / SA / /未知参考:ATSTAKE: 20001201 SQL Server 2000扩展存储过程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97570884410184&w=2参考:女士:ms00 - 092参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 092. - asp参考:报价:2042参考:网址:http://www.securityfocus.com/bid/2042xp_proxiedmetadata函数在Microsoft SQL Server 2000和SQL Server桌面引擎(MSDE)不适当的限制一个缓冲区的长度在调用srv_paraminfo函数扩展存储过程的SQL Server API (XP),它允许攻击者造成拒绝服务或执行任意命令,又名“扩展存储过程参数解析”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1087 1供应商确认:是的咨询抽象:CD: SF-LOC表明有单独的条目,一个用于每个缓冲区溢出在每个单独的“代码”。Thus xp_peekqueue, xp_printstatements, xp_proxiedmetadata, and xp_SetSQLSecurity should be separate. However, CD:SF-LOC is still under discussion by the Editorial Board, so these may be MERGED together. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-1088 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1088最终决定:阶段性裁决:修改:建议:20001219分配:20001201类别:科幻/ CF / MP / SA / /未知参考:ATSTAKE: 20001201 SQL Server 2000扩展存储过程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97570884410184&w=2参考:女士:ms00 - 092参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 092. - asp参考:报价:2043参考:网址:http://www.securityfocus.com/bid/2043xp_SetSQLSecurity函数在Microsoft SQL Server 2000和SQL Server桌面引擎(MSDE)不适当的限制一个缓冲区的长度在调用srv_paraminfo函数扩展存储过程的SQL Server API (XP),它允许攻击者造成拒绝服务或执行任意命令,又名“扩展存储过程参数解析”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1088 1供应商确认:是的咨询抽象:CD: SF-LOC表明有单独的条目,一个用于每个缓冲区溢出在每个单独的“代码”。Thus xp_peekqueue, xp_printstatements, xp_proxiedmetadata, and xp_SetSQLSecurity should be separate. However, CD:SF-LOC is still under discussion by the Editorial Board, so these may be MERGED together. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-1089 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1089最终决定:阶段性裁决:修改:建议:20001219分配:20001201类别:科幻参考:ATSTAKE: A120400-1参考:网址:http://www.stake.com/research/advisories/2000/a120400 - 1. - txt参考:女士:ms00 - 094参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 094. - asp参考:报价:2048参考:网址:http://www.securityfocus.com/bid/2048缓冲区溢出在电话簿微软服务允许本地用户执行任意命令,又名“电话簿服务缓冲区溢出”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1089 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1099网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1099最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:太阳:00199参考:网址:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/199&type=0&nav=sec.sba参考:惠普:hpsbux0011 - 132参考:网址:http://archives.neohapsis.com/archives/hp/2000-q4/0061.htmlJava运行时环境在Java开发工具包(JDK) 1.2.2_05早些时候,可以让一个不可信的Java类来调用一个不允许类,这可能允许攻击者逃避Java沙箱和开展未经授权的活动。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1099 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1135网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1135最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:DEBIAN: 20001130 dsa - 002 - 1 fsh:符号链接攻击参考:网址:http://www.debian.org/security/2000/20001130fshd (fsh守护进程)在Debian Linux允许本地用户覆盖文件的其他用户通过一个符号链接攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1135 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1137网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1137最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:DEBIAN: 20001129 dsa - 001 - 1艾德:符号链接攻击参考:网址:http://www.debian.org/security/2000/20001129参考:曼德拉草:MDKSA-2000:076参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 076. - php3参考:REDHAT: RHSA-2000:123-01参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 123. - html参考:BUGTRAQ: 20001211 Immunix ed GNU操作系统安全更新ed前0.2 - -18.1允许本地用户覆盖其他用户的文件通过一个符号链接攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1137 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1189网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1189最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:REDHAT: RHSA-2000:120参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 120. - html缓冲区溢出在Red Hat Linux pam_localuser PAM模块7。x和6。x允许攻击者获得特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1189 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1097网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1097最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001129 DoS Sonicwall SOHO防火墙参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0406.html参考:BUGTRAQ: 20001201弗兰克-威廉姆斯:SonicWALL SOHO脆弱性(fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0435.html参考:报价:2013参考:网址:http://www.securityfocus.com/bid/2013Sonicwall SOHO的web服务器防火墙允许远程攻击者造成拒绝服务通过一个长的用户名认证页面。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1097 2供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1098网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1098最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001201 Re: DoS Sonicwall SOHO防火墙参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0439.html参考:BUGTRAQ: 20001201弗兰克-威廉姆斯:SonicWALL SOHO脆弱性(fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0435.htmlSonicwall SOHO的web服务器防火墙允许远程攻击者通过空导致拒绝服务GET或POST请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1098 2供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1120网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1120最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001201固定本地AIX V43漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97569466809056&w=2参考:AIXAPAR: IY08143参考:AIXAPAR: IY08287参考:报价:2033参考:网址:http://www.securityfocus.com/bid/2033缓冲区溢出在消化命令在IBM AIX 4.3。x和早些时候允许本地用户执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1120 2供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1081网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1081最终决定:阶段性裁决:修改:建议:20001219分配:20001201类别:科幻/ CF / MP / SA / /未知参考:ATSTAKE: 20001201 Microsoft SQL Server扩展存储过程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97570878710037&w=2参考:女士:ms00 - 092参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 092. - asp参考:报价:2030参考:网址:http://www.securityfocus.com/bid/2030xp_displayparamstmt函数在SQL Server和Microsoft SQL Server桌面引擎(MSDE)不适当的限制一个缓冲区的长度在调用srv_paraminfo函数扩展存储过程的SQL Server API (XP),它允许攻击者造成拒绝服务或执行任意命令,又名“扩展存储过程参数解析”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1081 3供应商确认:对咨询内容的决定:SF-LOC抽象:CD: SF-LOC表明有单独的条目,一个用于每个缓冲区溢出在每个单独的“代码”。Thus xp_displayparamstmt, xp_enumresultset, xp_showcolv, and xp_showcolv should be separate. However, CD:SF-LOC is still under discussion by the Editorial Board, so these may be MERGED together. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-1082 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1082最终决定:阶段性裁决:修改:建议:20001219分配:20001201类别:科幻/ CF / MP / SA / /未知参考:ATSTAKE: 20001201 Microsoft SQL Server扩展存储过程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97570878710037&w=2参考:女士:ms00 - 092参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 092. - asp参考:报价:2031参考:网址:http://www.securityfocus.com/bid/2031xp_enumresultset函数在SQL Server和Microsoft SQL Server桌面引擎(MSDE)不适当的限制一个缓冲区的长度在调用srv_paraminfo函数扩展存储过程的SQL Server API (XP),它允许攻击者造成拒绝服务或执行任意命令,又名“扩展存储过程参数解析”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1082 3供应商确认:对咨询内容的决定:SF-LOC抽象:CD: SF-LOC表明有单独的条目,一个用于每个缓冲区溢出在每个单独的“代码”。Thus xp_displayparamstmt, xp_enumresultset, xp_showcolv, and xp_showcolv should be separate. However, CD:SF-LOC is still under discussion by the Editorial Board, so these may be MERGED together. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-1083 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1083最终决定:阶段性裁决:修改:建议:20001219分配:20001201类别:科幻/ CF / MP / SA / /未知参考:ATSTAKE: 20001201 Microsoft SQL Server扩展存储过程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97570878710037&w=2参考:女士:ms00 - 092参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 092. - asp参考:报价:2038参考:网址:http://www.securityfocus.com/bid/2038xp_showcolv函数在SQL Server和Microsoft SQL Server桌面引擎(MSDE)不适当的限制一个缓冲区的长度在调用srv_paraminfo函数扩展存储过程的SQL Server API (XP),它允许攻击者造成拒绝服务或执行任意命令,又名“扩展存储过程参数解析”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1083 3供应商确认:对咨询内容的决定:SF-LOC抽象:CD: SF-LOC表明有单独的条目,一个用于每个缓冲区溢出在每个单独的“代码”。Thus xp_displayparamstmt, xp_enumresultset, xp_showcolv, and xp_showcolv should be separate. However, CD:SF-LOC is still under discussion by the Editorial Board, so these may be MERGED together. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-1084 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1084最终决定:阶段性裁决:修改:建议:20001219分配:20001201类别:科幻/ CF / MP / SA / /未知参考:ATSTAKE: 20001201 Microsoft SQL Server扩展存储过程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97570878710037&w=2参考:女士:ms00 - 092参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 092. - asp参考:报价:2039参考:网址:http://www.securityfocus.com/bid/2039xp_updatecolvbm函数在SQL Server和Microsoft SQL Server桌面引擎(MSDE)不适当的限制一个缓冲区的长度在调用srv_paraminfo函数扩展存储过程的SQL Server API (XP),它允许攻击者造成拒绝服务或执行任意命令,又名“扩展存储过程参数解析”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1084 3供应商确认:对咨询内容的决定:SF-LOC抽象:CD: SF-LOC表明有单独的条目,一个用于每个缓冲区溢出在每个单独的“代码”。Thus xp_displayparamstmt, xp_enumresultset, xp_showcolv, and xp_showcolv should be separate. However, CD:SF-LOC is still under discussion by the Editorial Board, so these may be MERGED together. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2000-1092 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1092最终决定:阶段性裁决:修改:建议:20001219分配:20001211类别:科幻/ CF / MP / SA / AN / loadpage不明。cgi cgi程序在线商城3.0和2.0允许远程攻击者和读取文件列表在线商城数据目录中插入一个“/”前的“文件”的目标文件名参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1092 3供应商确认:未知的内容决定:SF-EXEC, SF-LOC抽象:一个非常类似的问题记录在- 2000 - 0187,但这是一个. .目录遍历问题。在这种情况下,似乎“…”被过滤,但这个项目不是限制哪些文件可以访问的数据目录(大概有一些HTML页面,* *应存储在数据加载目录)。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1093网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1093最终决定:阶段性裁决:修改:建议:20001219分配:20001212类别:科幻参考:ATSTAKE: A121200-1参考:网址:http://www.atstake.com/research/advisories/2000/a121200 - 1. - txt缓冲区溢出在AOL的即时通讯4.3.2229允许远程攻击者执行任意命令通过一个长长的“goim”命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1093 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1094网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1094最终决定:阶段性裁决:修改:建议:20001219分配:20001212类别:科幻/ CF / MP / SA / /未知参考:ATSTAKE: A121200-1参考:网址:http://www.atstake.com/research/advisories/2000/a121200 - 1. - txt缓冲区溢出在AOL的即时通讯4.3.2229允许远程攻击者通过“buddyicon”命令执行任意命令具有悠久“src”的论点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1094 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1100网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1100最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001130 PostACI邮箱脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-11/0433.html参考:报价:2029参考:网址:http://www.securityfocus.com/bid/2029的默认配置PostACI邮箱系统安装/包括全球。公司配置文件中的web根,它允许远程攻击者读取敏感信息如数据库用户名和密码通过直接的HTTP GET请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1100 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1111网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1111最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001129 Windows 2000 Telnet服务DoS引用:网址:http://www.securityfocus.com/archive/1/147914参考:报价:2018参考:网址:http://www.securityfocus.com/bid/2018为Windows 2000 Telnet服务专业不正常终止不完整的连接尝试,它允许远程攻击者造成拒绝服务通过连接到服务器并没有提供任何输入。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1111 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1119网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1119最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001201固定本地AIX V43漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97569466809056&w=2参考:报价:2032参考:网址:http://www.securityfocus.com/bid/2032缓冲区溢出在IBM AIX 4.3 setsenv命令。x和早些时候允许本地用户执行任意命令通过一个长“x =”的论点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1119 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1121网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1121最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001201固定本地AIX V43漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97569466809056&w=2参考:AIXAPAR: IY08143参考:AIXAPAR: IY08287参考:报价:2034参考:网址:http://www.securityfocus.com/bid/2034在询问命令缓冲区溢位IBM AIX 4.3。x和早些时候可能允许本地用户执行任意命令通过一个长- m的论点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1121 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1122网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1122最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001201固定本地AIX V43漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97569466809056&w=2参考:报价:2035参考:网址:http://www.securityfocus.com/bid/2035缓冲区溢出在IBM AIX 4.3 setclock命令。x和早些时候可能允许本地用户执行任意命令通过一个长期的观点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1122 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1123网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1123最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001201固定本地AIX V43漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97569466809056&w=2参考:AIXAPAR: IY12638参考:报价:2036参考:网址:http://www.securityfocus.com/bid/2036缓冲区溢出在IBM AIX 4.3 pioout命令。x和早些时候可能允许本地用户执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1123 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1124网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1124最终决定:阶段性裁决:修改:建议:20001219分配:20001214类别:科幻参考:BUGTRAQ: 20001201固定本地AIX V43漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97569466809056&w=2参考:AIXAPAR: IY12638参考:报价:2037参考:网址:http://www.securityfocus.com/bid/2037缓冲区溢出在IBM AIX 4.3 piobe命令。x允许本地用户获得特权通过环境变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1124 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:
- 上一页的日期:(提案)集群RECENT-46 - 23的候选人
- Prev线程:(提案)集群RECENT-46 - 23的候选人
- 指数(es):
