(提案)集群misc - 2001 - 001 - 45的候选人

我提出集群misc - 2001 - 001,供编辑部评论和投票。名称:Misc - 2001 - 001描述:混杂。候选人宣布与1/19/2001 6/30/2001尺寸:45通过修改这封邮件你可能投票的候选人投票,将它寄回给我,或通过使用CVE投票网站。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出的等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。 So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-1246 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1246最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010630 php休息安全模式参考:网址:http://online.securityfocus.com/archive/1/194425参考:报价:2954参考:网址:http://online.securityfocus.com/bid/2954参考:XF: php-safemode-elevate-privileges(6787)参考:网址:http://www.iss.net/security_center/static/6787.php参考:确认:http://www.php.net/do_download.php?download_file=php-4.1.2.tar.gzPHP通过4.1.0你安全模式不正确清洁第五参数邮件()函数,它允许本地用户和远程攻击者通过shell元字符执行任意命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1246 1供应商确认:是的、确认:php-4.1.2来源,新闻文件,2001年12月10日,版本4.1.0状态:“固定一个bug,允许用户万博下载包生成过程在使用5参数邮件()”The 5th param to mail was added in version 4.0.5. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1247 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1247最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010630 php休息安全模式参考:网址:http://online.securityfocus.com/archive/1/194425参考:确认:http://www.php.net/do_download.php?download_file=php-4.1.2.tar.gzPHP 4.0.4pl1和你在安全模式允许远程攻击者读取和写入文件由web服务器UID通过上传一个PHP脚本,该脚本使用error_log函数来访问这些文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1247 1供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1276网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1276最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010621 ispell更新——Immunix OS 6.2参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=99317439131174&w=2参考:IMMUNIX: imnx - 2001 - 62 - 004 - 01参考:网址:http://download.immunix.org/immunixos/6.2/updates/imnx - 2001 - 62 - 004 - 01参考:曼德拉草:MDKSA-2001:058参考:网址:http://www.linux mandrake.com/en/security/2001/mdksa - 2001 - 058. - php3参考:REDHAT: RHSA-2001:074参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 074. - htmlispell 3.1.20之前允许本地用户覆盖文件的其他用户通过一个符号链接攻击一个临时文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1276 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1277网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1277最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010611人1.5 h10 + 1.5我利用参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=99227597227747&w=2参考:REDHAT: RHSA-2001:072参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 072. - html参考:MISC:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=41805makewhatis前男人包1.5 i2允许攻击者与人特权覆盖任意文件通过一个页面的名字包含shell元字符。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1277 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1322网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1322最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:REDHAT: RHSA-2001:075参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 075. - html参考:DEBIAN: dsa - 063参考:网址:http://www.debian.org/security/2001/dsa - 063参考:ENGARDE: esa - 20010621 - 01参考:网址:http://www.linuxsecurity.com/advisories/other_advisory - 1469. - html参考:FREEBSD: FreeBSD-SA-01:47参考:网址:http://online.securityfocus.com/advisories/3446参考:SUSE: SuSE-SA: 2001:022参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=99384417013990&w=2参考:CONECTIVA: CLA-2001:404参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000404参考:曼德拉草:MDKSA-2001:055参考:网址:http://www.linux mandrake.com/en/security/2001/mdksa - 2001 - 055. - php3参考:IMMUNIX: imnx - 2001 - 70 - 024 - 01参考:网址:http://download.immunix.org/immunixos/7.0/updates/imnx - 2001 - 70 - 024 - 01参考:XF: xinetd-insecure-permissions(6657)参考:网址:http://www.iss.net/security_center/static/6657.php参考:报价:2826参考:网址:http://online.securityfocus.com/bid/2826xinetd 2.1.8运行默认umask 0的早些时候,这可能允许本地用户读取或修改的文件是由运行的应用程序在xinetd但不umask设置自己的安全。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1322 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1324网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1324最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:确认:http://multivac.cwru.edu/idtools/admin_idtools.tar.bz2参考:MISC:http://securitytracker.com/alerts/2001/Jun/1001839.html参考:报价:2934参考:网址:http://www.securityfocus.com/bid/2934cvmlogin和statfile保罗Jarc idtools 2001.06.27之前不正确检查pathexec_env函数调用的返回值,这可能导致设置状态效用setuid UID环境变量,允许本地用户获得特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1324 1供应商确认:是的确认:更改文件的分布idtools过时2001.06.27包含一个条目,其中国家“从pathexec_env检查内存分配失败。”投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1327网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1327最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:涡轮:TLSA2001024参考:网址:http://www.turbolinux.com/pipermail/tl-security-announce/2001-May/000313.htmlpmake 2.1.35拓林思6.05和更早之前安装setuid root特权,这可能允许本地用户权限通过利用漏洞pmake或pmake所使用的程序。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1327 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1328网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1328最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:参考:CIAC: l - 103参考:AUSCERT: aa - 2001.03参考:网址:ftp://ftp.auscert.org.au/pub/auscert/advisory/aa - 2001.03参考:太阳:00203参考:XF: solaris-ypbind-bo(6828)缓冲区溢出ypbind守护进程在Solaris 5.4通过8允许远程攻击者执行任意代码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1328 1供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1331网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1331最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:确认:http://online.securityfocus.com/advisories/3307参考:DEBIAN: dsa - 056参考:网址:http://www.debian.org/security/2001/dsa - 056参考:报价:2720参考:网址:http://online.securityfocus.com/bid/2720mandb 2.3.16-3前man-db包允许本地用户覆盖任意文件通过命令行选项- u(1)或(2)- c,不放弃特权和遵循符号链接。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1331 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1334网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1334最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010515 PHPSlash:潜在的脆弱性在URL块参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-05/0126.html参考:确认:http://marc.theaimsgroup.com/?l=phpslash&m=99029398904419&w=2参考:报价:2724参考:网址:http://online.securityfocus.com/bid/2724Block_render_url。类PHPSlash 0.6.1 PHPSlash管理员权限允许远程攻击者读取任意文件通过创建一个块并指定目标文件作为源URL。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1334 1供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1342网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1342最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010412 Apache Win32 8192字符的字符串错误引用:网址:http://online.securityfocus.com/archive/1/176144参考:BUGTRAQ: 20010522(宣布)Apache 1.3.20发布参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=99054258728748&w=2参考:确认:http://bugs.apache.org/index.cgi/full/7522参考:XF: apache-server-dos(6527)参考:网址:http://www.iss.net/security_center/static/6527.php参考:报价:2740参考:网址:http://online.securityfocus.com/bid/2740Apache在1.3.20 Windows和OS / 2系统允许远程攻击者造成拒绝服务(崩溃)通过一个HTTP请求的URI包含大量的/(削减)或其他字符,导致某些功能间接引用一个空指针。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1342 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1345网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1345最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010604的致命缺陷BestCrypt < = v0.7 (Linux)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-06/0005.html参考:确认:http://www.jetico.com/index.htm / linux.htm参考:XF: bestcrypt-bctool-gain-privileges(6648)参考:网址:http://xforce.iss.net/static/6648.php参考:报价:2820参考:网址:http://www.securityfocus.com/bid/2820在Jetico bctool BestCrypt 0.7和更早的信任的用户提供路径找到并执行fsck实用程序,它允许本地用户获得特权通过修改路径指向一个特洛伊木马程序。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1345 1供应商确认:是的、确认:0.8版本的更改日志包含一个条目2,6月04 - - 2001年州“根访问错误固定”和信用问题Bugtraq报道的人。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1349网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1349最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BINDVIEW: 20010528不安全信号处理在Sendmail参考:网址:http://razor.bindview.com/publish/advisories/adv_sm8120.html参考:BUGTRAQ: 20010529 sendmail 8.11.4 8.12.0。Beta10可用(fwd)参考:网址:http://www.securityfocus.com/archive/1/187127参考:确认:http://archives.neohapsis.com/archives/sendmail/2001-q2/0001.html参考:报价:2794参考:网址:http://www.securityfocus.com/bid/2794在8.11.4 Sendmail, 8.12.0 8.12.0之前。Beta10,允许本地用户可能导致拒绝服务和腐败的堆和获得特权通过信号处理程序的竞态条件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1349 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1229网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1229最终决定:阶段性裁决:修改:建议:20020502分配:20020416类别:科幻参考:BUGTRAQ: 20010312 Icecast / Libshout远程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=98438880622976&w=2参考:确认:http://www.xiph.org/archives/icecast/0074.html参考:CONECTIVA: CLA-2001:387参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000387参考:REDHAT: RHSA-2002:063参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 063. - html缓冲区溢出(1)Icecast之前就开始前(2)libshout 1.0.4允许远程攻击者造成拒绝服务(崩溃)和执行任意代码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1229 3供应商确认:对咨询内容的决定:模糊,SF-CODEBASE, SF-LOC抽象:CD: SF-LOC建议创建单独的项目相同类型的问题,如果问题出现在一个版本,而不是另一个。因此,固定的缓冲区溢出就在1.3.10分开那些固定。自从Icecast和libshout都来自同一个供应商,很可能他们共享一个公共代码库,所以他们的总和。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1230网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1230最终决定:阶段性裁决:修改:建议:20020502分配:20020416类别:科幻参考:BUGTRAQ: 20010313更多Icecast远程漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=98455723123298&w=2参考:DEBIAN: dsa - 089参考:网址:http://www.debian.org/security/2001/dsa - 089参考:REDHAT: RHSA-2002:063参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 063. - html缓冲区溢出在Icecast 1.3.10允许远程攻击者造成拒绝服务(崩溃)和执行任意代码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1230 3供应商确认:对咨询内容的决定:模糊,SF-LOC抽象:CD: SF-LOC建议创建单独的项目相同类型的问题,如果问题出现在一个版本,而不是另一个。因此,固定的缓冲区溢出就在1.3.10分开那些固定。目前尚不清楚CONECTIVA: CLA-2001:387修复这个问题因为它发布补丁版本就开始,所以不包括参考。顾问约翰•Viega学分,但几天前他说其他问题(可以- 2001 - 1229)。自从Conectiva咨询发布新的1.3.10版本宣布之前,它可能不是就开始解决问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1239网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1239最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:报价:2992参考:网址:http://online.securityfocus.com/bid/2992第九PowerNet允许远程攻击者通过端口扫描引起拒绝服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1239 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1248网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1248最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:新vulns科幻参考:BUGTRAQ: 20010629 4。vWebServer和SmallHTTP参考:网址:http://online.securityfocus.com/archive/1/194418参考:报价:2975参考:网址:http://online.securityfocus.com/bid/2975参考:XF: vwebserver-asp-reveal-source(6769)参考:网址:http://www.iss.net/security_center/static/6769.phpvWebServer 1.2.0允许远程攻击者查看任意ASP脚本通过请求ASP脚本,以一个url编码的空格字符(% 20)。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1248 3供应商确认:未知discloser-claimed内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1249网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1249最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:新vulns科幻参考:BUGTRAQ: 20010629 4。vWebServer和SmallHTTP参考:网址:http://online.securityfocus.com/archive/1/194418参考:报价:2978参考:网址:http://online.securityfocus.com/bid/2978vWebServer 1.2.0允许远程攻击者造成拒绝服务通过一个URL包含ms - dos的设备名称。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1249 3供应商确认:未知discloser-claimed内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1250网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1250最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:新vulns科幻参考:BUGTRAQ: 20010629 4。vWebServer和SmallHTTP参考:网址:http://online.securityfocus.com/archive/1/194418参考:报价:2979参考:网址:http://online.securityfocus.com/bid/2979参考:XF: vwebserver-long-url-dos(6771)参考:网址:http://www.iss.net/security_center/static/6771.phpvWebServer 1.2.0允许远程攻击者造成拒绝服务(挂)通过少量的长URL请求,可能由于缓冲区溢出。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1250 3供应商确认:未知discloser-claimed内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1251网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1251最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:新vulns科幻参考:BUGTRAQ: 20010629 4。vWebServer和SmallHTTP参考:网址:http://online.securityfocus.com/archive/1/194418参考:报价:2980参考:网址:http://online.securityfocus.com/bid/2980参考:XF: vwebserver-long-url-dos(6771)参考:网址:http://www.iss.net/security_center/static/6771.phpSmallHTTP 1.204到3.00 beta 8日允许远程攻击者通过多个长URL请求导致拒绝服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1251 3供应商确认:未知discloser-claimed大参考声称“所有版本脆弱”但只有清单2所示。x和3。x,而不是1. x。列出的最低版本(1.204)和最高版本的发布日期(3.00 beta 8)被选择。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1256网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1256最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010604另一个符号链接的追随者参考:网址:http://www.securityfocus.com/archive/1/188568参考:CERT-VN: VU # 127435参考:网址:http://www.kb.cert.org/vuls/id/127435参考:CIAC: l - 093参考:网址:http://ciac.llnl.gov/ciac/bulletins/l - 093. shtml参考:惠普:hpsbux0106 - 153参考:网址:http://online.securityfocus.com/advisories/3354参考:确认:http://www.kb.cert.org/vuls/id/TJSL-4Z5Q92参考:XF: hpux-kmmodreg-symlink(6656)参考:网址:http://xforce.iss.net/static/6656.php参考:报价:2821参考:网址:http://www.securityfocus.com/bid/2821kmmodreg在hp - ux 11.11、11.04和11.00允许本地用户创建任意对外公开文件通过一个符号链接(1)/ tmp /攻击。kmmodreg_lock和(2)/ tmp / kmpath。tmp临时文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1256 3供应商确认:对咨询内容的决定:SF-LOC,模糊的惠普:hpsbux0106 - 153写的太模糊,没有足够的细节绝对肯定它是解决同样的问题。然而,CERT VU # 127435包括一个供应商声明,就是咨询的文本。CERT VU引用出价:2821年,进而Bugtraq邮报引用。因此我们从惠普终于有一个链接:hpsbux0106 - 153最初的声明……尽管惠普:hpsbux0106 - 153没有引用CERT VU或任何其他的标识符,这只能被视为结论性的分析如果CERT获得直接从惠普的声明。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1263网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1263最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010606咨询的编译指示Interaccess参考:网址:http://online.securityfocus.com/archive/1/189327参考:报价:2834参考:网址:http://online.securityfocus.com/bid/2834参考:XF: pragma-interaccess-dos(6658)参考:网址:http://xforce.iss.net/static/6658.phptelnet95。exe在编译指示InterAccess 4.0构建5允许远程攻击者造成拒绝服务(崩溃)通过大量的字符端口23日可能由于缓冲区溢出。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1263 3供应商确认:未知投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1273网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1273最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:CIAC: l - 045参考:网址:http://ciac.llnl.gov/ciac/bulletins/l - 045. shtml参考:REDHAT: RHSA-2001:013参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 013. - htmlmxcsr P4的脆弱性在Linux内核中2.2.17-14之前,某些英特尔cpu上运行时,允许本地用户造成拒绝服务(死机)。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1273 3供应商确认:对咨询内容的决定:模糊的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1274网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1274最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010119 Re: MySQL溢出+利用[行动. .发送破碎的利用P):参考:BUGTRAQ: 20010118缓冲区溢出在MySQL < 3.23.31参考:BUGTRAQ: 20010119 Re: MySQL < 3.23.31溢出[开发]参考:DEBIAN: dsa - 013参考:网址:http://www.debian.org/security/2001/dsa - 013参考:火山口:综援- 2001 - 006.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2001 006.0.txt参考:CONECTIVA: CLA-2001:375参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000375参考:FREEBSD: FreeBSD-SA-01:16参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=98089552030459&w=2参考:确认:http://www.mysql.com/documentation/mysql/bychapter/manual_万博下载包News.html News-3.23.3参考:曼德拉草:MDKSA-2001:014参考:网址:http://www.linux mandrake.com/en/security/2001/mdksa - 2001 - 014. - php3参考:REDHAT: RHSA-2001:003参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 003. - html缓冲区溢出在MySQL 3.23.31允许攻击者造成拒绝服务和可能获得的特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1274 3供应商确认:对咨询内容的决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1275网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1275最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:火山口:综援- 2001 - 006.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2001 006.0.txt参考:FREEBSD: FreeBSD-SA-01:16参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=98089552030459&w=2参考:曼德拉草:MDKSA-2001:014参考:网址:http://www.linux mandrake.com/en/security/2001/mdksa - 2001 - 014. - php3参考:REDHAT: RHSA-2001:003参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 003. - htmlMySQL 3.23.31之前允许用户与一个MySQL账户使用显示赠款命令从MySQL获取加密的管理员密码。通过密码破解用户表和可能获得的特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1275 3供应商确认:对咨询内容的决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1290网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1290最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010627活跃网络分类广告未能验证导致执行任意代码参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-06/0386.html参考:报价:2942参考:网址:http://online.securityfocus.com/bid/2942参考:XF: active-classifieds-admin-access(6754)参考:网址:http://xforce.iss.net/static/6754.php管理。cgi积极分类1.0免费版,和可能的商业版本,允许远程攻击者修改配置,获得特权,执行任意Perl代码通过table_width参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1290 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1323网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1323最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010426安全顾问:krb5 ftpd缓冲区溢位参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=98826223517788&w=2参考:IMMUNIX: imnx - 2001 - 70 - 022 - 01参考:网址:http://download.immunix.org/immunixos/7.0/updates/imnx - 2001 - 70 - 022 - 01参考:确认:http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt参考:REDHAT: RHSA-2001:060参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 060. - html缓冲区溢出早些时候在MIT Kerberos 5 (krb5) 1.2.2和允许远程攻击者可能导致拒绝服务和通过base - 64编码的数据执行任意代码,不妥善处理radix_encode函数流程文件时一滴ftpglob的输出函数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1323 3供应商确认:对咨询内容的决定:SF-CODEBASE抽象:虽然这问题非常类似于其他FTP水珠的问题被发现在同一时间(可以通过可以- 2001 - 0247 - 2001 - 0249),Kerberos咨询包括足够的信息表明,问题是在一个不同的代码,这是使用radix_encode和ftpglob。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1325网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1325最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010420 XML脚本即Outlook Express参考:网址:http://www.securityfocus.com/archive/1/3AE02004.57FDF958@guninski.com参考:XF: ie-xml-stylesheets-scripting(6448)参考:网址:http://xforce.iss.net/static/6448.php参考:报价:2633参考:网址:http://www.securityfocus.com/bid/2633Internet Explorer 5.0和5.5,Outlook Express 5.0和5.5,允许远程攻击者执行脚本时活跃的脚本是禁用的,包括脚本在XML样式表(XSL)引用的使用IFRAME标签,可能由于漏洞在Windows脚本主机(WSH)。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1325 3供应商确认:内容决定:包含从开发目前尚不清楚是否这是一个发现的另一种攻击向量利用的漏洞已经解决。脆弱性记者和供应商收到不同的结果,大量的受访者Bugtraq也是如此。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1326网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1326最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010528 feeble.hey !多拉。利用部分。第二参考:网址:http://www.securityfocus.com/archive/1/187128参考:报价:2796参考:网址:http://www.securityfocus.com/bid/2796Eudora 5.1允许远程攻击者执行任意代码时,“使用微软查看器”选项启用和禁用“允许在HTML内容可执行文件”选项,通过HTML电子邮件的形式从一个图像被激活,攻击者恶搞作为一个链接,导致用户执行表单和访问嵌入的附件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1326 3供应商确认:内容决定:SF-LOC抽象:这个问题非常类似于cve - 2001 - 0365,但是这个问题影响到5.1版本,而cve - 2001 - 0365没有。因为问题发生在不同的版本中,CD: SF-LOC表明分裂。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1329网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1329最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010611 rsh bufferoverflow AIX 4.2参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-06/0133.html在AIX上rsh 4.2.0.0缓冲区溢出可能允许本地用户root特权通过命令行参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1329 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1330网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1330最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010611 rsh bufferoverflow AIX 4.2参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-06/0133.html在AIX上rsh 4.2.0.0缓冲区溢出可能允许本地用户获得根权限通过命令行参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1330 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1332网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1332最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:CONECTIVA: CLA-2001:384参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000386参考:CONECTIVA: CLA-2001:386参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000386参考:曼德拉草:MDKSA-2001:048参考:网址:http://www.linux mandrake.com/en/security/2001/mdksa - 2001 - 048. - php3参考:SUSE: SuSE-SA: 2002:005参考:网址:http://lists2.suse.com/archive/suse-security-announce/2001-Mar/0000.html在Linux中缓冲区溢出杯之前1.1.6可能允许远程攻击者执行任意代码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1332 3供应商确认:对咨询内容的决定:SF-LOC,模糊的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1333网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1333最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:CONECTIVA: CLA-2001:384参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000386参考:CONECTIVA: CLA-2001:386参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000386参考:曼德拉草:MDKSA-2001:048参考:网址:http://www.linux mandrake.com/en/security/2001/mdksa - 2001 - 048. - php3参考:SUSE: SuSE-SA: 2002:005参考:网址:http://lists2.suse.com/archive/suse-security-announce/2001-Mar/0000.htmlLinux杯1.1.6不安全地处理临时文件之前,可能是因为一个符号链接漏洞可能允许本地用户覆盖文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1333 3供应商确认:对咨询内容的决定:SF-LOC,模糊的模糊的警告不清楚“不安全的文件处理”是由于符号链接问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1335网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1335最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010527 CesarFTP v0.98b三重点目录遍历/弱密码加密参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-05/0252.html参考:XF: cesarftp-directory-traversal(6606)参考:网址:http://www.iss.net/security_center/static/6606.php参考:报价:2786参考:网址:http://online.securityfocus.com/bid/2786目录遍历脆弱性CesarFTP早0.98 b和允许远程经过身份验证的用户(比如匿名)通过用一个文件名读取任意文件包含一个…% 5 c(点点)修改。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1335 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1336网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1336最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010527 CesarFTP v0.98b三重点目录遍历/弱密码加密参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-05/0252.html参考:报价:2785参考:网址:http://online.securityfocus.com/bid/2785参考:XF: cesarftp-settings-plaintext-password(6608)参考:网址:http://www.iss.net/security_center/static/6608.phpCesarFTP 0.98 b和早在明文存储用户名和密码设置。ini文件,它允许攻击者获得特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1336 3供应商确认:内容决定:DESIGN-WEAK-ENCRYPTION, SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1337网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1337最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010524 IPC@Chip安全参考:网址:http://www.securityfocus.com/archive/1/186418参考:报价:2774参考:网址:http://www.securityfocus.com/bid/2774参考:XF: ipcchip-http-dos(6594)参考:网址:http://www.iss.net/security_center/static/6594.php贝克IPC GmbH IPC@CHIP Embedded-Webserver允许远程攻击者造成拒绝服务通过一个HTTP请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1337 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1338网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1338最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010602 IPC@Chip -修复参考:网址:http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00010.html参考:BUGTRAQ: 20010524 IPC@Chip安全参考:网址:http://www.securityfocus.com/archive/1/186418参考:CERT-VN: VU # 198979参考:网址:http://www.kb.cert.org/vuls/id/198979参考:报价:2773参考:网址:http://www.securityfocus.com/bid/2773参考:XF: ipcchip-telnet-verify-account(6595)参考:网址:http://www.iss.net/security_center/static/6595.php贝克IPC GmbH IPC@CHIP TelnetD服务器产生不同的反应,当给定的有效和无效的登录名称,它允许远程攻击者来确定系统上的账户。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1338 3供应商确认:未知discloser-claimed内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1339网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1339最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010602 IPC@Chip -修复参考:网址:http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00010.html参考:BUGTRAQ: 20010524 IPC@Chip安全参考:网址:http://www.securityfocus.com/archive/1/186418参考:CERT-VN: VU # 198979参考:网址:http://www.kb.cert.org/vuls/id/198979参考:报价:2771参考:网址:http://www.securityfocus.com/bid/2771参考:XF: ipcchip-telnet-bruteforce-passwords(6605)参考:网址:http://www.iss.net/security_center/static/6605.php贝克IPC GmbH IPC@CHIP telnet服务不延迟或断开用户从服务bas密码输入时,这使得它更容易为远程攻击者进行暴力破解密码猜测攻击。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1339 3供应商确认:未知discloser-claimed内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1340网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1340最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010602 IPC@Chip -修复参考:网址:http://www.securityfocus.com/archive/1/188219参考:BUGTRAQ: 20010524 IPC@Chip安全参考:网址:http://www.securityfocus.com/archive/1/186418参考:CERT-VN: VU # 756019参考:网址:http://www.kb.cert.org/vuls/id/756019参考:XF: ipcchip-telnet-admin-lockout(6596)参考:网址:http://www.iss.net/security_center/static/6596.php参考:报价:2772参考:网址:http://www.securityfocus.com/bid/2772贝克GmbH IPC@Chip TelnetD服务仅支持一个连接的用户,不脱节不完成登录过程,它允许远程攻击者锁定连接到服务的管理员帐户。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1340 3供应商确认:内容决定:CF, SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1341网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1341最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010602 IPC@Chip -修复参考:网址:http://www.securityfocus.com/archive/1/188219参考:BUGTRAQ: 20010524 IPC@Chip安全参考:网址:http://www.securityfocus.com/archive/1/186418参考:CERT-VN: VU # 574739参考:网址:http://www.kb.cert.org/vuls/id/574739参考:报价:2767参考:网址:http://www.securityfocus.com/bid/2767参考:XF: ipcchip-chipcfg-gain-information(6600)参考:网址:http://www.iss.net/security_center/static/6600.php贝克GmbH IPC@Chip嵌入式web服务器安装chipcfg。cgi程序在默认情况下,它允许远程攻击者获取敏感网络信息通过一个程序的请求。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1341 3供应商确认:内容决定:CF-DEFAULT投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1343网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1343最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010612错误引用:网址:http://archives.neohapsis.com/archives/bugtraq/2001-06/0142.html参考:报价:2861参考:网址:http://www.securityfocus.com/bid/2861参考:XF: webstore-cgi-command-execution(6685)参考:网址:http://xforce.iss.net/static/6685.phpws_mail。cgi的WebStore 400/400CS 4.14允许远程认证WebStore管理员执行任意代码通过shell元字符杀死参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1343 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1344网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1344最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010612错误引用:网址:http://archives.neohapsis.com/archives/bugtraq/2001-06/0142.html参考:报价:2860参考:网址:http://www.securityfocus.com/bid/2860参考:XF: webstore-cgi-command-execution(6685)参考:网址:http://xforce.iss.net/static/6685.phpWSSecurity。pl WebStore允许远程攻击者绕过身份验证提供程序的文件名存在,由(1)更容易插入一个空字符或(2). .(点点)。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1344 3供应商确认:内容决定:SF-LOC抽象:CD: SF-LOC建议将不同类型的问题。在这种情况下,“文件名存在”是更容易通过目录遍历/ null字符技术,但它仍然可能是一个问题,如果目录遍历问题是固定的。然而,问题是密切相关的。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1346网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1346最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010518 tmp-races ARCservIT Unix客户参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-05/0184.html参考:报价:2748参考:网址:http://online.securityfocus.com/bid/2748参考:报价:2741参考:网址:http://online.securityfocus.com/bid/2741计算机协会ARCserveIT 6.61和6.63(也称为ARCservIT)允许本地用户覆盖任意文件通过一个符号链接(1)asagent攻击临时文件。tmp或(2)inetd.tmp。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1346 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1347网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1347最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010524海拔特权与调试寄存器在Win2K参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-05/0232.html参考:XF: win2k-debug-elevate-privileges(6590)参考:网址:http://www.iss.net/security_center/static/6590.php参考:报价:2764参考:网址:http://www.securityfocus.com/bid/2764Windows 2000允许本地用户造成拒绝服务和可能获得的特权设置硬件断点处理使用全球调试寄存器,这可能导致其他进程终止由于异常,并允许劫持等资源的命名管道。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1347 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1348网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1348最终决定:阶段性裁决:修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010528枝SQL查询错误引用:网址:http://archives.neohapsis.com/archives/bugtraq/2001-05/0260.html参考:MISC:http://twig.screwdriver.net/index.php3参考:XF: twig-webmail-query-modification(6619)参考:网址:http://www.iss.net/security_center/static/6619.php参考:报价:2791参考:网址:http://www.securityfocus.com/bid/2791树枝2.6.2早些时候,允许远程攻击者执行未经授权的数据库操作通过SQL注入攻击的id参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1348 3供应商确认:未知的模糊的确认:供应商的新闻页面包含一个条目日期为7月3日,2001年国家”树枝2.7.0已经发布,该版万博下载包本包括几个安全补丁……检查更新日志的完整列表的变化。”However, the CHANGELOG for 2.7.0 has no details, and indeed does not mention security at all. There is not sufficient evidence to know that the vendor fixed *these* problems. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: