(提案)集群最近- 95 - 48的候选人

我最近提出集群——95年由编辑委员会审查和投票。名称:最近- 95描述:罐2002/05/06和2002/05/31大小之间宣布:48通过修改这封邮件你可能投票的候选人投票,将它寄回给我,或通过使用CVE投票网站。中列出的候选人优先秩序。优先级1和优先级2的候选人都应对不同层次的供应商确认,所以他们应该易于检查和可以信任的,是真实的问题。如果你发现任何RECENT-XX集群是不完整的对过程中发现的问题相关的时间框架,请发送信息给我,这样候选人可以被指定。——史蒂夫总结的选票使用(“严重程度”的按升序)- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -接受——选民接受候选人提出等待——选民对候选人没有意见修改选民想要改变一些小细节(例如参考/描述)审查-选民正在审查/研究候选人,或需要更多的信息,重塑候选人必须大幅修改,如分割或合并拒绝候选人不是“漏洞”,或重复等。1)请写你的投票在直线上,从“投票:”开始。如果你想添加评论或细节,在投票后将它们添加到线:线。2)如果你看到任何失踪的引用,请提及他们,使他们可以包括在内。在映射引用帮助极大。3)请注意,“修改”被视为一个“接受”当计算选票。 So if you don't have sufficient information for a candidate but you don't want to NOOP, use a REVIEWING. ********** NOTE ********** NOTE ********** NOTE ********** NOTE ********** Please keep in mind that your vote and comments will be recorded and publicly viewable in the mailing list archives or in other formats. ====================================================== Candidate: CAN-2002-0703 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0703最终决定:阶段性裁决:修改:建议:20020726分配:20020716类别:科幻参考:REDHAT: RHSA-2002:081参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 081. - html参考:曼德拉草:MDKSA-2002:035参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 035. - php参考:XF: linux-utf8-incorrect-md5(9051)参考:网址:http://www.iss.net/security_center/static/9051.php参考:报价:4716参考:网址:http://www.securityfocus.com/bid/4716一个Perl MD5模块之间的交互(perl-Digest-MD5)和Perl可以产生不正确的MD5校验和utf - 8数据,这可能会阻止系统正确验证数据的完整性。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0703 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0704网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0704最终决定:阶段性裁决:修改:建议:20020726分配:20020716类别:科幻参考:BUGTRAQ: 20020508 (cartsa - 20020402) Linux Netfilter NAT / ICMP代码信息泄漏参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102088521517722&w=2参考:REDHAT: RHSA-2002:086参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 086. - html参考:曼德拉草:MDKSA-2002:030参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 030. - php参考:惠普:hpsbtl0205 - 039参考:网址:http://online.securityfocus.com/advisories/4116参考:XF: linux-netfilter-information-leak(9043)参考:网址:http://www.iss.net/security_center/static/9043.php参考:报价:4699参考:网址:http://www.securityfocus.com/bid/4699网络地址转换(NAT)能力Netfilter (iptables) 1.2.6a和早些时候泄漏翻译IP地址在ICMP错误消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0704 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0734网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0734最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020506 b2 php远程命令执行参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0027.html参考:确认:http://cafelog.com/参考:报价:4673参考:网址:http://www.securityfocus.com/bid/4673参考:XF: b2-b2inc-command-execution(9013)参考:网址:http://www.iss.net/security_center/static/9013.phpb2edit.showposts。早些时候在B2 2.0.6pre2和php不正确加载b2config。php文件在某些配置,远程攻击者可以通过一个URL执行任意的php代码,设置$ b2inc变量指向一个特洛伊木马程序存储在远程服务器上。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0734 1供应商确认:是的确认:供应商的主页,一个项目日期“04.05.02”(2002年5月4日)州“有人最近告诉我对b2安全漏洞……安全漏洞的修复非常简单:创建一个名为b2config的文件。php和b2-include文件夹中上传它。”While this in itself doesn't include enough details to be certain that the vendor is fixing *this* problem, it would fix the problem, and later comments on the vendor's page would line up with the date of public announcement of this problem. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0755 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0755最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:24参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:24.k5su.asc参考:报价:4777参考:网址:http://www.securityfocus.com/bid/4777参考:XF: freebsd-k5su-gain-privileges(9125)参考:网址:http://www.iss.net/security_center/static/9125.phpKerberos 5 su (k5su)早些时候在FreeBSD 4.5和不验证用户前车轮组的成员授予超级用户特权,这可能允许未经授权的用户执行命令作为根。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0755 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0758网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0758最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:SUSE: SuSE-SA: 2002:016参考:网址:http://www.suse.de/de/support/security/2002_016_sysconfig_txt.html参考:报价:4695参考:网址:http://www.securityfocus.com/bid/4695参考:XF: suse-sysconfig-command-execution(9040)参考:网址:http://www.iss.net/security_center/static/9040.phpifup-dhcp脚本sysconfig包的SuSE 8.0允许远程攻击者通过欺骗DHCP执行任意命令响应,存储和执行在一个文件中。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0758 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0759网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0759最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:25参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.asc参考:XF: bzip2-decompression-file-overwrite(9126)参考:网址:http://www.iss.net/security_center/static/9126.php参考:报价:4774参考:网址:http://www.securityfocus.com/bid/4774bzip2 1.0.2 FreeBSD 4.5和更早之前,和其他操作系统,不使用O_EXCL国旗创建文件在减压和不警告用户如果将覆盖现有的文件,这可能允许攻击者通过bzip2存档覆盖文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0759 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0760网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0760最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:25参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.asc参考:报价:4775参考:网址:http://www.securityfocus.com/bid/4775参考:XF: bzip2-decompression-race-condition(9127)参考:网址:http://www.iss.net/security_center/static/9127.php竞争条件在bzip2 1.0.2 FreeBSD 4.5和更早之前,和其他操作系统,之前与全局解压缩文件权限设置中指定的权限是什么bzip2存档,这可能允许本地用户读取的文件被解压。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0760 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0761网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0761最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:25参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.asc参考:XF: bzip2-compression-symlink(9128)参考:网址:http://www.iss.net/security_center/static/9128.php参考:报价:4776参考:网址:http://www.securityfocus.com/bid/4776bzip2 1.0.2 FreeBSD 4.5和更早之前,和其他操作系统,使用符号链接的权限,而不是实际的文件创建一个归档文件时,这可能导致文件提取与严格的权限比预期少。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0761 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0762网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0762最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:SUSE: SuSE-SA: 2002:017参考:网址:http://www.suse.de/de/support/security/2002_17_shadow.html参考:XF: suse-shadow-filesize-limits(9102)参考:网址:http://www.iss.net/security_center/static/9102.php参考:报价:4757参考:网址:http://www.securityfocus.com/bid/4757影子包在SuSE 8.0允许本地用户破坏/ etc / passwd和/etc/shadow文件或指定额外的组特权一些用户通过改变文件大小限制在调用程序之前修改的文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0762 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0765网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0765最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020527 OpenSSH 3.2.3发布(fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0235.html参考:OPENBSD: 20020522 004:安全修复:5月22日,2002参考:网址:http://www.openbsd.org/errata.html sshbsdauth参考:报价:4803参考:网址:http://www.securityfocus.com/bid/4803参考:XF: bsd-sshd-authentication-error(9215)参考:网址:http://www.iss.net/security_center/static/9215.phpOpenSSH 3.2.2 sshd,当使用YP netgroups和在一定条件下,可以允许用户成功地与另一个用户进行身份验证和登录的密码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0765 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0766网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0766最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020509 [VULNWATCH] OpenBSD当地DoS和根利用参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0066.html参考:BUGTRAQ: 20020509 OpenBSD当地DoS和根利用参考:网址:http://online.securityfocus.com/archive/1/271702参考:OPENBSD: 20020508 003:安全修复:5月8日,2002参考:网址:http://www.openbsd.org/errata.html fdalloc2参考:XF: openbsd-file-descriptor-dos(9048)参考:网址:http://www.iss.net/security_center/static/9048.phpOpenBSD 2.9到3.1允许本地用户造成拒绝服务(资源枯竭)并获得根权限通过填充内核的文件描述符表和关闭文件描述符0、1或2在执行一个特权的过程,不妥善处理当OpenBSD未能打开另一个描述符。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0766 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0768网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0768最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:参考:SUSE: SuSE-SA: 2002:018参考:网址:http://www.suse.com/de/support/security/2002_18_lukemftp.html参考:XF: lukemftp-pasv-bo(9130)参考:网址:http://www.iss.net/security_center/static/9130.php缓冲区溢出在SuSE 6.4到8.0 lukemftp FTP客户端,和可能的其他操作系统,允许一个恶意的FTP服务器通过长PASV命令执行任意代码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0768 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0778网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0778最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:CF参考:思科:20020528透明缓存引擎和内容引擎TCP继电器脆弱性参考:网址:http://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtml参考:XF: cisco-cache-content-tcp-forward(9082)参考:网址:http://www.iss.net/security_center/static/9082.php参考:报价:4751参考:网址:http://www.securityfocus.com/bid/4751思科的默认配置代理缓存引擎和内容引擎允许远程攻击者使用HTTPS使TCP连接允许IP地址而隐藏实际的源IP。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0778 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0788网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0788最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020508 NTFS和PGP揭露EFS加密数据交互参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0052.html参考:确认:http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.1/hotfix/ReadMe.txt参考:XF: pgp-ntfs-reveal-data(9044)参考:网址:http://www.iss.net/security_center/static/9044.php参考:报价:4702参考:网址:http://www.securityfocus.com/bid/4702PGP 7.0.3之间的交互与“擦删除文件”选项,在Windows上使用时加密文件系统(EFS),创建一个明文不能擦拭或删除临时文件,由于强大的权限,这可能让某些本地用户或攻击者获取明文信息的物理访问。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0788 1供应商确认:是的咨询确认:在热修复补丁的发布说明,卖方国家”有一个微软的加密文件系统之间的冲突(EFS)在Windows 2000和PGP�年代文件擦功能。当你使用EFS加密文件时,Windows 2000创建一个临时文件,其中包含加密的明文文件。”投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0789网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0789最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020511 mnogosearch-3.1.19引用错误:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0092.html参考:确认:http://www.mnogosearch.org/Download/mnogosearch-3.1.20.tar.gz参考:MISC:http://www.mnogosearch.org/history.html log31参考:报价:4724参考:网址:http://www.securityfocus.com/bid/4724参考:XF: mnogosearch-search-cgi-bo(9060)参考:网址:http://www.iss.net/security_center/static/9060.php缓冲区溢出的搜索。cgi的mnoGoSearch 3.1.19早些时候,允许远程攻击者通过长期执行任意代码查询(q)参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0789 1供应商确认:是的、确认:产品历史上一个模糊的评论页面包括一个项目版本3.1.20日期为“2002年6月27日,即“安全漏洞已经修复。”This is not sufficient proof that the vendor has fixed *this* issue. HOWEVER, the ChangeLog in the source code for 3.1.20 includes an item dated 27 Jun 2002, which says "A security bug (trap on too long queries) fixed," which *does* qualify as sufficient proof. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0794 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0794最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:26参考:网址:http://archives.neohapsis.com/archives/freebsd/2002-05/0349.html参考:报价:4879参考:网址:http://www.securityfocus.com/bid/4879参考:XF: freebsd-accept-filter-dos(9209)参考:网址:http://www.iss.net/security_center/static/9209.phpFreeBSD 4中的accept_filter机制通过4.5不正确删除条目从完整听队列添加syncache时,它允许远程攻击者造成拒绝服务(网络服务可用性)通过大量的连接尝试,填补了队列。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0794 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0795网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0795最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:27参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:27.rc.asc参考:XF: freebsd-rc-delete-directories(9217)参考:网址:http://www.iss.net/security_center/static/9217.php参考:报价:4880参考:网址:http://www.securityfocus.com/bid/4880rc系统启动脚本FreeBSD 4到4.5允许本地用户删除任意文件通过一个符号链接攻击X Windows锁文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0795 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0801网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0801最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020529 (VULNWATCH)弗兰克-威廉姆斯:Macromedia JRUN缓冲区溢出漏洞(# NISR29052002)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0085.html参考:BUGTRAQ: 20020529附录咨询# NISR29052002 (JRun缓冲区溢出)参考:网址:http://online.securityfocus.com/archive/1/274601参考:BUGTRAQ: 20020529 Macromedia JRUN缓冲区溢出漏洞(# NISR29052002)参考:网址:http://online.securityfocus.com/archive/1/274528参考:CERT-VN: VU # 703835参考:网址:http://www.kb.cert.org/vuls/id/703835参考:CERT: ca - 2002 - 14参考:网址:http://www.cert.org/advisories/ca - 2002 - 14. - html参考:XF: jrun-isapi-host-bo(9194)参考:网址:http://www.iss.net/security_center/static/9194.php参考:报价:4873参考:网址:http://www.securityfocus.com/bid/4873缓冲区溢出的ISAPI DLL过滤器Macromedia JRun 3.1允许远程攻击者通过直接请求执行任意代码过滤有着悠久的HTTP URL中的主机头字段. jsp文件。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0801 1供应商确认:是的咨询投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0777网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0777最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020520 Foundstone咨询——缓冲区溢出Ipswitch Imail 7.1和之前(fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0172.html参考:XF: imail-ldap-bo(9116)参考:网址:http://www.iss.net/security_center/static/9116.php参考:报价:4780参考:网址:http://www.securityfocus.com/bid/4780缓冲区溢出在LDAP组成部分Ipswitch IMail 7.1和更早的允许远程攻击者执行任意代码通过一个长长的“bind DN”参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0777 2供应商确认:是的领域相符确认:唯一明显的信息可能与这个问题有关的供应商http://support.ipswitch.com/kb/im dm01.htm——20020703;有两个相关的评论溢出:“删除缓冲区溢出错误网络日历”和“ILDAP:固定缓冲区溢位可用于一个DOS攻击。”While the latter phrase might be related to the LDAP issue, it is in direct conflict with Foundstone's claim that the problem is exploitable, which may indicate that this is not really the same vulnerability. Inquiry posted tohttp://www.ipswitch.com/cgi/askatech.pl?action=build2002年7月17日。追踪号码:T200207180016。供应商确认这个问题通过电子邮件evalhelp@ipswitch.com 7月18日的回复:“是的,这被修好了…确凿的证据在知识库文章。”投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0790网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0790最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:AIXAPAR: IY24556参考:网址:http://techsupport.services.ibm.com/server/aix.uhuic_getrec?args=DVsteamboat.boulder.ibm.com + DBAIX2 + DA6854 + STIY24556 + USbinclchkspuser和clpasswdremote cspoc为AIX暴露一个加密的密码。日志文件,允许本地用户获得特权。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0790 2供应商确认:是的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0702网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0702最终决定:阶段性裁决:修改:建议:20020726分配:20020716类别:科幻参考:BUGTRAQ: 20020508 (ngsec - 2002 - 2) ISC DHCPDv3远程根妥协参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102089498828206&w=2参考:VULNWATCH: 20020508 [VULNWATCH] [ngsec - 2002 - 2] ISC DHCPDv3,远程根妥协参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0063.html参考:CERT-VN: VU # 854315参考:网址:http://www.kb.cert.org/vuls/id/854315参考:CERT: ca - 2002 - 12参考:网址:http://www.cert.org/advisories/ca - 2002 - 12. - html参考:火山口:综援- 2002 - 028.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 028.0.txt参考:曼德拉草:MDKSA-2002:037参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 037. - php参考:SUSE: SuSE-SA: 2002:019参考:网址:http://www.suse.de/de/support/security/2002_19_dhcp.html参考:CONECTIVA: CLA-2002:483参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000483参考:XF: dhcpd-nsupdate-format-string(9039)参考:网址:http://www.iss.net/security_center/static/9039.php参考:报价:4701参考:网址:http://www.securityfocus.com/bid/4701日志的格式字符串漏洞代码例程动态DNS (print.c) ISC DHCP 3.0.1rc8守护进程(了DHCPD) 3, NSUPDATE选项启用,允许远程恶意DNS服务器执行任意代码通过DNS服务器响应格式字符串。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0702 3供应商确认:对咨询内容的决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0735网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0735最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:VULN-DEV: 20020506 ldap漏洞参考:网址:http://marc.theaimsgroup.com/?l=vuln-dev&m=102070267500932&w=2参考:VULNWATCH: 20020506 [VULNWATCH] ldap漏洞参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html参考:BUGTRAQ: 20020506 ldap漏洞参考:网址:http://online.securityfocus.com/archive/1/271173参考:报价:4679参考:网址:http://www.securityfocus.com/bid/4679参考:XF: squidauthldap-logging-format-string(9019)参考:网址:http://www.iss.net/security_center/static/9019.php格式字符串漏洞日志()函数的c - note鱿鱼LDAP身份验证模块(squid_auth_LDAP) 2.0.2早些时候,允许远程攻击者可能导致拒绝服务和执行任意代码通过触发日志消息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0735 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0756网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0756最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020508 (SNS咨询单打52)Webmin / Usermin跨站点脚本漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0040.html参考:报价:4694参考:网址:http://www.securityfocus.com/bid/4694参考:XF: webmin-usermin-authpage-css(9036)参考:网址:http://www.iss.net/security_center/static/9036.php跨站点脚本漏洞在认证页面(1)Webmin 0.96和0.90 (2)Usermin允许远程攻击者将脚本插入到一个错误页面,可能偷饼干。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0756 3供应商确认:未知discloser-claimed内容决定:SF-EXEC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0757网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0757最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020508 (SNS咨询53号)Webmin / Usermin会话ID欺骗脆弱性参考:网址:http://online.securityfocus.com/archive/1/271466参考:曼德拉草:MDKSA-2002:033参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 033. - php参考:XF: webmin-usermin-sessionid-spoof(9037)参考:网址:http://www.iss.net/security_center/static/9037.php参考:报价:4700参考:网址:http://www.securityfocus.com/bid/4700(1)Webmin 0.96和0.90 (2)Usermin启用了密码超时允许本地和远程攻击者绕过身份验证并获得特权身份验证信息通过一定的控制字符,可以迫使Webmin或Usermin接受任意用户名/会话ID的组合。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0757 3供应商确认:对咨询内容的决定:SF-EXEC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0763网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0763最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:惠普:hpsbux0205 - 193参考:网址:http://archives.neohapsis.com/archives/hp/2002-q2/0037.html参考:XF: hp-virtualvault-admin-access(9038)参考:网址:http://www.iss.net/security_center/static/9038.php参考:报价:4690参考:网址:http://www.securityfocus.com/bid/4690漏洞管理服务器的惠普VirtualVault 4.5 HP - ux 11.04允许远程web服务器或特权外部过程绕过访问限制,建立连接到服务器。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0763 3供应商确认:对咨询内容的决定:模糊的投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0764网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0764最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020517 Phorum 3.3.2a远程命令执行参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0147.html参考:BUGTRAQ: 20020518 Phorum 3.3.2a远程命令执行引用的另一个缺陷:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0153.html参考:确认:http://www.phorum.org/参考:XF: phorum-php-command-execution(9107)参考:网址:http://www.iss.net/security_center/static/9107.php参考:报价:4763参考:网址:http://www.securityfocus.com/bid/4763Phorum 3.3.2a允许远程攻击者执行任意命令通过一个HTTP请求(1)插件。php,(2)管理。php,或(3)德尔。php修改PHORUM [settings_dir]变量指向一个目录,其中包含一个php文件的命令。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0764 3供应商确认:是的内容决定:SF-EXEC确认:供应商的首页,有一个声明Phorum 3.3.2b3 5月16日,2002,说:“这(修复)地址的一个安全问题,一些包括脚本可以直接调用,允许外国代码运行”。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0767网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0767最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020613 simpleinit根利用-文件描述符敞开参考:网址:http://online.securityfocus.com/archive/1/276739参考:报价:5001参考:网址:http://www.securityfocus.com/bid/5001参考:XF: simpleinit-file-descriptor-open(9357)参考:网址:http://www.iss.net/security_center/static/9357.phpsimpleinit在Linux系统上没有关闭一个读/写FIFO文件描述符创建子进程之前,子进程可以使用root特权导致simpleinit执行任意程序。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0767 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0769网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0769最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020509思科ata - 186管理密码可以平凡地绕过参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html参考:思科:20020523 ata - 186密码披露漏洞参考:网址:http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml参考:XF: cisco-ata-bypass-auth(9057)参考:网址:http://www.iss.net/security_center/static/9057.php参考:XF: cisco-ata-reveal-info(9056)参考:网址:http://www.iss.net/security_center/static/9056.php参考:报价:4711参考:网址:http://www.securityfocus.com/bid/4711参考:报价:4712参考:网址:http://www.securityfocus.com/bid/4712186年思科ATA的基于web的配置界面模拟电话适配器允许远程攻击者绕过身份验证通过一个HTTP POST请求一个字节,它允许攻击者(1)获得的密码登录屏幕,或(2)重新配置适配器通过修改某些请求参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0769 3供应商确认:对咨询内容的决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0770网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0770最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020514远程地震2 3.2 x服务器cvar泄漏参考:网址:http://online.securityfocus.com/archive/1/272548参考:MISC:http://www.quakesrc.org/forum/topicDisplay.php?topicID=160参考:XF: quake2-unexpanded-var-disclosure(9095)参考:网址:http://www.iss.net/security_center/static/9095.php参考:报价:4744参考:网址:http://www.securityfocus.com/bid/4744地震2 (Q2)服务器3.20和3.21允许远程攻击者获取敏感服务器cvar变量,获得目录清单,并执行Q2服务器管理命令通过一个客户端,不扩大“$”宏,导致服务器扩展宏和泄漏信息。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0770 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0771网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0771最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020518跨站点脚本漏洞ViewCVS参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0161.html参考网址:http://online.securityfocus.com/archive/1/273102参考:XF: viewcvs-css(9112)参考:网址:http://www.iss.net/security_center/static/9112.php参考:报价:4818参考:网址:http://www.securityfocus.com/bid/4818在viewcvs跨站脚本漏洞。cgi为ViewCVS 0.9.2允许远程攻击者注入脚本并通过(1)cvsroot偷饼干或(2)sortby参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0771 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0772网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0772最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020517主机控制器还有危险的错误!参考网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0142.html参考:报价:4759参考:网址:http://www.securityfocus.com/bid/4759参考:XF: hosting-controller-dsnmanager-traversal(9104)参考:网址:http://www.iss.net/security_center/static/9104.php目录遍历dsnmanager脆弱性。asp为主机控制器允许远程攻击者读取任意文件和目录通过. .(点点)RootName参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0772 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0773网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0773最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020517主机控制器还有危险的错误!参考网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0142.html参考:报价:4761参考:网址:http://www.securityfocus.com/bid/4761参考:XF: hosting-controller-improotdir-commands(9105)参考:网址:http://www.iss.net/security_center/static/9105.phpimp_rootdir。asp为主机控制器允许远程攻击者复制或删除任意文件和目录imp_rootdir通过直接请求。asp和修改参数,比如(1)ftp, owwwPath (2), (3) oftpPath。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0773 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0774网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0774最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:CF参考:BUGTRAQ: 20020519主机控制器参考另一个漏洞:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0168.html参考:报价:4779参考:网址:http://www.securityfocus.com/bid/4779参考:XF: hosting-controller-default-account(9131)参考:网址:http://www.iss.net/security_center/static/9131.php主机控制器创建一个默认用户AdvWebadmin默认密码,这可能允许远程攻击者获得特权如果密码不改变。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0774 3供应商确认:内容决定:CF-PASS投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0775网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0775最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:CF参考:BUGTRAQ: 20020519主机控制器参考另一个漏洞:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0168.html参考:确认:http://www.hostingcontroller.com/english/patches/ForAll/download/drivebrowse.zip参考:确认:http://hostingcontroller.com/english/logs/sp2log.html浏览。asp在主机控制器,远程攻击者可以查看任意目录通过指定的目标路径名FilePath参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0775 3供应商确认:对咨询内容的决定:CF-PASS承认:“自述”文件的“开车浏览Bug补丁”5月21日发布的2002年,说“这个补丁修复安全漏洞,攻击者可以查看清单直接URL插入驱动器,”并修改browse.asp。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0779网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0779最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020508 [VULNWATCH] cqure.net.20020412.bordermanager_36_mv1.a参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0060.html参考:BUGTRAQ: 20020508 cqure.net.20020412.bordermanager_36_mv1.a参考:网址:http://online.securityfocus.com/archive/1/271475参考:报价:4696参考:网址:http://www.securityfocus.com/bid/4696参考:XF: novell-bordermanager-ftp-dos(9031)参考:网址:http://www.iss.net/security_center/static/9031.phpFTP代理服务器对Novell BorderManager 3.6 SP 1允许远程攻击者造成拒绝服务(网络连接丢失)通过连接端口21与大量的随机数据。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0779 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0780网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0780最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020508 [VULNWATCH] cqure.net.20020412.bordermanager_36_mv1.a参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0060.html参考:BUGTRAQ: 20020508 cqure.net.20020412.bordermanager_36_mv1.a参考:网址:http://online.securityfocus.com/archive/1/271475参考:报价:4697参考:网址:http://www.securityfocus.com/bid/4697参考:XF: novell-bordermanager-ipipx-dos(9032)参考:网址:http://www.iss.net/security_center/static/9032.phpIP网关/ IPX Novell BorderManager 3.6 SP 1允许远程攻击者造成拒绝服务通过一个连接到端口8225,大量的随机数据,导致ipipxgw。nlm异常终止。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0780 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0781网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0781最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020508 [VULNWATCH] cqure.net.20020412.bordermanager_36_mv1.a参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0060.html参考:BUGTRAQ: 20020508 cqure.net.20020412.bordermanager_36_mv1.a参考:网址:http://online.securityfocus.com/archive/1/271475参考:报价:4698参考:网址:http://www.securityfocus.com/bid/4698参考:XF: novell-bordermanager-rtsp-dos(9033)参考:网址:http://www.iss.net/security_center/static/9033.phpRTSP代表Novell BorderManager 3.6 SP 1允许远程攻击者造成拒绝服务通过GET请求端口9090紧随其后一系列的回车,导致代理。nlm异常终止。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0781 3供应商确认:内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0782网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0782最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020510 Re: cqure.net.20020412.bordermanager_36_mv1.a参考:网址:http://online.securityfocus.com/archive/1/271957参考:报价:4726参考:网址:http://www.securityfocus.com/bid/4726参考:XF: novell-bordermanager-conntable-dos(9062)参考:网址:http://www.iss.net/security_center/static/9062.phpNovell BorderManager 3.5启用了帕特(端口地址翻译)允许远程攻击者造成拒绝服务通过填充连接表与大量连接请求的主机,没有特定的路线,这可能是转发到公共接口。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0782 3供应商确认:内容决定:包容包容:任何产品都是有一些硬限制,无法被克服(“物理定律”漏洞)。似乎没有任何影响这个问题(服务器崩溃,误导包,等等。)事实上的联系表填满。大参考不会说这些连接最终下降;如果他们最终*不*撤销,那么也许这足以包括CVE这个问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0783网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0783最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020515歌剧javascript protocoll脆弱性(Sandblad咨询# 6)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0117.html参考:XF: opera-sameoriginpolicy-bypass(9096)参考:网址:http://www.iss.net/security_center/static/9096.php参考:报价:4745参考:网址:http://www.securityfocus.com/bid/4745Opera 6.01、6.0和5.12允许远程攻击者执行任意JavaScript安全上下文的其他网站通过设置一个框架的位置或者iframe JavaScript: URL。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0783 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0784网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0784最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020507利西阿斯Lidik网络服务器遭受一个目录遍历脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0039.html参考:确认:http://www.lysias.de/send/万博下载包news/index.php?page=3参考:XF: lidek-webserver-directory-traversal(9028)参考:网址:http://www.iss.net/security_center/static/9028.php参考:报价:4691参考:网址:http://www.securityfocus.com/bid/4691目录遍历脆弱性利西阿斯Lidik web server 0.7 b允许远程攻击者通过一个HTTP请求列表目录与…(修改后的点点)。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0784 3供应商确认:对咨询内容的决定:EX-BETA确认:在一份声明中过时的“08.05.2002”(5月8日),德国的供应商似乎承认这个问题。谷歌翻译英语:“一边今天Checkpoint.net宣布安全程序中[问题]利西阿斯Lidik我们写的。Web服务器包含一个实质性的安全缺口,用户应该(避免)beta版本……暂时。”INCLUSION: CD:EX-BETA suggests that an issue in beta software should not be included in CVE. As implied by the vendor's acknowledgement, this issue only appears to be in beta software, so maybe it should not be included in CVE. Voting Section -------------- Possible votes: ACCEPT/MODIFY/NOOP/REVIEWING/RECAST/REJECT If ACCEPT or MODIFY, include reason for acceptance: VERIFIED-BY-MY-ORG, ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST, HAS-INDEPENDENT-CONFIRMATION, or provide other reason. VOTE: ACCEPT_REASON: COMMENTS: ====================================================== Candidate: CAN-2002-0785 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0785最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020508洞AOL的即时通讯的参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0086.html参考:XF: aim-addbuddy-bo(9058)参考:网址:http://www.iss.net/security_center/static/9058.php参考:报价:4709参考:网址:http://www.securityfocus.com/bid/4709AOL的即时通讯(AIM)允许远程攻击者造成拒绝服务(崩溃)通过一个“AddBuddy”链接与屏幕名参数集大量的以逗号分隔的值,可能引发缓冲区溢出。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0785 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0786网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0786最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020510 (VULNWATCH)两(2)关键路径inJoin V4.0参考目录服务器问题:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0068.html参考:报价:4718参考:网址:http://www.securityfocus.com/bid/4718参考:XF: injoin-admin-interface-view-files(9054)参考:网址:http://www.iss.net/security_center/static/9054.php图标管理web服务器关键路径inJoin Directory server 4.0允许经过身份验证的inJoin管理员指定目标文件读取任意文件的日志参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0786 3供应商确认:未知discloser-claimed投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0787网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0787最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020510 (VULNWATCH)两(2)关键路径inJoin V4.0参考目录服务器问题:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0068.html参考:XF: injoin-admin-interface-css(9053)参考:网址:http://www.iss.net/security_center/static/9053.php参考:报价:4717参考:网址:http://www.securityfocus.com/bid/4717跨站点脚本漏洞在图标管理web服务器关键路径inJoin Directory server 4.0允许远程攻击者作为管理员可以通过管理员来执行脚本的url与修改(1)LOCID或(2)OC参数。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0787 3供应商确认:未知discloser-claimed内容决定:SF-LOC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0791网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0791最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020508 Re: cqure.net.20020408.netware_nwftpd.a参考:网址:http://online.securityfocus.com/archive/1/271589参考:VULNWATCH: 20020508 [VULNWATCH] cqure.net.20020408.netware_nwftpd.a参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0059.html参考:MISC:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2962252.htm参考:XF: netware-ftp-dos(9034)参考:网址:http://www.iss.net/security_center/static/9034.php参考:报价:4693参考:网址:http://www.securityfocus.com/bid/4693网络操作系统FTP服务器NWFTPD之前5.02 r允许远程攻击者造成拒绝服务(CPU消耗)通过一个连接到服务器,后跟一个回车,和其他可能无效的命令语法不当或长度。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0791 3供应商确认:未知的模糊的内容决定:模糊的承认:KB文章TID2962252被修改在20020508(释放)的日子,太模糊,无法确定是解决这个漏洞。它说“消除高端应用问题时,可能会发生无效的命令(语法不当或长度)被发送到FTP服务器,“但无效的命令可能是“用户”,没有参数,或“AHLNF:”,或任何数量的不同的畸形的输入。没有学分或交叉引用,这是解决这一问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0792网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0792最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:思科:20020515内容服务开关Web管理HTTP处理漏洞引用:网址:http://www.cisco.com/warp/public/707/css-http-post-pub.shtml参考:报价:4747参考:网址:http://www.securityfocus.com/bid/4747参考:报价:4748参考:网址:http://www.securityfocus.com/bid/4748参考:XF: cisco-css-http-dos(9083)参考:网址:http://www.iss.net/security_center/static/9083.php思科内容服务的web管理界面开关(CSS) 11000开关允许远程攻击者造成拒绝服务(软复位)通过(1)一个http POST请求,或(2)畸形的XML数据。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0792 3供应商确认:对咨询内容的决定:SF-LOC,模糊的抽象:“HTTPS邮报”要求和“XML数据”请求似乎他们可能不同类型的漏洞,这将表明他们分裂CD: SF-LOC;然而,思科已确认通过电子邮件,这是两个单独的攻击向量相同的底层解析问题。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0793网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0793最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020531多个漏洞在QNX参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0292.html参考:报价:4902参考:网址:http://www.securityfocus.com/bid/4902参考:XF: qnx-rtos-monitor-f(9231)参考:网址:http://www.iss.net/security_center/static/9231.php硬链接和符号链接在QNX操作系统漏洞后4.25(又名QNX4)允许本地用户覆盖任意文件通过(1)- f参数监控工具,(2)- d参数自动倾卸车,(3)crttrap - c参数,或(4)使用Watcom样本实用工具。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0793 3供应商确认:内容决定:SF-EXEC投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0798网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0798最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:惠普:hpsbux0205 - 194参考:网址:http://archives.neohapsis.com/archives/hp/2002-q2/0059.html参考:XF: hpux-sd-view-files(9207)参考:网址:http://www.iss.net/security_center/static/9207.php参考:报价:4886参考:网址:http://www.securityfocus.com/bid/4886脆弱性在swinstall hp - ux 11.00和11.11允许本地用户视图获取数据视图文件,用户不能直接读的,据说可以用来引起拒绝服务。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0798 3供应商确认:对咨询内容的决定:模糊的准确性:惠普咨询太模糊,理解一个问题,允许数据视图文件允许一个DoS而不是能够读取敏感信息。投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论:= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0799网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0799最终决定:阶段性裁决:修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020521 YoungZSoft邮件服务器溢出,补丁+盗版软件! @ # !参考网址:http://online.securityfocus.com/archive/1/273512参考:报价:4789参考:网址:http://www.securityfocus.com/bid/4789参考:XF: cmailserver-user-bo(9132)参考:网址:http://www.iss.net/security_center/static/9132.php缓冲区溢出在YoungZSoft邮件服务器3.30允许远程攻击者通过很长的用户参数执行任意代码。分析- - - - - - - - - - - - - - - - - ED_PRI - 2002 - 0799 3供应商确认:投票部分- - - - - - - - - - - - - - - -可能的选票:接受/修改/等待/审查/重塑/拒绝如果接受或修改,包括接受的理由:VERIFIED-BY-MY-ORG ACKNOWLEDGED-BY-VENDOR, VERIFIED-BY-SOMEONE-I-TRUST HAS-INDEPENDENT-CONFIRMATION或提供其他原因。投票:ACCEPT_REASON:评论: