(提案)集群RECENT-49 - 33的候选人

下面的集群包含33个候选人之间宣布12月11日,2000年和2000年12月18日。通过修改这封邮件你可能投票的候选人投票,将它寄回给我,或通过使用CVE投票网站。这种集群的投票网站将更新今天晚些时候。新增编辑部也会通知他们的帐户信息。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。如果你发现任何RECENT-XX集群是不完整的对过程中发现的问题相关的时间框架,请发送信息给我,这样候选人可以被指定。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。 References help greatly during mapping. 3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes. So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2000-0896 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0896最终决定:阶段性裁决:修改:建议:20010202分配:20001114类别:科幻/ CF / MP / SA / /未知参考:国际空间站:20001214多个漏洞沃奇卫士SOHO防火墙参考:网址:http://xforce.iss.net/alerts/advise70.php参考:XF: watchguard-soho-fragmented-packets参考:网址:http://xforce.iss.net/static/5749.php参考:报价:2113参考:网址:http://www.securityfocus.com/bid/2113沃奇卫士SOHO防火墙允许远程攻击者造成拒绝服务通过大量分散的IP数据包,导致防火墙连接和停止转发数据包。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0896 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0026网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0026最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001211 DoS脆弱性rp-pppoe版本< = 2.4参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0134.html参考:CONECTIVA: CLA-2000:357参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000357参考:曼德拉草:MDKSA-2000:084参考:网址:http://www.linux mandrake.com/en/security/mdksa - 2000 - 084. - php3参考:REDHAT: RHSA-2000:130-05参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 130. - html参考:报价:2098参考:网址:http://www.securityfocus.com/bid/2098参考:XF: rppppoe-zero-length-dos参考:网址:http://xforce.iss.net/static/5727.phprp-pppoe PPPoE客户机允许远程攻击者通过夹海量存储系统(MSS)中引起拒绝服务选项和TCP数据包长度为零的TCP选项。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0026 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0028网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0028最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001211 (pkc)堆远程缓冲区溢出哦参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0127.html参考:FREEBSD: FreeBSD-SA-00:79参考:网址:http://archives.neohapsis.com/archives/freebsd/2000-12/0418.html参考:报价:2099参考:网址:http://www.securityfocus.com/bid/2099参考:XF: oops-ftputils-bo参考:网址:http://xforce.iss.net/static/5725.php缓冲区溢出的HTML解析代码哦WWW代理服务器1.5.2早些时候,允许远程攻击者执行任意命令通过大量的”(报价)字符。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0028 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0053网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0053最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:OPENBSD: 20001218参考:网址:http://www.openbsd.org/advisories/ftpd_replydirname.txt参考:NETBSD: NETBSD - sa2000 - 018参考:网址:ftp://ftp.netbsd.org/pub/netbsd/misc/security/advisories/netbsd sa2000 txt.asc——018.参考:BUGTRAQ: 20001218 Trustix安全顾问- ed, tcsh,和ftpd-BSD参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html参考:报价:2124参考:网址:http://www.securityfocus.com/bid/2124参考:XF: bsd-ftpd-replydirname-bo参考:网址:http://xforce.iss.net/static/5776.php1字节缓冲区溢出replydirname函数在bsd ftpd允许远程攻击者获得根权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0053 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0060网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0060最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001218 Stunnel格式错误引用:网址:http://www.securityfocus.com/archive/1/151719参考:REDHAT: RHSA-2000:129-02参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 129. - html参考:CONECTIVA: CLA-2000:363参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000363参考:BUGTRAQ: 20001209 Trustix安全顾问——stunnel参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0337.html参考:DEBIAN: 20001225 dsa - 009 - 1的stunnel:不安全的文件处理,格式字符串错误引用:网址:http://www.debian.org/security/2000/20001225a参考:XF: stunnel-format-logfile参考:网址:http://xforce.iss.net/static/5807.php参考:报价:2128参考:网址:http://www.securityfocus.com/bid/2128早些时候在stunnel 3.8和格式字符串漏洞允许攻击者执行任意命令通过一个畸形鉴别用户名。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0060 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0061网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0061最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:FREEBSD: FreeBSD-SA-00:77参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc参考:报价:2130参考:网址:http://www.securityfocus.com/bid/2130procfs在FreeBSD和可能的其他操作系统不适当限制每个进程的mem和ctl文件,它允许本地用户获得根权限通过分支子进程和执行特权进程的孩子,而家长保留访问孩子的地址空间。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0061 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0062网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0062最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:FREEBSD: FreeBSD-SA-00:77参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc参考:报价:2131参考:网址:http://www.securityfocus.com/bid/2131procfs在FreeBSD和可能的其他操作系统允许本地用户造成拒绝服务通过调用mmap过程的的mem文件,导致内核挂。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0062 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0063网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0063最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:FREEBSD: FreeBSD-SA-00:77参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:77.procfs.v1.1.asc参考:报价:2132参考:网址:http://www.securityfocus.com/bid/2132procfs在FreeBSD和可能的其他操作系统允许本地用户绕过访问控制限制监狱环境,获得更多的特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0063 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0080网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0080最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:思科:20001213 CISCO Catalyst SSH协议漏洞不匹配参考:网址:http://www.cisco.com/warp/public/707/catalyst-ssh-protocolmismatch-pub.shtml参考:XF: cisco-catalyst-ssh-mismatch参考:网址:http://xforce.iss.net/static/5760.phpCisco Catalyst 6000、5000或4000开关允许远程攻击者造成拒绝服务通过连接SSH服务non-SSH客户机,它生成一个协议不匹配错误。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0080 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0083网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0083最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:女士:ms00 - 097参考:网址:http://www.microsoft.com/technet/security/bulletin/ms00 - 097. - asp参考:MSKB: Q281256参考:XF: mediaservices-dropped-connection-dos参考:网址:http://xforce.iss.net/static/5785.phpWindows媒体单播服务在Windows媒体服务4.0和4.1不正确关闭某些类型的连接,产生内存泄漏,允许远程攻击者通过一系列导致拒绝服务切断连接,又名“切断了Windows媒体服务器连接”的弱点。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0083 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0105网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0105最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:惠普:hpsbux0012 - 134参考:网址:http://archives.neohapsis.com/archives/hp/2000-q4/0079.html参考:XF: hp-top-sys-files参考:网址:http://xforce.iss.net/static/5773.php早些时候在hp - ux 11.04和漏洞允许本地用户覆盖文件属于“sys”组。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0105 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0894网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0894最终决定:阶段性裁决:修改:建议:20010202分配:20001114类别:科幻/ CF / MP / SA / /未知参考:国际空间站:20001214多个漏洞沃奇卫士SOHO防火墙参考:网址:http://xforce.iss.net/alerts/advise70.php沃奇卫士SOHO HTTP服务器防火墙不适当限制访问管理功能,如密码重置或重新启动,它允许攻击者造成拒绝服务或进行未经授权的活动。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0894 2供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0895网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0895最终决定:阶段性裁决:修改:建议:20010202分配:20001114类别:科幻/ CF / MP / SA / /未知参考:国际空间站:20001214多个漏洞沃奇卫士SOHO防火墙参考:网址:http://xforce.iss.net/alerts/advise70.php参考:报价:2114参考:网址:http://www.securityfocus.com/bid/2114缓冲区溢出在HTTP服务器沃奇卫士SOHO防火墙允许远程攻击者可能导致拒绝服务和执行任意命令通过一个GET请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 0895 2供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0059网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0059最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001218 Solaris patchadd(1)(3)符号链接vulnerabilty参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97720205217707&w=2参考:报价:2127参考:网址:http://www.securityfocus.com/bid/2127参考:XF: solaris-patchadd-symlink参考:网址:http://xforce.iss.net/static/5789.phppatchadd在Solaris中允许本地用户覆盖任意文件通过一个符号链接攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0059 2供应商确认:是的跟踪一些后续暗示这是ksh < <问题,但另一个跟踪包括实际代码的一部分,不依靠ksh。因此这是一个单独的脆弱性。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0081网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0081最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001212 nCipher公司安全顾问:操作员卡竟可参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0152.html参考:确认:http://active.ncipher.com/updates/advisory.txtswinit nCipher公司并不正确禁用操作员卡由用户显式地设置恢复功能,即使残疾,这可能允许攻击者访问应用程序键。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0081 2供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1090网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1090最终决定:阶段性裁决:修改:建议:20010202分配:20001211类别:科幻参考:MISC:http://www.nsfocus.com/english/homepage/sa_08.htm参考:报价:2100参考:网址:http://www.securityfocus.com/bid/2100参考:XF: microsoft-iis-file-disclosure参考:网址:http://xforce.iss.net/static/5729.phpMicrosoft IIS远东版本4.0和5.0允许远程攻击者读取源代码解析页面通过一个畸形的URL使用lead-byte双字节字符。分析- - - - - - - - - - - - - - - - - ED_PRI - 2000 - 1090 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0022网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0022最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: simplestmail 20001213 Re:不安全的输入验证。cgi参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0168.html参考:报价:2106参考:网址:http://www.securityfocus.com/bid/2106参考:XF: http-cgi-simplestguest参考:网址:http://xforce.iss.net/static/5743.phpsimplestguest。cgi cgi程序通过列夫赖特允许远程攻击者执行任意命令通过shell元字符的留言板参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0022 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0023网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0023最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:在everythingform BUGTRAQ: 20001211不安全的输入验证。cgi(远程命令执行)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0137.html参考:报价:2101参考:网址:http://www.securityfocus.com/bid/2101参考:XF: http-cgi-everythingform参考:网址:http://xforce.iss.net/static/5736.phpeverythingform。cgi cgi程序通过列夫赖特允许远程攻击者执行任意命令通过shell元字符的配置参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0023 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0024网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0024最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:在simplestmail BUGTRAQ: 20001211不安全的输入验证。cgi(远程命令执行)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0136.html参考:报价:2102参考:网址:http://www.securityfocus.com/bid/2102参考:XF: http-cgi-simplestmail参考:网址:http://xforce.iss.net/static/5739.phpsimplestmail。cgi cgi程序通过列夫赖特允许远程攻击者执行任意命令通过shell元字符MyEmail参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0024 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0025网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0025最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:在广告BUGTRAQ: 20001211不安全的输入验证。cgi参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0143.html参考:报价:2103参考:网址:http://www.securityfocus.com/bid/2103参考:XF: http-cgi-ad参考:网址:http://xforce.iss.net/static/5741.php广告。cgi cgi程序由列夫赖特允许远程攻击者通过shell元字符在文件执行任意命令参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0025 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0027网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0027最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001211 mod_sqlpw密码缓存错误引用:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0139.html参考:XF: proftpd-modsqlpw-unauth-access参考:网址:http://xforce.iss.net/static/5737.phpmod_sqlpw模块ProFTPD不重置缓存密码当用户使用“用户”命令来更改账户,它允许经过身份验证的攻击者获得其他用户的权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0027 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0029网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0029最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001212 Re:堆(pkc)远程缓冲区溢出哦参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0158.html参考:报价:2099参考:网址:http://www.securityfocus.com/bid/2099参考:MISC:http://zipper.paco.net/ igor /哦/更新日志缓冲区溢出的哦WWW代理服务器1.4.6(可能还有其他版本)允许远程攻击者执行任意命令通过一个长主机或域名获得反向DNS查找。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0029 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0065网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0065最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001213潜在的缓冲区溢出漏洞在bftpd-1.0.13参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0189.html参考:XF: bftpd-site-chown-bo参考:网址:http://xforce.iss.net/static/5775.php缓冲区溢出在bftpd 1.0.13允许远程攻击者可能导致拒绝服务和通过长网站乔恩命令执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0065 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0067网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0067最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:CF参考:BUGTRAQ: 20001214 J-Pilot权限漏洞参考:网址:http://www.securityfocus.com/templates/archive.pike?mid=150957&end=2001-02-03&fromthread=1&start=2001-01-28&threads=0&list=1&;参考:曼德拉草:MDKSA-2000:081参考:网址:http://www.linux mandrake.com/en/security/2000/mdksa - 2000 - 081. - php3参考:XF: jpilot-perms参考:网址:http://xforce.iss.net/static/5762.php安装J-Pilot创建与用户的umask .jpilot目录,可以让本地攻击者读取其他用户的PalmOS如果他们的umask不安全地备份信息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0067 3供应商确认:是的咨询内容决定:CF-PERMS包含:这只是高聚合度的实例脆弱/曝光“用户有一个不安全的umask ?”There was a long debate about this on Bugtraq. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-0068 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0068最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001215安全漏洞MRJ 2.2.3 (Mac OS Java运行时)不一致的使用代码库和存档属性-参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0241.html参考:XF: mrj-runtime-malicious-applets参考:网址:http://xforce.iss.net/static/5784.phpMac OS Java运行时(MRJ) 2.2.3允许远程攻击者使用恶意applet阅读代码的上下文之外的文件通过归档applet参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0068 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0077网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0077最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:参考:BUGTRAQ: 20001212太阳集群2中两个洞。x参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0180.html太阳clustmon服务集群2。x不需要身份验证,它允许远程攻击者获取敏感信息,比如系统日志和集群配置。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0077 3供应商确认:内容决定:DESIGN-NO-AUTH投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0078网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0078最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001212太阳集群2中两个洞。x参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0180.html在。蒙德在集群太阳2。x允许本地用户读取任意文件通过一个符号链接攻击状态文件运行HA-NFS的主机。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0078 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0079网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0079最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001213 STM符号链接漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0174.html支持工具经理(STM) A.22.00 hp - ux允许本地用户覆盖通过符号链接攻击tool_stat任意文件。三种日志文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0079 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0082网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0082最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001218防火墙1 Fastmode脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0271.html检查VPN-1 /防火墙1 4.1 SP2启用了Fastmode允许远程攻击者绕过访问限制通过畸形、支离破碎的数据包。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0082 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0086网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0086最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001212安全顾问:订阅我Lite Unix 1.0 - 2.0或1.0 - 2.0元,低于。参考网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0160.html参考:报价:2108参考:网址:http://www.securityfocus.com/bid/2108参考:XF: subscribemelite-gain-admin-access参考:网址:http://xforce.iss.net/static/5735.php2.0和更早的CGI脚本中心订阅我LITE允许远程攻击者删除任意邮件列表用户没有身份验证通过直接调用订阅。pl与目标地址作为参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0086 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0095网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0095最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:成员BUGTRAQ: 20001218猫文件痛击脆弱性Solaris 2。x参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-12/0313.html参考:XF: solaris-catman-symlink参考:网址:http://xforce.iss.net/static/5788.phpcatman Solaris 2.7和2.8允许本地用户覆盖任意文件通过一个符号链接攻击sman_PID临时文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0095 3供应商确认:未知discloser-claimed可以- 1999 - 0370确定成员人与猫的符号链接漏洞,但受影响的版本包括2.7,这斑驳的阳光。所以,这可能是一个不同的弱点。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0103网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0103最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:报价:2107参考:网址:http://www.securityfocus.com/bid/2107参考:XF: coffeecup-ftp-weak-encryption参考:网址:http://xforce.iss.net/static/5744.phpCoffeeCup直接和免费的FTP客户端使用FTPServers弱加密存储的密码。ini文件,它可以让攻击者轻易解密密码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0103 3供应商确认:内容决定:DESIGN-WEAK-ENCRYPTION投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0104网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0104最终决定:阶段性裁决:修改:建议:20010202分配:20010201类别:科幻参考:BUGTRAQ: 20001214绕过MDaemon 3.5.1“锁服务器”保护参考:网址:http://www.securityfocus.com/archive/1/151156参考:报价:2115参考:网址:http://www.securityfocus.com/bid/2115参考:XF: mdaemon-lock-bypass-password参考:网址:http://xforce.iss.net/static/5763.phpMDaemon Pro 3.5.1早些时候,允许本地用户绕过安全“锁服务器”设置密码提示按下取消按钮,然后按下enter键。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 0104 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论: