[日期上一页][下一个日期][线程上一页][线程下][日期索引][线程索引]

(提案)集群misc - 2001 - 004 - 28候选人

我提出集群misc - 2001 - 004,供编辑部评论和投票。名称:Misc - 2001 - 004描述:混杂。候选人announsed 5/31/2001与12/27/2001大小:28日通过修改这封邮件你可能投票的候选人投票,将它寄回给我,或通过使用CVE投票网站。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出的等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。 So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2001-1350 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1350最终决定:阶段性裁决:修改:建议:20020611分配:20020602类别:科幻参考:REDHAT: RHSA-2001:162参考:MISC:http://search.namazu.org/ml/namazu-devel-ja/msg02114.html在namazu跨站脚本漏洞。cgi Namazu 2.0.7,早些时候允许远程攻击者执行任意Javascript和其他网络用户通过朗参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1350 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1351网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1351最终决定:阶段性裁决:修改:建议:20020611分配:20020602类别:科幻/ CF / MP / SA / /未知参考:REDHAT: RHSA-2001:162参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&w=2&r=1&s=namazu&q=b跨站点脚本漏洞在Namazu 2.0.8早些时候,允许远程攻击者执行任意Javascript和其他网络用户通过索引文件名称显示当显示数字。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1351 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1352网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1352最终决定:阶段性裁决:修改:建议:20020611分配:20020602类别:科幻参考:REDHAT: RHSA-2001:179参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101060476404565&w=2参考:BUGTRAQ: 20011227 Re: [RHSA-2001:162-04] namazu更新包可参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=100947261916155&w=2参考:BUGTRAQ: 20020109的更新namazu包细节可参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101068116016472&w=2跨站点脚本漏洞在Namazu 2.0.9早些时候,允许远程攻击者执行任意Javascript和其他网络用户通过将返回一条错误消息,当一个无效索引文件中指定idxname参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1352 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1353网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1353最终决定:阶段性裁决:修改:建议:20020611分配:20020602类别:科幻参考:MISC:http://marc.theaimsgroup.com/?l=lprng&m=100083210910857&w=2参考:REDHAT: RHSA-2001:138参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 138. - html内容之前6.51允许本地用户读和写作为“lp”用户任意文件通过文件运营商,即使-dSAFER启用。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1353 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1359网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1359最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:CF参考:火山口:综援- 2001 - 021.0参考:网址:http://www.caldera.com/support/security/advisories/cssa - 2001 021.0.txt参考:报价:2850参考:网址:http://www.securityfocus.com/bid/2850参考:XF: volution-authentication-failure-access(6672)参考:网址:http://xforce.iss.net/static/6672.php涡旋客户1.0.7和早些时候试图接触电脑创建守护进程(CCD)当一个LDAP身份验证失败发生时,远程攻击者可以完全控制客户端通过一个特洛伊木马涡旋服务器。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1359 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1367网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1367最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:确认:http://phpslice.org/comments.php?aid=1031&;参考:VULNWATCH: 20010719 [VULNWATCH] Changelog maddness各种破碎的应用(14)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.htmlcheckAccess函数在PHPSlice 0.1.4,所有其他版本0.1.1和0.1.6之间不正确验证管理访问级别,这可能允许远程攻击者获得特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1367 1供应商确认:是的、确认:供应商web页面的一个帖子州”由于愚蠢的错误在一行checkAccess()函数,PHPSlice 0.1.4(和潜在的所有早期版本)有一个巨大的安全漏洞,允许任何用户是否输入正确的URL执行管理任务。”ACCURACY: while the vendor's statement implies that the problem was fixed after 0.1.4, a review of the source code indicates that it actually wasn't fixed until 0.1.7. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1369 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1369最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:FREEBSD: FreeBSD-SA-02:14参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:14.pam-pgsql.asc参考:报价:3319参考:网址:http://online.securityfocus.com/bid/3319参考:XF: postgresql-pam-authentication-module(7110)参考:网址:http://www.iss.net/security_center/static/7110.php莱昂J Breedt pam-pgsql 0.5.2之前允许远程攻击者执行任意SQL代码和绕过身份验证或修改用户帐户记录的用户或密码字段注入SQL语句。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1369 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1370网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1370最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20010722[秒]洞PHPLib 7.2预谋。php3参考:网址:http://www.securityfocus.com/archive/1/198768参考:BUGTRAQ: 20010726 tslsa - 2001 - 0014 - PHPLib参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=99616122712122&w=22.2.6参考:BUGTRAQ: 20010721小鬼。(安全)公布的参考:网址:http://online.securityfocus.com/archive/1/198495参考:CONECTIVA: CLA-2001:410参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410参考:火山口:综援- 2001 - 027.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2001 027.0.txt参考:DEBIAN: dsa - 073参考:网址:http://www.debian.org/security/2001/dsa - 073参考:报价:3079参考:网址:http://www.securityfocus.com/bid/3079参考:XF: phplib-script-execution(6892)参考:网址:http://www.iss.net/security_center/static/6892.php预先考虑。php3在PHPLib 7.2 d,当启用了PHP register_globals,允许远程攻击者通过一个HTTP请求,执行任意脚本修改_PHPLIB美元[libdir]指恶意代码在另一个服务器,如部落1.2.5早些时候,小鬼2.2.6款之前,和其他包使用PHPLib。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1370 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1371网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1371最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020206 Hackproofing Oracle应用服务器论文参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101301813117562&w=2参考:MISC:http://www.nextgenss.com/papers/hpoas.pdf参考:CERT-VN: VU # 736923参考:网址:http://www.kb.cert.org/vuls/id/736923参考:CERT: ca - 2002 - 08年参考:网址:http://www.cert.org/advisories/ca - 2002 - 08. - html参考:确认:http://technet.oracle.com/deploy/security/pdf/ias_soap_alert.pdf参考:报价:4289参考:网址:http://www.securityfocus.com/bid/4289的默认配置Oracle应用服务器9 ias 1.0.2.2使肥皂和允许匿名用户部署应用程序默认情况下通过urn: soap-service-manager urn: soap-provider-manager。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1371 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1372网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1372最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20010917披露漏洞引用另一个路径:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=100074087824021&w=2参考:BUGTRAQ: 20010921回应“路径披露漏洞在Oracle 9 i和8我参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=100119633925473&w=2参考:CERT: ca - 2002 - 08年参考:网址:http://www.cert.org/advisories/ca - 2002 - 08. - html参考:CERT-VN: VU # 278971参考:网址:http://www.kb.cert.org/vuls/id/278971参考:确认:http://otn.oracle.com/deploy/security/pdf/jspexecute_alert.pdf参考:报价:3341参考:网址:http://www.securityfocus.com/bid/3341参考:XF: oracle-jsp-reveal-path(7135)参考:网址:http://xforce.iss.net/static/7135.phpOracle 9 i 1.0.2应用服务器允许远程攻击者获取服务器根目录下文件的物理路径通过请求一个不存在的jsp文件,在一个错误消息泄漏路径名。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1372 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1373网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1373最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20010718 ZoneAlarm Pro参考:网址:http://www.securityfocus.com/archive/1/197681参考:确认:http://www.zonelabs.com/products/zap/rel_history.html 2.6.362参考:XF: zonealarm-bypass-mailsafe(6877)参考:网址:http://xforce.iss.net/static/6877.php参考:报价:3055参考:网址:http://www.securityfocus.com/bid/30552.6和更早的邮件安全区域实验室ZoneAlarm ZoneAlarm Pro 2.6和2.4并没有阻止禁止与长文件名文件类型,它允许远程攻击者发送有潜在危险的附件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1373 1供应商确认:是的、确认:产品的发布历史上包括一个标题为“新的和改进的功能在ZoneAlarm 2.6.231 Pro版本,”状态:“邮件安全改进更好的处理附件的长文件名”投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1374网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1374最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:确认:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187参考:确认:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224参考:CONECTIVA: CLA-2001:409参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409参考:XF: expect-insecure-library-search(6870)参考:网址:http://xforce.iss.net/static/6870.php参考:报价:3074参考:网址:http://www.securityfocus.com/bid/3074预计在5.32之前搜索库的其他前/ var / tmp目录,这将允许本地用户获得根权限通过访问mkpasswd特洛伊木马库。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1374 1供应商确认:是的changelog投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1375网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1375最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:确认:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28226参考:CONECTIVA: CLA-2001:409参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409参考:XF: tcltk-insecure-library-search(6869)参考:网址:http://www.iss.net/security_center/static/6869.php参考:报价:3073参考:网址:http://www.securityfocus.com/bid/3073tcl / tk包(tcltk) 8.3.1搜索它的库在当前工作目录中其他目录之前,这可能允许本地用户执行任意代码通过一个特洛伊木马库用户目录下。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1375 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1354网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1354最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20010720 NetWin身份验证模块3.0 b密码存储/缓冲区溢出漏洞参考:网址:http://online.securityfocus.com/archive/1/198293参考:XF: netwin-nwauth-weak-encryption(6866)参考:网址:http://xforce.iss.net/static/6866.php参考:报价:3075参考:网址:http://www.securityfocus.com/bid/3075NetWin身份验证模块(NWAuth) 2.0和3.0 b,作为SurgeFTP实现,DMail,可能还有其他包,使用弱密码散列,这将允许本地用户解密密码或使用一个不同的密码有相同的散列值是正确的密码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1354 3供应商确认:未知的内容决定:DESIGN-WEAK-ENCRYPTION投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1355网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1355最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20010720 NetWin身份验证模块3.0 b密码存储/缓冲区溢出漏洞参考:网址:http://online.securityfocus.com/archive/1/198293参考:报价:3077参考:网址:http://www.securityfocus.com/bid/3077参考:XF: netwin-nwauth-bo(6865)参考:网址:http://xforce.iss.net/static/6865.php缓冲区溢出在NetWin身份验证模块(NWAuth) 3.0 b和早些时候,作为DMail实现,SurgeFTP,可能还有其他包,可以让攻击者执行任意代码通过长参数(1)del命令或(2)查找命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1355 3供应商确认:未知的内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1356网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1356最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20010804 SurgeFTP管理账户bruteforcable参考:网址:http://online.securityfocus.com/archive/1/201951参考:XF: surgeftp-weak-password-encryption(6961)参考:网址:http://www.iss.net/security_center/static/6961.php参考:报价:3157参考:网址:http://www.securityfocus.com/bid/3157NetWin SurgeFTP早2.0 f和加密散列使用弱密码,一个固定的盐值和模40计算,它允许远程攻击者进行暴力破解密码猜测攻击管理员帐户在端口7021上。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1356 3供应商确认:未知的内容决定:DESIGN-WEAK-ENCRYPTION投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1357网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1357最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:确认:http://www.phpheaven.net/projects/phpMyChat/changes.php3多个漏洞在phpMyChat 0.14.5存在于(1)输入。(2)handle_inputH php3。php3,或(3)index.lib。php3带来未知的后果,可能与用户欺骗或不正确初始化变量。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1357 3供应商确认:是的更新日志内容决定:模糊,SF-LOC, SF-EXEC抽象/准确性:供应商的更改日志只是说,“两个安全问题(已经)被固定,”,但是没有提供更多细节。受影响的文件推断从“安全修复”评论0.14.4和0.14.5之间差异报告。没有足够的时间花在这个项目通过研究问题更紧密,但添加检查显示用户IP地址欺骗。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1358网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1358最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:确认:http://www.phpheaven.net/projects/phpMyChat/changes.php3漏洞在phpMyChat 0.14.4允许本地和远程攻击者获得特权通过指定另一个库文件在L(本地化)参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1358 3供应商确认:是的更新日志内容决定:模糊,SF-LOC, SF-EXEC抽象/准确性:供应商的更改日志0.14.4,日期为20010531,只是说,“一些重要的安全补丁已经合并。”While that is not enough detail to support this item's description, some diffs between 0.14.4 and 0.14.3 makes it clear that at the very least, the localization parameter is affected. However, there may be other issues as well. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1360 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1360最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:确认:ftp://ftp.mostang.com/pub/sane/sane-1.0.8/sane-backends-1.0.8.tar.gz参考:VULNWATCH: 20010719 [VULNWATCH] Changelog maddness各种破碎的应用(14)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html漏洞扫描器访问现在容易(理智)1.0.5之前,有关pnm和圣。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1360 3供应商确认:是的更新日志内容决定:模糊的承认:ChangeLog-1.0.5文件,日期为2001-04-22,说“指向pnm /圣安全风险”。没有任何更多的信息,但CD:模糊表明即使供应商所描述的模糊的弱点,应该包括在CVE。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1361网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1361最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:确认:http://twig.screwdriver.net/file.php3?file=CHANGELOG参考:VULNWATCH: 20010719 [VULNWATCH] Changelog maddness各种破碎的应用(14)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html脆弱性在Web信息门户(嫩枝)2.7.1,可能与不正确的安全权利和/或代mailto链接。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1361 3供应商确认:是的更新日志内容决定:模糊的承认:changelog 2.7.1说[1]“保障权利添加到搜索模块”,[2]“固定错误生成mailto链接不正确检查安全。”[1] seems like a security enhancement, not a vulnerability, although perhaps it is an enhancement that's designed to overcome a design flaw. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1362 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1362最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:未知参考:VULNWATCH: 20010719 (VULNWATCH)的更新日志maddness各种破碎的应用(14)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html参考:确认:http://freshmeat.net/releases/51981/漏洞的服务器nPULSE p4 0.53之前。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1362 3供应商确认:是的更新日志内容决定:EX-BETA模糊包含:CD:模糊的状态,模糊的书面安全警告供应商仍应被包括在CVE。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1363网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1363最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:确认:http://phpwebsite.appstate.edu/downloads/0.7.9/phpWebSite-en-0.7.9.tar.gz参考:VULNWATCH: 20010719 [VULNWATCH] Changelog maddness各种破碎的应用(14)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html脆弱性在phpWebSite 0.7.9相关运行多个实例在同一领域,这可能允许攻击者获得管理权限。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1363 3供应商确认:是的更新日志内容决定:模糊的承认:楼主引用这句话:“小的修正,包括修复轻微的安全缺陷(仅影响网站运行的多个实例phpWebSite在一个域)”。That could not be found in the download, but the comments for config.php are fairly clear, starting on line 118: "You need to change this [security hash] to a random string, it can be any length but longer is better. This fixes the security problem that occurs when multiple instances of phpWebSite are installed under a single domain. If you only have a single instance of phpWebSite per domain, you need not worry about this fix - although setting the security hash to a random string won't hurt :-)" There is a comparison "if ($admintest == $security_hash)" in various files, and admin.php contains the comment "The seesion variable admintest is used to make sure an administrator has logged in. If NOT then it calls the login() function at the bottom of this switch statement." Version 0.7.8 does not have the $security_hash variable. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1364 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1364最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:VULNWATCH: 20010719 (VULNWATCH)的更新日志maddness各种破碎的应用(14)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html参考:确认:ftp://ftp.earth.li/pub/projectpurple/autodns-0.0.4.tar.gz在autodns脆弱性。pl前AutoDNS 0.0.4与不完全限定的域名。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1364 3供应商确认:是的更新日志内容决定:模糊,EX-BETA确认:原大参考报价从供应商的声明中,“小安全补丁检查域名,和锁定的文件访问。”A diff between autodns-0.0.3 and autodns-0.0.4 does not make it clear what the nature of an exploit might be, though it may be related to zone entries that do not have at least one valid "." in them. The valid_domain() function, new in 0.0.4, clearly checks that domain names end in .org, .com, etc. (some sort of .ZONE), whereas the check in 0.0.3 did not go to this level, although it did at least verify that the domain contained only alphanumeric characters, periods, and hyhens. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1365 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1365最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:未知参考:VULNWATCH: 20010719 (VULNWATCH)的更新日志maddness各种破碎的应用(14)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html参考:确认:http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0011.html脆弱性在IntraGnat 1.4。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1365 3供应商确认:是的更新日志内容决定:模糊的确认:供应商网站下来,显然该产品已经被中断。然而,改变通知鲜肉1.4版本说“安全更新补充道。“This implies that *some* vulnerability was fixed. By CD:VAGUE, even this vague notification is good enough to be included in CVE, since it comes from the vendor. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2001-1366 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1366最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:VULNWATCH: 20010719 (VULNWATCH)的更新日志maddness各种破碎的应用(14)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html参考:确认:http://netscript.sourceforge.net/netscript-1.6.2.tgz之前netscript 1.6.3解析动态变量,这可能允许远程攻击者改变程序行为或获取敏感信息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1366 3供应商确认:是的更新日志内容决定:模糊的确认:在1.6.3版本更新日志说:“改变解析远程数据的支持,不解析动态变量。这将删除一些funcationality。但是,它更多的是一个安全风险披露,或使用动态变量通过远程输入。”投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1368网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1368最终决定:阶段性裁决:修改:建议:20020611分配:20020607类别:科幻参考:惠普:hpsbux0106 - 152参考:网址:http://archives.neohapsis.com/archives/hp/2001-q2/0059.html参考:XF: hp-virtualvault-iws-corrupt-data(6697)参考:网址:http://xforce.iss.net/static/6697.php脆弱性iPlanet Web服务器4包含在Virtualvault操作系统(VVOS) 4.0运行hp - ux 11.04可能允许攻击者破坏数据。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1368 3供应商确认:对咨询内容的决定:模糊的抽象/包含:惠普:hpsbux0106 - 152可能已经解决- 2001 - 0431,- 2001 - 0746,或可以- 2001 - 0747,但咨询非常模糊,无法确定。咨询只指“a”的弱点,而不是多个漏洞,所以显然只地址的一个预先存在的罐,。创建一个单独的项目是安全的。CD的这是一个很好的典范:模糊。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1376网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1376最终决定:阶段性裁决:修改:建议:20020611分配:20020611类别:科幻参考:BUGTRAQ: 20011113更多的问题与半径(协议和实现)参考:网址:http://online.securityfocus.com/archive/1/239784参考:BUGTRAQ: 20020305安全。NNOV:一些漏洞在多个半径实现参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101537153021792&w=2参考:CERT: ca - 2002 - 06年参考:网址:http://www.cert.org/advisories/ca - 2002 - 06. - html参考:CERT-VN: VU # 589523参考:网址:http://www.kb.cert.org/vuls/id/589523参考:SUSE: SuSE-SA: 2002:013参考:网址:http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html参考:CONECTIVA: CLA-2002:466参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466参考:REDHAT: RHSA-2002:030参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 030. - html参考:报价:3530参考:网址:http://www.securityfocus.com/bid/3530参考:XF: radius-message-digest-bo(7534)缓冲区溢出在消化计算多个半径的函数实现允许远程攻击者可能导致拒绝服务和通过共享密钥数据执行任意代码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1376 3供应商确认:对咨询内容的决定:SF-CODEBASE抽象:有许多半径实现一个通用的代码库。CD: SF-CODEBASE建议我们分项目对于每一个代码库,历史是复杂的,所有(或大部分)实现来自相同的一个或两个原始代码库。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1377网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1377最终决定:阶段性裁决:修改:建议:20020611分配:20020611类别:科幻参考:BUGTRAQ: 20020305安全。NNOV:一些漏洞在多个半径实现参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101537153021792&w=2参考:CERT-VN: VU # 936683参考:网址:http://www.kb.cert.org/vuls/id/936683参考:CERT: ca - 2002 - 06年参考:网址:http://www.cert.org/advisories/ca - 2002 - 06. - html参考:FREEBSD: FreeBSD-SN-02:02参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc参考:REDHAT: RHSA-2002:030参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 030. - html参考:SUSE: SuSE-SA: 2002:013参考:网址:http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html参考:CONECTIVA: CLA-2002:466参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466参考:XF: radius-vendor-attribute-dos(8354)参考:网址:http://www.iss.net/security_center/static/8354.php参考:报价:4230参考:网址:http://www.securityfocus.com/bid/4230多个半径实现不正确验证Vendor-Length特定于供应商的属性,它允许远程攻击者造成拒绝服务(崩溃)通过Vendor-Length小于2。分析- - - - - - - - - - - - - - - - - ED_PRI - 2001 - 1377 3供应商确认:对咨询内容的决定:SF-CODEBASE抽象:有许多半径实现一个通用的代码库。CD: SF-CODEBASE建议我们分项目对于每一个代码库,历史是复杂的,所有(或大部分)实现来自相同的一个或两个原始代码库。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:
页面最后更新或审查:2007年5月22日,