(日期:][日期下][线程:][线程下][日期索引][线程索引]
(临时)接受350名候选人(最终4月2日)
- 来:cve-editorial-board-list@lists.mitre.org
- 主题(临时):接受350名候选人(最终4月2日)
- 从:“史蒂文·m·Christey " <coley@rcf-smtp.mitre.org>
- 日期-0500年结婚,2003年3月26日18:03:17(美国东部时间)
- 交货日期:2003年3月26日18:03:30结婚
- 发送方:owner-cve-editorial-board-list@lists.mitre.org
我做了一个临时决定接受以下350名候选人。我将在4月2日做出最终决定。以下编辑委员会成员投票表决这些候选人:Ozancin接受(1)绿色接受(90)修改(2)无操作(1)Magdych等待(1)勒布朗等待(2)科尔接受(335)无操作(14)琼斯接受(4)修改(9)无操作(2)Balinsky接受(2)无操作(2)Foat接受(82)修改(3)等待(263)考克斯接受(48)修改(19)等待(239)Christey等待接受(118)(136)墙等待(221)Ziese接受(8)无操作(3)征收接受(3)弗雷希接受男性(110)修改(104)艾德森接受(31)Stracener接受(1)贝克接受(279)普罗塞接受(3)阿姆斯特朗接受(159)无操作(17)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 1999 - 1337网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 1999 - 1337最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20010912分配:20010831类别:科幻参考:BUGTRAQ: 19990801午夜指挥官脆弱性(?)(fwd)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=93370073207984&w=2参考:XF: midnight-commander-data-disclosure(9873)参考:网址:http://www.iss.net/security_center/static/9873.phpFTP客户端在午夜指挥官(mc) 4.5.11访问站点的用户名和密码明文存储在全局历史文件,它允许其他本地用户获得特权。修改:ADDREF XF: midnight-commander-data-disclosure(9873)分析- - - - - - - - - -供应商确认:是的后续的行动:- 1999 - 1337 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(1)科尔弗伦奇等待修改(1)(2)墙,Foat选民的评论:弗雷希>(1765年任务)改变>[弗雷希改变投票从审查修改]弗雷希> XF: midnight-commander-data-disclosure(9873) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 1999 - 1468网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 1999 - 1468最终决定:阶段性裁决:20030326修改:20020218 - 01提议:20010912分配:20010831类别:科幻参考:MISC:http://www.alw.nih.gov/security/8lgm/8lgm咨询- 01. - html参考:CERT: ca - 91.20参考:网址:http://www.cert.org/advisories/CA-91.20.rdist.vulnerability参考报价:31参考:网址:http://www.securityfocus.com/bid/31参考:XF: rdist-popen-gain-privileges(7160)参考:网址:http://www.iss.net/security_center/static/7160.phprdist在各种UNIX系统使用popen执行sendmail,它允许本地用户获得根权限通过修改IFS变量(内部字段分隔符)。修改:ADDREF XF: rdist-popen-gain-privileges (7160) CHANGEREF MISC[改变url]分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 1999 - 1468能接受(4接受,1 ack, 0评论)目前投票:接受(3)Foat,科尔,弗伦奇等待Stracener修改(1)(2)Christey,墙选民的评论:弗雷希> XF: rdist-popen-gain-privileges (7160) MISC参考已经死了。选择:http://www.alw.nih.gov/security/8lgm/8lgm咨询- 01. - htmlChristey >目前尚不清楚这是由太阳:00115年,太阳:00110年,两个,或没有。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 1999 - 1490网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 1999 - 1490最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20010912分配:20010831类别:科幻参考:BUGTRAQ: 19980528警报:烦人的安全漏洞在“xosview”, RedHat5.1吗?参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101926021&w=2参考:BUGTRAQ: 19980529 Re:烦人的安全漏洞在“xosview”(xosexp.c)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101926034&w=2参考:报价:362参考:网址:http://www.securityfocus.com/bid/362参考:XF: linux-xosview-bo(8787)参考:网址:http://www.iss.net/security_center/static/8787.phpxosview 1.5.1在Red Hat 5.1允许本地用户获得root访问通过长家里环境变量。修改:ADDREF XF: linux-xosview-bo(8787)分析- - - - - - - - - -供应商确认:是的推断行动:- 1999 - 1490 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(1)科尔弗伦奇等待修改(1)(2)墙,Foat选民的评论:弗雷希>(接受;任务2354)更改>[弗雷希改变投票从审查修改]弗雷希> XF: linux-xosview-bo(8787) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0502网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0502最终决定:阶段性裁决:20030326修改:20020222 - 01提议:20000712分配:20000711类别:科幻参考:BUGTRAQ: 20000607 Mcafee提醒DOS脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-06/0038.html参考:报价:1326参考:网址:http://www.securityfocus.com/bid/1326参考:XF: mcafee-alerting-dos(4641)参考:网址:http://xforce.iss.net/static/4641.phpMcafee VirusScan 4.03不适当限制警告文本文件发送到中央警报服务器之前,它允许本地用户以任意方式修改警报。修改:ADDREF XF: mcafee-alerting-dos(4641)分析- - - - - - - - - -供应商确认:未知的行动:- 2000 - 0502能接受(4接受,0 ack, 0评论)目前投票:接受(3)Ozancin, Levy墙弗伦奇等待修改(1)(1)勒布朗选民的评论:弗雷希> XF: mcafee-alerting-dos改变(4641)>(墙投票从审查接受)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 0590网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 0590最终决定:阶段性裁决:20030326修改:20010910 - 01提议:20000719分配:20000719类别:科幻参考:BUGTRAQ: 20000706脆弱性Poll_It cgi v2.0参考:网址:http://archives.neohapsis.com/archives/bugtraq/2000-07/0076.html参考:报价:1431参考:网址:http://www.securityfocus.com/bid/1431参考:XF: http-cgi-pollit-variable-overwrite(4878)参考:网址:http://xforce.iss.net/static/4878.php调查它2.0 CGI脚本允许远程攻击者读取任意文件指定文件名的data_dir参数。修改:ADDREF XF: http-cgi-pollit-variable-overwrite(4878)分析- - - - - - - - - -供应商确认:是的领域相符确认:查询发送到http://www.cgi-world.com/cgi-bin/forms/forms.cgi2/22/2002。2/22/2002确认供应商。推断行动:- 2000 - 0590能接受(3接受,1 ack, 0评论)目前投票:接受(2)征税,科尔弗伦奇等待修改(1)(4)Magdych,勒布朗,墙,Christey选民的评论:弗雷希> XF; http-cgi-pollit-variable-overwrite(4878)改变> [Magdych改变投票从审查到等待]Christey > MISC:http://www.cgi-world.com/download/pollit.html2000年10月24日,一个项目说“更新到2.05版本从2.0解决安全问题”,但目前还不清楚是否有关* *安全问题;这可能是在谈论cve - 2000 1068/1069/1070。查询发送到http://www.cgi-world.com/cgi-bin/forms/forms.cgi2/22/2002。2/22/2002确认供应商。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1210网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1210最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20000322安全漏洞在Apache项目:Jakarta Tomcat参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=95371672300045&w=2参考:XF: apache-tomcat-file-contents(4205)参考:网址:http://www.iss.net/security_center/static/4205.php目录遍历脆弱性来源。jsp的Apache Tomcat 3.1允许远程攻击者读取任意文件通过一个. .(点点)source.jsp的参数。分析- - - - - - - - - -供应商确认:推断行动:- 2000 - 1210能接受(6接受0 ack 0审查)目前投票:接受(6)贝克,抑郁症,考克斯科尔,阿姆斯特朗,绿色无操作(2)墙,Foat选民的评论:绿色>似乎承认在APACHE的BUGZILLA(# 93似乎接近)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1211网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1211最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20001222 Zope DTML角色问题参考:REDHAT: RHSA-2000:125参考:确认:http://www.zope.org/Products/Zope/Hotfix_2000-12-08/security_alert参考:曼德拉草:MDKSA-2000:083参考:网址:http://www.linux mandrake.com/en/security/2000/mdksa - 2000 - 083. - php3参考:XF: zope-legacy-names(5824)参考:网址:http://www.iss.net/security_center/static/5824.phpZope 2.2.0通过2.2.4不正确执行安全登记等遗留的对象构造函数的名字DTML方法对象,这可能允许攻击者执行未经授权的活动。修改:ADDREF XF: zope-legacy-names(5824)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2000 - 1211能接受(6接受,2 ack, 0评论)目前投票:接受(5)贝克,考克斯科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)墙,Foat选民的评论:考克斯> ADDREF: REDHAT: RHSA-2000:125弗雷希> XF: zope-legacy-names(5824) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2000 - 1212网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2000 - 1212最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:曼德拉草:MDKSA-2000:086参考:CONECTIVA: CLA-2000:365参考:DEBIAN: dsa - 007参考:确认:http://www.zope.org/Products/Zope/Hotfix_2000-12-18/security_alert参考:REDHAT: RHSA-2000:135参考:XF: zope-image-file(5778)通过2.2.4 Zope 2.2.0不妥善保护数据更新方法在图像和文件对象,它允许攻击者与DTML编辑权限修改这些对象的原始数据。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2000 - 1212能接受(6接受,3 ack, 0评论)目前投票:接受(6)贝克,抑郁症,考克斯科尔,阿姆斯特朗,绿色无操作(2)墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0724网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0724最终决定:阶段性裁决:20030326修改:20030318 - 02年提出:20020131分配:20010927类别:科幻参考:女士:ms01 - 055参考:网址:http://www.microsoft.com/technet/security/bulletin/ms01 - 055. - asp参考:XF: ie-incorrect-security-zone-variant (8471) Internet Explorer 5.5允许远程攻击者绕过安全限制通过url包含dotless IP地址的畸形,导致Internet Explorer来处理页面的内部区域,这可能更少的安全限制,又名“带欺骗脆弱性变体”的cve - 2001 - 0664。修改:ADDREF XF: ie-incorrect-security-zone-variant (8471) DESC“可以”更改为“CVE”描述。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 0724能接受(6接受,1 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,贝克修改(1)弗雷希选民的评论:弗雷希>(接受)改变>[弗雷希改变投票从审查修改]弗雷希> XF: ie-incorrect-security-zone-variant(8471) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0748网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0748最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20011012分配:20011012类别:科幻参考:Acme BUGTRAQ: 20010531。服务器v1.7 13 nov96目录浏览参考:网址:http://www.securityfocus.com/archive/1/188141参考:XF: acme-serve-directory-traversal(6634)参考:网址:http://www.iss.net/security_center/static/6634.php参考:思科:20020702思科安全ACS Unix极致。服务器信息披露漏洞参考:网址:http://www.cisco.com/warp/public/707/acmeweb-acsunix-dirtravers-vuln-pub.shtml参考:报价:2809参考:网址:http://www.securityfocus.com/bid/2809极致。为1.7,用于思科安全ACS Unix以及其他可能的产品,允许远程攻击者读取任意文件通过将几个/ URI(削减)字符。修改:ADDREF XF: acme-serve-directory-traversal (6634) ADDREF思科:20020702思科安全ACS Unix极致。服务器信息披露漏洞DESC“。”替换为“/”;改变拼写ADDREF报价:2809分析- - - - - - - - - -供应商确认:是的推断行动:- 2001 - 0748 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(1)阿姆斯特朗弗伦奇等待修改(1)(4)墙,Foat,科尔,Christey选民的评论:弗雷希> XF: acme-serve-directory-traversal (6634) Christey >改变描述说“Acme.Serve”。最初的大参考拼写这两种不同的方式。Christey >描述:就是。或削减?Christey >承认思科(!):思科:20020702思科安全ACS Unix极致。服务器URL信息披露漏洞:http://www.cisco.com/warp/public/707/acmeweb-acsunix-dirtravers-vuln-pub.shtml这影响了思科安全ACS Unix安装和思科报道称,这是由于多个/。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0763网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0763最终决定:阶段性裁决:20030326修改:20020821 - 03提议:20011012分配:20011012类别:科幻参考:BUGTRAQ: 20010608潜在的缓冲区溢出xinetd-2.1.8.9pre11-1参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-06/0064.html参考:CONECTIVA: CLA-2001:404参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000404参考:DEBIAN: dsa - 063参考:网址:http://www.debian.org/security/2001/dsa - 063参考:SUSE:山:2001:022参考:网址:http://lists.suse.com/archives/suse-security-announce/2001-Jun/0002.html参考:IMMUNIX: imnx - 2001 - 70 - 024 - 01参考:网址:http://download.immunix.org/immunixos/7.0/updates/imnx - 2001 - 70 - 024 - 01参考:ENGARDE: esa - 20010621 - 01参考:网址:http://www.linuxsecurity.com/advisories/other_advisory - 1469. - html参考:CIAC: l - 104参考:网址:http://www.ciac.org/ciac/bulletins/l - 104. shtml参考:REDHAT: RHSA-2001:075参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 075. - html参考:FREEBSD: FreeBSD-SA-01:47参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:47.xinetd.asc参考:XF: xinetd-identd-bo(6670)参考:网址:http://xforce.iss.net/static/6670.php参考:报价:2840参考:网址:http://www.securityfocus.com/bid/2840早些时候在Linux xinetd 2.1.8.9pre11-1和缓冲区溢出可能允许远程攻击者执行任意代码通过一个长鉴别反应,这不是svc_logprint妥善处理的函数。修改:ADDREF XF: xinetd-identd-bo (6670) ADDREF报价:2840 ADDREF IMMUNIX: imnx - 2001 - 70 - 029 - 01年ADDREF ENGARDE: esa - 20010621 - 01 ADDREF CIAC: l - 104 ADDREF REDHAT: RHSA-2001:075 ADDREF FREEBSD: FreeBSD-SA-01:47 ADDREF CONECTIVA: CLA-2001:404 DELREF CONECTIVA: CLA-2001:406 CHANGEREF IMMUNIX: imnx - 2001 - 70 - 024 - 01年分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 0763能接受(5接受,5 ack, 0评论)目前投票:接受(4)Foat,科尔,阿姆斯特朗,贝克弗伦奇等待修改(1)(2)墙,Christey选民的评论:弗雷希> XF: xinetd-identd-bo (6670) Christey >需要引用进行筛选,确保他们正确和适当的区分可以- 2001 - 0825。Christey > ADDREF CONECTIVA: CLA-2001:404 Christey > ADDREF FREEBSD: FreeBSD-SA-01:47 URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:47.xinetd.ascDELREF CONECTIVA: CLA-2001:406(这是可以- 2001 - 0825)ADDREF CONECTIVA: CLA-2001:404 DELREF IMMUNIX: imnx - 2001 - 70 - 029 - 01(这是可以- 2001 - 0825)ADDREF IMMUNIX: imnx - 2001 - 70 - 024 - 01年= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0873网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0873最终决定:阶段性裁决:20030326修改:20020818 - 01提议:20020131分配:20011206类别:科幻参考:BUGTRAQ: 20010908多个供应商“泰勒UUCP”问题。参考网址:http://www.securityfocus.com/archive/1/212892参考:BUGTRAQ: 20011130 Redhat 7.0本地根(通过uucp)(2)尝试引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=100715446131820参考:火山口:综援- 2001 - 033.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2001 033.0.txt参考:CONECTIVA: CLA-2001:425参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000425参考:SUSE: SuSE-SA: 2001:38参考:网址:http://www.suse.de/de/support/security/2001_038_uucp_txt.txt参考:报价:3312参考:网址:http://www.securityfocus.com/bid/3312参考:XF: uucp-argument-gain-privileges(7099)参考:网址:http://xforce.iss.net/static/7099.php参考:REDHAT: RHSA-2001:165参考:网址:http://rhn.redhat.com/errata/rhsa - 2001 - 165. - htmluuxqt泰勒UUCP包不正确移除危险长选项,它允许本地用户获得特权通过调用uux并指定另一个配置文件,配置选项。修改:ADDREF REDHAT: RHSA-2001:165分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 0873能接受(3接受,3 ack, 0评论)目前投票:接受(3)科尔,绿色,贝克等待(3)墙,Foat, Christey选民的评论:Christey > ADDREF CONECTIVA: CLA-2002:463 Christey >没有等待,抓CONECTIVA: CLA-2002:463…它只提到这个年长的脆弱性。Christey > REDHAT: RHSA-2001:165每马克·考克斯()= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0891网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0891最终决定:阶段性裁决:20030326修改:20020616 - 01提议:20020131分配:20020116类别:科幻参考:BUGTRAQ: 20011127整合本地洞所有版本参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=100695627423924&w=2参考:SGI: 20020101 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020101-01-I参考:XF: unicos-nqsd-format-string(7618)格式字符串漏洞在nq守护进程(nqsdaemon) NQE 3.3.0.16克雷整合和SGI IRIX允许本地用户获得根权限通过qsub提交批处理作业的名字包含格式化字符。修改:ADDREF XF: unicos-nqsd-format-string (7618) DESC添加SGI IRIX版本分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 0891能接受(4接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克弗伦奇等待修改(1)(3)墙,Foat, Christey选民的评论:弗雷希> XF: unicos-nqsd-format-string (7618) Christey >改变DESC包括SGI版本= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0921网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0921最终决定:阶段性裁决:20030326修改:建议:20020131分配:20020131类别:科幻参考:BUGTRAQ: 20011121 Mac网景密码字段引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=100638816318705&w=2参考:XF: macos-netscape-print-passwords(7593)参考:网址:http://xforce.iss.net/static/7593.php参考:报价:3565参考:网址:http://www.securityfocus.com/bid/3565Netscape 4.79和更早的MacOS允许攻击者访问浏览器从表单字段获取密码通过印刷文档的密码输入,打印在明文。分析- - - - - - - - - -供应商确认:未知的行动:- 2001 - 0921能接受(3接受0 ack, 0评论)目前投票:接受(3)Foat,科尔,弗雷希无操作(2)墙,阿姆斯特朗= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0959网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0959最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020131分配:20020131类别:科幻参考:BUGTRAQ: 20010915 ARCserve 6.61共享访问漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-09/0137.html参考:MISC:http://support.ca.com/Download/patches/asitnt/QO00945.html参考:报价:3342参考:网址:http://www.securityfocus.com/bid/3342参考:XF: arcserve-aremote-plaintext(7122)参考:网址:http://www.iss.net/security_center/static/7122.php计算机协会ARCserve NT 6.61 SP2a和ARCserve 2000 7.0创建一个名为ARCserve的隐藏共享,它允许远程攻击者获取敏感信息和覆盖关键文件。修改:ADDREF XF: arcserve-aremote-plaintext(7122)分析- - - - - - - - - -供应商确认:未知的模糊的承认:文档QO00945, 9月14日,美国“2000年ARCserve地址一个潜在的安全漏洞执行完整备份时,“这可能是一个模糊的问题的确认。后续文章原始Bugtraq帖子并不是说补丁不解决这个问题,所以这些隐式或模糊的线索可能的组合足以确定问题,供应商已固定,通过扩展,承认它。推断行动:- 2001 - 0959能接受(3接受0 ack, 0评论)目前投票:接受科尔(1)修改(2)绿色,弗雷希无操作(2)墙,Foat选民的评论:绿弗伦奇> >供应商确认模糊XF: arcserve-aremote-plaintext(7122) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0960网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0960最终决定:阶段性裁决:20030326修改:建议:20020131分配:20020131类别:CF参考:BUGTRAQ: 20010915 ARCserve 6.61共享访问漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-09/0137.html参考:MISC:http://support.ca.com/Download/patches/asitnt/QO00945.html参考:XF: arcserve-aremote-plaintext(7122)参考:网址:http://xforce.iss.net/static/7122.php参考:报价:3343参考:网址:http://www.securityfocus.com/bid/3343电脑同事ARCserve NT 6.61 SP2a ARCserve 2000 7.0备份代理用户名和密码存储在aremote明文。dmp文件在ARCSERVE $隐藏共享,它允许本地和远程攻击者获得特权。分析- - - - - - - - - -供应商确认:未知的模糊的承认:文档QO00945, 9月14日,美国“2000年ARCserve地址一个潜在的安全漏洞执行完整备份时,“这可能是一个模糊的问题的确认。后续文章原始Bugtraq帖子并不是说补丁不解决这个问题,所以这些隐式或模糊的线索可能的组合足以确定问题,供应商已固定,通过扩展,承认它。推断行动:- 2001 - 0960能接受(3接受0 ack, 0评论)目前投票:接受(2)科尔,弗雷希修改(1)绿色无操作(2)墙,Foat选民的评论:绿色>供应商确认失踪= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 0978网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 0978最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20020131分配:20020131类别:科幻参考:HPBUG: PHCO_17719参考:网址:http://archives.neohapsis.com/archives/hp/2001-q3/0052.html参考:HPBUG: PHCO_24454参考:报价:3289参考:网址:http://www.securityfocus.com/bid/3289参考:XF: hpux-login-btmp(8632)参考:网址:http://www.iss.net/security_center/static/8632.php登录在hp - ux 10.26不记录在/var/adm/btmp失败的登录尝试,这可能允许攻击者进行暴力破解密码猜测攻击或使用lastb观察程序没有被察觉。修改:ADDREF XF: hpux-login-btmp(8632)分析- - - - - - - - - -供应商确认:是的补丁推断行动:- 2001 - 0978能接受(4接受,1 ack, 0评论)目前投票:接受(3)科尔,绿色,贝克弗伦奇等待修改(1)(2)墙,Foat选民的评论:改变>[弗雷希改变投票从审查修改]弗雷希> XF: hpux-login-btmp(8632) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1008网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1008最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020131分配:20020131类别:科幻参考:BUGTRAQ: 20010824 Java插件与JRE 1.3 - > 1.4忽略证书。参考网址:http://archives.neohapsis.com/archives/bugtraq/2001-08/0359.html参考:报价:3245参考:网址:http://www.securityfocus.com/bid/3245参考:XF: javaplugin-jre-expired-certificate(7048)参考:网址:http://www.iss.net/security_center/static/7048.phpJava插件1.4 JRE 1.3执行签名的applet即使证书过期,这可能允许远程攻击者通过applet进行未经授权的活动,已经签署了过期的证书。修改:ADDREF XF: javaplugin-jre-expired-certificate(7048)分析- - - - - - - - - -供应商确认:推断行动:- 2001 - 1008能接受(3接受0 ack, 0评论)目前投票:接受(2)科尔,弗伦奇等待绿色修改(1)(3)墙,Foat,阿姆斯特朗选民的评论:弗雷希> XF: javaplugin-jre-expired-certificate(7048) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1028网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1028最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020131分配:20020131类别:科幻参考:REDHAT: RHSA-2001:072参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 072. - html参考:XF: man-ultimate-source-bo(8622)参考:网址:http://www.iss.net/security_center/static/8622.php缓冲区溢出ultimate_source功能的1.5和更早的允许本地用户获得特权。修改:ADDREF XF: man-ultimate-source-bo(8622)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1028能接受(4接受,1 ack, 0评论)目前投票:接受(3)科尔,绿色,贝克弗伦奇等待修改(1)(2)墙,Foat选民的评论:改变>[弗雷希改变投票从审查修改]弗雷希> XF: man-ultimate-source-bo(8622) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1036网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1036最终决定:阶段性裁决:20030326修改:建议:20020131分配:20020131类别:科幻参考:BUGTRAQ: 20010801 Slackware 8.0, 7.1的脆弱性:/usr/bin/locate参考:网址:http://www.securityfocus.com/archive/1/200991参考:XF: locate-command-execution(6932)参考:网址:http://xforce.iss.net/static/6932.php参考:报价:3127参考:网址:http://www.securityfocus.com/bid/3127GNU位于4.1 findutils Slackware 7.1和8.0允许本地用户获得特权通过一个旧数据库格式的文件名(locatedb),其中包含一个输入超出范围偏移,导致定位写任意进程内存。分析- - - - - - - - - -供应商确认:推断行动:- 2001 - 1036能接受(3接受0 ack, 0评论)目前投票:接受(3)科尔,绿色,弗雷希无操作(3)墙,Foat,阿姆斯特朗= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1059网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1059最终决定:阶段性裁决:20030326修改:建议:20020131分配:20020131类别:CF参考:BUGTRAQ: 20010730 vmware错误?参考网址:http://www.securityfocus.com/archive/1/200455参考:报价:3119参考:网址:http://www.securityfocus.com/bid/3119参考:XF: vmware-obtain-license-info(6925)参考:网址:http://xforce.iss.net/static/6925.phpVMWare vmware-log创建一个临时文件。用户名与不安全的权限,允许本地用户读取或修改许可证信息。分析- - - - - - - - - -供应商确认:推断行动:- 2001 - 1059能接受(4接受,0 ack, 0评论)目前投票:接受(4)Foat,科尔,绿色,弗雷希无操作(2)墙,阿姆斯特朗= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1106网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1106最终决定:阶段性裁决:20030326修改:建议:20020315分配:20020315类别:科幻参考:BUGTRAQ: 20010725水鹿服务器密码解密参考:网址:http://www.securityfocus.com/archive/1/199418参考:报价:3095参考:网址:http://www.securityfocus.com/bid/3095参考:XF: sambar-insecure-passwords(6909)参考:网址:http://xforce.iss.net/static/6909.php水鹿服务器的默认配置5和使用对称密钥,早些时候被编译成二进制程序加密密码,这可能允许本地用户打破所有用户密码被破解的关键或修改一个副本水鹿程序调用解密过程。分析- - - - - - - - - -供应商确认:未知discloser-claimed推断行动:- 2001 - 1106能接受(4接受,0 ack, 0评论)目前投票:接受(4)绿色,贝克,抑郁症,Ziese等待(5)墙,Foat,科尔,阿姆斯特朗,Christey选民的评论:绿色>有供应商确认http://www.security.nnov.ru/advisories/sambarpass.aspChristey > CVE的目的,我不计算供应商报价或摘录第三方确认。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1145网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1145最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20020315分配:20020315类别:科幻参考:NETBSD: NETBSD - sa2001 - 016参考:网址:http://archives.neohapsis.com/archives/netbsd/2001-q3/0204.html参考:FREEBSD: FreeBSD-SA-01:40参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc参考:OPENBSD: 20010530 029:安全修复:2001参考:URL: 5月30日http://www.openbsd.org/errata28.html参考:报价:3205参考:网址:http://online.securityfocus.com/bid/3205参考:XF: bsd-fts-race-condition(8715)参考:网址:http://www.iss.net/security_center/static/8715.phpfts早些时候在FreeBSD 4.3和例程,NetBSD 1.5.2之前,和OpenBSD 2.9和更早的可以被迫改变(目录)到另一个目录中比预期当前目录的上一级目录移动时,可能导致脚本执行危险操作错误的目录。修改:ADDREF XF: bsd-fts-race-condition(8715)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1145能接受(6接受,3 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,绿色,贝克,弗伦奇等待Ziese修改(1)(2)墙,Foat选民的评论:改变>[弗雷希改变投票从审查修改]弗雷希> XF: bsd-fts-race-condition(8715) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1251网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1251最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:新vulns科幻参考:BUGTRAQ: 20010629 4。vWebServer和SmallHTTP参考:网址:http://online.securityfocus.com/archive/1/194418参考:报价:2980参考:网址:http://online.securityfocus.com/bid/2980参考:XF: vwebserver-long-url-dos(6771)参考:网址:http://www.iss.net/security_center/static/6771.phpSmallHTTP 1.204到3.00 beta 8日允许远程攻击者通过多个长URL请求导致拒绝服务。分析- - - - - - - - - -供应商确认:未知discloser-claimed大参考声称“所有版本脆弱”但只有清单2所示。x和3。x,而不是1. x。列出的最低版本(1.204)和最高版本的发布日期(3.00 beta 8)被选择。推断行动:- 2001 - 1251能接受(3接受0 ack, 0评论)目前投票:接受(3)科尔,绿色,弗雷希无操作(3)墙,Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1291网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1291最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010712 3 com TelnetD参考:网址:http://www.securityfocus.com/archive/1/196957参考:XF: 3 com-telnetd-brute-force(6855)参考:网址:http://xforce.iss.net/static/6855.php参考:报价:3034参考:网址:http://www.securityfocus.com/bid/30343 com的telnet服务器等硬件PS40 SuperStack二世不延迟或断开远程攻击者提供一个错误的用户名或密码,这使得它更容易进入服务器通过暴力破解密码猜测。分析- - - - - - - - - -供应商确认:推断行动:- 2001 - 1291能接受(3接受0 ack, 0评论)目前投票:接受(3)科尔,绿色,弗雷希无操作(3)墙,Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1296网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1296最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20011002半自动源代码审计结果参考:网址:http://www.securityfocus.com/archive/1/218000参考:MISC:http://www.moregroupware.org/index.php?action=detail&万博下载包news_id=24参考:XF: php-includedir-code-execution(7215)参考:网址:http://www.iss.net/security_center/static/7215.php参考:报价:3383参考:网址:http://www.securityfocus.com/bid/3383更多。群件PHP脚本允许远程攻击者包括任意文件从远程web站点设置includedir变量通过一个HTTP请求。分析- - - - - - - - - -供应商确认:未知的模糊的承认:发布说明时间2001年10月31日说,新版本包括“一些巧妙的安全补丁,但目前尚不清楚供应商是修复这个* *的问题。推断行动:- 2001 - 1296能接受(3接受0 ack, 0评论)目前投票:接受(3)科尔,绿色,弗雷希无操作(3)墙,Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1301网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1301最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010807 rcs2log参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html参考:确认:http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95参考:XF: rcs2log-tmp-symlink(11210)参考:网址:http://www.iss.net/security_center/static/11210.php20.4中使用Emacs, rcs2log xemacs 21.1.10和其他版本21.4之前,可能还有其他包,允许本地用户修改其他用户的文件通过一个符号链接攻击一个临时文件。修改:ADDREF确认:http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95ADDREF XF: rcs2log-tmp-symlink (11210) DESC改变版本分析- - - - - - - - - -供应商确认:是的cve-vote推断行动:- 2001 - 1301能接受(3接受,1 ack, 0评论)目前投票:接受(1)绿色修改(2)弗雷希考克斯等待(3)墙,Foat,科尔选民的评论:弗雷希>任务xxxx。改变>考克斯(考克斯改变投票从审查修改)> Addref:http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95这是公众至少早在1998年9月28日,这个日期Red Hat emacs包给这个问题的补丁。考克斯>描述目前说" xemacs 21.1.10”和更正确的说" xemacs 21.4版本之前“改变>[弗雷希改变投票从审查修改]弗雷希> XF: rcs2log-tmp-symlink(11210) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1303网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1303最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:CF参考:BUGTRAQ: 20010718防火墙1信息泄漏参考:网址:http://www.securityfocus.com/archive/1/197566参考:报价:3058参考:网址:http://online.securityfocus.com/bid/3058参考:XF: fw1-securemote-gain-information(6857)参考:网址:http://xforce.iss.net/static/6857.phpSecuRemote的默认配置检查防火墙1配置允许远程攻击者获得敏感信息保护网络没有认证。分析- - - - - - - - - -供应商确认:推断行动:- 2001 - 1303能接受(3接受0 ack, 0评论)目前投票:接受(3)科尔,绿色,弗雷希无操作(3)墙,Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1327网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1327最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20020502分配:20020501类别:科幻参考:涡轮:TLSA2001024参考:网址:http://www.turbolinux.com/pipermail/tl-security-announce/2001-May/000313.html参考:XF: pmake-binary-gain-privileges(9988)参考:网址:http://www.iss.net/security_center/static/9988.phppmake 2.1.35拓林思6.05和更早之前安装setuid root特权,这可能允许本地用户权限通过利用漏洞pmake或pmake所使用的程序。修改:ADDREF XF: pmake-binary-gain-privileges(9988)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1327能接受(3接受,1 ack, 0评论)目前投票:接受(2)科尔,弗伦奇等待绿色修改(1)(3)墙,Foat,考克斯选民的评论:改变>[弗雷希改变投票从审查修改]弗雷希> XF: pmake-binary-gain-privileges(9988) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1334网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1334最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20010515 PHPSlash:潜在的脆弱性在URL块参考:网址:http://archives.neohapsis.com/archives/bugtraq/2001-05/0126.html参考:确认:http://marc.theaimsgroup.com/?l=phpslash&m=99029398904419&w=2参考:报价:2724参考:网址:http://online.securityfocus.com/bid/2724参考:XF: phpslash-block-read-files(9990)参考:网址:http://www.iss.net/security_center/static/9990.phpBlock_render_url。类PHPSlash 0.6.1 PHPSlash管理员权限允许远程攻击者读取任意文件通过创建一个块并指定目标文件作为源URL。修改:ADDREF XF: phpslash-block-read-files(9990)分析- - - - - - - - - -供应商确认:是的推断行动:- 2001 - 1334能接受(3接受,1 ack, 0评论)目前投票:接受(2)科尔,弗伦奇等待绿色修改(1)(3)墙,Foat,考克斯选民的评论:改变>[弗雷希改变投票从审查修改]弗雷希> XF: phpslash-block-read-files(9990) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1349网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1349最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20020502分配:20020501类别:科幻参考:BINDVIEW: 20010528不安全信号处理在Sendmail参考:网址:http://razor.bindview.com/publish/advisories/adv_sm8120.html参考:BUGTRAQ: 20010529 sendmail 8.11.4 8.12.0。Beta10可用(fwd)参考:网址:http://www.securityfocus.com/archive/1/187127参考:REDHAT: RHSA-2001:106参考:网址:http://rhn.redhat.com/errata/rhsa - 2001 - 106. - html参考:确认:http://archives.neohapsis.com/archives/sendmail/2001-q2/0001.html参考:报价:2794参考:网址:http://www.securityfocus.com/bid/2794参考:XF: sendmail-signal-handling(6633)参考:网址:http://www.iss.net/security_center/static/6633.php在8.11.4 Sendmail, 8.12.0 8.12.0之前。Beta10,允许本地用户可能导致拒绝服务和腐败的堆和获得特权通过信号处理程序的竞态条件。修改:ADDREF红帽:RHSA-2001:106 ADDREF XF: sendmail-signal-handling(6633)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1349能接受(5接受,3 ack, 0评论)目前投票:接受(4)墙,科尔,绿色,考克斯弗伦奇等待修改(1)(1)Foat选民的评论:改变>考克斯(考克斯改变投票从审查接受)> ADDREF: RHSA-2001:106弗雷希> XF: sendmail-signal-handling(6633) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1359网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1359最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:CF参考:火山口:综援- 2001 - 021.0参考:网址:http://www.caldera.com/support/security/advisories/cssa - 2001 021.0.txt参考:报价:2850参考:网址:http://www.securityfocus.com/bid/2850参考:XF: volution-authentication-failure-access(6672)参考:网址:http://xforce.iss.net/static/6672.php涡旋客户1.0.7和早些时候试图接触电脑创建守护进程(CCD)当一个LDAP身份验证失败发生时,远程攻击者可以完全控制客户端通过一个特洛伊木马涡旋服务器。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1359能接受(5接受,1 ack, 0评论)目前投票:接受(5)墙,科尔,Alderson,绿色,弗雷希无操作(2)Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1369网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1369最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:FREEBSD: FreeBSD-SA-02:14参考:网址:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:14.pam-pgsql.asc参考:报价:3319参考:网址:http://online.securityfocus.com/bid/3319参考:XF: postgresql-pam-authentication-module(7110)参考:网址:http://www.iss.net/security_center/static/7110.php莱昂J Breedt pam-pgsql 0.5.2之前允许远程攻击者执行任意SQL代码和绕过身份验证或修改用户帐户记录的用户或密码字段注入SQL语句。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1369能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,Alderson,绿色,弗雷希无操作(3)墙,Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1370网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1370最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20010722[秒]洞PHPLib 7.2预谋。php3参考:网址:http://www.securityfocus.com/archive/1/198768参考:BUGTRAQ: 20010726 tslsa - 2001 - 0014 - PHPLib参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=99616122712122&w=22.2.6参考:BUGTRAQ: 20010721小鬼。(安全)公布的参考:网址:http://online.securityfocus.com/archive/1/198495参考:CONECTIVA: CLA-2001:410参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410参考:火山口:综援- 2001 - 027.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2001 027.0.txt参考:DEBIAN: dsa - 073参考:网址:http://www.debian.org/security/2001/dsa - 073参考:报价:3079参考:网址:http://www.securityfocus.com/bid/3079参考:XF: phplib-script-execution(6892)参考:网址:http://www.iss.net/security_center/static/6892.php预先考虑。php3在PHPLib 7.2 d,当启用了PHP register_globals,允许远程攻击者通过一个HTTP请求,执行任意脚本修改_PHPLIB美元[libdir]指恶意代码在另一个服务器,如部落1.2.5早些时候,小鬼2.2.6款之前,和其他包使用PHPLib。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1370能接受(4接受,2 ack, 0评论)目前投票:接受(4)科尔,Alderson,绿色,弗雷希无操作(3)墙,Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1371网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1371最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020206 Hackproofing Oracle应用服务器论文参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101301813117562&w=2参考:MISC:http://www.nextgenss.com/papers/hpoas.pdf参考:CERT-VN: VU # 736923参考:网址:http://www.kb.cert.org/vuls/id/736923参考:CERT: ca - 2002 - 08年参考:网址:http://www.cert.org/advisories/ca - 2002 - 08. - html参考:确认:http://technet.oracle.com/deploy/security/pdf/ias_soap_alert.pdf参考:报价:4289参考:网址:http://www.securityfocus.com/bid/4289参考:XF: oracle-appserver-soap-components(8449)参考:网址:http://www.iss.net/security_center/static/8449.php的默认配置Oracle应用服务器9 ias 1.0.2.2使肥皂和允许匿名用户部署应用程序默认情况下通过urn: soap-service-manager urn: soap-provider-manager。修改:ADDREF XF: oracle-appserver-soap-components(8449)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1371能接受(6接受,3 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,Alderson,弗伦奇等待绿色修改(1)(1)考克斯选民的评论:弗雷希> XF: oracle-appserver-soap-components(8449) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1372网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1372最终决定:阶段性裁决:20030326修改:20021116 - 01提议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20010917披露漏洞引用另一个路径:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=100074087824021&w=2参考:BUGTRAQ: 20010921回应“路径披露漏洞在Oracle 9 i和8我参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=100119633925473&w=2参考:MISC:http://www.nii.co.in/research.html参考:CERT: ca - 2002 - 08年参考:网址:http://www.cert.org/advisories/ca - 2002 - 08. - html参考:CERT-VN: VU # 278971参考:网址:http://www.kb.cert.org/vuls/id/278971参考:确认:http://otn.oracle.com/deploy/security/pdf/jspexecute_alert.pdf参考:报价:3341参考:网址:http://www.securityfocus.com/bid/3341参考:XF: oracle-jsp-reveal-path(7135)参考:网址:http://xforce.iss.net/static/7135.phpOracle 9 i 1.0.2应用服务器允许远程攻击者获取服务器根目录下文件的物理路径通过请求一个不存在的jsp文件,在一个错误消息泄漏路径名。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1372能接受(5接受,3 ack, 0评论)目前投票:接受(5)墙,科尔,Alderson,绿色,弗雷希无操作(3)Foat, Christey,考克斯选民的评论:Christey > ADDREF MISC:http://www.nii.co.in/research.html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1373网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1373最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20010718 ZoneAlarm Pro参考:网址:http://www.securityfocus.com/archive/1/197681参考:确认:http://www.zonelabs.com/products/zap/rel_history.html 2.6.362参考:XF: zonealarm-bypass-mailsafe(6877)参考:网址:http://xforce.iss.net/static/6877.php参考:报价:3055参考:网址:http://www.securityfocus.com/bid/30552.6和更早的邮件安全区域实验室ZoneAlarm ZoneAlarm Pro 2.6和2.4并没有阻止禁止与长文件名文件类型,它允许远程攻击者发送有潜在危险的附件。分析- - - - - - - - - -供应商确认:是的更新日志确认:产品的发布历史上包括一个标题为“新的和改进的功能在ZoneAlarm 2.6.231 Pro版本,”状态:“邮件安全改进更好的处理附件的长文件名”的行动:- 2001 - 1373能接受(5接受,1 ack, 0评论)目前投票:接受(5)墙,科尔,Alderson,绿色,弗雷希无操作(2)Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1374网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1374最终决定:阶段性裁决:20030326修改:20030318 - 02年提出:20020611分配:20020607类别:科幻参考:确认:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187参考:确认:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224参考:CONECTIVA: CLA-2001:409参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409参考:XF: expect-insecure-library-search(6870)参考:网址:http://xforce.iss.net/static/6870.php参考:报价:3074参考:网址:http://www.securityfocus.com/bid/3074参考:REDHAT: RHSA-2002:148参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 148. - html参考:曼德拉草:MDKSA-2002:060参考:网址:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:060预计在5.32之前搜索库的其他前/ var / tmp目录,这将允许本地用户获得根权限通过访问mkpasswd特洛伊木马库。修改:ADDREF红帽:RHSA-2002:148 ADDREF曼德拉草:MDKSA-2002:060分析- - - - - - - - - -供应商确认:是的changelog推断行动:- 2001 - 1374能接受(6接受,2 ack, 0评论)目前投票:接受(6)墙,科尔,Alderson,绿色,抑郁症,考克斯等待(2)Foat, Christey选民的评论:改变>[考克斯改变投票从审查接受]Christey > REDHAT: RHSA-2002:148 Christey >曼德拉草:MDKSA-2002:060 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1375网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1375最终决定:阶段性裁决:20030326修改:20030318 - 02年提出:20020611分配:20020607类别:科幻参考:确认:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28226参考:CONECTIVA: CLA-2001:409参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409参考:XF: tcltk-insecure-library-search(6869)参考:网址:http://www.iss.net/security_center/static/6869.php参考:报价:3073参考:网址:http://www.securityfocus.com/bid/3073参考:REDHAT: RHSA-2002:148参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 148. - html参考:曼德拉草:MDKSA-2002:060参考:网址:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:060tcl / tk包(tcltk) 8.3.1搜索它的库在当前工作目录中其他目录之前,这可能允许本地用户执行任意代码通过一个特洛伊木马库用户目录下。修改:ADDREF红帽:RHSA-2002:148 ADDREF曼德拉草:MDKSA-2002:060分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1375能接受(6接受,2 ack, 0评论)目前投票:接受(6)Foat,科尔,Alderson,绿色,抑郁症,考克斯等待(2)墙,Christey选民的评论:改变>[考克斯改变投票从审查接受]Christey > REDHAT: RHSA-2002:148 Christey >曼德拉草:MDKSA-2002:060 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1378网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1378最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020715类别:科幻参考:MISC:http://lists.ccil.org/pipermail/fetchmail-announce/2001-March/000015.html参考:REDHAT: RHSA-2001:103参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 103. - htmlfetchmailconf在fetchmail 5.7.4允许本地用户覆盖文件的其他用户通过一个符号链接攻击临时文件。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1378能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,阿姆斯特朗,贝克,考克斯等待(2)墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1380网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1380最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20011018 Immunix OpenSSH参考操作系统更新:BUGTRAQ: 20011017 tslsa - 2001 - 0023 - OpenSSH参考:BUGTRAQ: 20010926 OpenSSH安全顾问(adv.option)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=100154541809940&w=2参考:BUGTRAQ: 20011019 tslsa - 2001 - 0026 - OpenSSH参考:REDHAT: RHSA-2001:114参考:网址:http://rhn.redhat.com/errata/rhsa - 2001 - 114. - html参考:曼德拉草:MDKSA-2001:081参考:网址:http://www.linux mandrake.com/en/security/2001/mdksa - 2001 - 081. - phpOpenSSH 2.9.9之前,在使用不同类型的密钥对和多个键~ /。ssh / authorized_keys2文件,不能妥善处理相关的“从”选项的一个关键,这可能允许远程攻击者从未经授权的IP地址登录。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1380能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,阿姆斯特朗,贝克,考克斯等待(2)墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1382网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1382最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:确认:http://www.openwall.com/Owl/CHANGES-stable.shtml回波模拟的流量分析对策在OpenSSH 2.9.9p2发送额外echo数据包输入密码,回车后,这可能允许远程攻击者决定对策。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1382能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,阿姆斯特朗,贝克,考克斯等待(2)墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1383网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1383最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:REDHAT: RHSA-2001:110参考:网址:http://rhn.redhat.com/errata/rhsa - 2001 - 110. - html参考:XF: linux-setserial-initscript-symlink(7177)参考:网址:http://www.iss.net/security_center/static/7177.php参考:报价:3367参考:网址:http://online.securityfocus.com/bid/3367initscript早些时候在一些2.17 4,使用可预测的临时文件名称,这将允许本地用户对文件进行未经授权的操作。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1383能接受(5接受,1 ack, 0评论)目前投票:接受(5)墙,科尔,阿姆斯特朗,贝克,考克斯等待(1)Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1385网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1385最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020729类别:科幻参考:BUGTRAQ: 20010112 PHP安全顾问——Apache模块错误引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=97957961212852参考:REDHAT: RHSA-2000:136参考:网址:http://www.redhat.com/support/errata/rhsa - 2000 - 136. - html参考:曼德拉草:MDKSA-2001:013参考:网址:http://www.linux mandrake.com/en/security/2001/mdksa - 2001 - 013. - php3参考:CONECTIVA: CLA-2001:373参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000373参考:DEBIAN: dsa - 020参考:网址:http://www.debian.org/security/2001/dsa - 020参考:报价:2205参考:网址:http://online.securityfocus.com/bid/2205参考:XF: php-view-source-code(5939)参考:网址:http://www.iss.net/security_center/static/5939.phpApache模块为PHP 4.0.0通过PHP 4.0.4,当引擎=关闭的选项禁用虚拟主机,可能会禁用其他虚拟主机的PHP,这可能导致Apache为PHP脚本的源代码。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1385能接受(7接受,2 ack, 0评论)目前投票:接受(7)墙,科尔,阿姆斯特朗,绿色,贝克,抑郁症,考克斯等待(1)Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1406网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1406最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20010829安全顾问Bugzilla v2.13以上参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=99912899900567参考:确认:http://bugzilla.mozilla.org/show_bug.cgi?id=66235参考:REDHAT: RHSA-2001:107参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 107. - html参考:XF: bugzilla-processbug-old-restrictions(10478)参考:网址:http://www.iss.net/security_center/static/10478.phpprocess_bug。cgi在Bugzilla 2.14不设置“groupset”当一个缺陷产品组之间的移动,这将导致错误的旧组织的限制,这可能不是严格。修改:ADDREF XF: bugzilla-processbug-old-restrictions(10478)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1406能接受(6接受,2 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,绿色,贝克,考克斯弗伦奇等待修改(1)(2)墙,Foat选民的评论:弗雷希> XF: bugzilla-processbug-old-restrictions(10478) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2001 - 1407网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2001 - 1407最终决定:阶段性裁决:20030326修改:20030318 - 01提议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20010829安全顾问Bugzilla v2.13以上参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=99912899900567参考:确认:http://bugzilla.mozilla.org/show_bug.cgi?id=96085参考:REDHAT: RHSA-2001:107参考:网址:http://www.redhat.com/support/errata/rhsa - 2001 - 107. - html参考:XF: bugzilla-duplicate-view-restricted(10479)参考:网址:http://www.iss.net/security_center/static/10479.phpBugzilla之前2.14允许Bugzilla用户绕过集团安全检查标记错误的重复限制错误,增加用户的CC列表限制错误,允许用户查看错误。修改:ADDREF XF: bugzilla-duplicate-view-restricted(10479)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2001 - 1407能接受(6接受,2 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,绿色,贝克,考克斯弗伦奇等待修改(1)(2)墙,Foat选民的评论:弗雷希> XF: bugzilla-duplicate-view-restricted(10479) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0006网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0006最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020108类别:科幻参考:BUGTRAQ: 20020109 xchat IRC会话劫持漏洞(1.4.1,版本1.4.2)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101060676210255&w=2参考:DEBIAN: dsa - 099参考:网址:http://www.debian.org/security/2002/dsa - 099参考:REDHAT: RHSA-2002:005参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 005. - html参考:惠普:hpsbtl0201 - 016参考:网址:http://online.securityfocus.com/advisories/3806参考:CONECTIVA: CLA-2002:453参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000453参考:XF: xchat-ctcp-ping-command(7856)参考:网址:http://xforce.iss.net/static/7856.php参考:报价:3830参考:网址:http://www.securityfocus.com/bid/3830XChat 1.8.7,早些时候,包括默认配置1.4.2和3,允许远程攻击者执行任意的IRC命令其他客户通过编码字符在PRIVMSG CTCP PING命令调用,它扩展了字符percascii变量被设置时客户端响应。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0006能接受(6接受,3 ack, 0评论)目前投票:接受(6)贝克,抑郁症,考克斯墙,科尔,Alderson等待(2)Foat, Christey选民的评论:Christey >考虑添加报价:3830 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0009网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0009最终决定:阶段性裁决:20030326修改:20030319 - 01提议:20020131分配:20020109类别:科幻参考:BUGTRAQ: 20020105安全顾问Bugzilla v2.15 (cvs20020103)及以上参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-01/0034.html参考:确认:http://www.bugzilla.org/security2_14_1.html参考:MISC:http://bugzilla.mozilla.org/show_bug.cgi?id=102141参考:XF: bugzilla-showbug-reveal-bugs(7802)参考:网址:http://www.iss.net/security_center/static/7802.php参考:报价:3798参考:网址:http://www.securityfocus.com/bid/3798show_bug。cgi在Bugzilla 2.14.1与“bug”访问权限允许用户查看其他产品无法提供给用户,通过提交bug和阅读得到的产品下拉菜单。修改:ADDREF XF: bugzilla-showbug-reveal-bugs (7802) ADDREF报价:3798分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0009能接受(4接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,弗伦奇等待绿色修改(1)(2)墙,Foat选民的评论:弗雷希> XF: bugzilla-showbug-reveal-bugs(7802) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0011网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0011最终决定:阶段性裁决:20030326修改:20030319 - 01提议:20020131分配:20020109类别:科幻参考:BUGTRAQ: 20020105安全顾问Bugzilla v2.15 (cvs20020103)及以上参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-01/0034.html参考:确认:http://www.bugzilla.org/security2_14_1.html参考:MISC:http://bugzilla.mozilla.org/show_bug.cgi?id=98146参考:XF: bugzilla-doeditvotes-login-information(7803)参考:网址:http://www.iss.net/security_center/static/7803.php参考:报价:3800参考:网址:http://www.securityfocus.com/bid/3800在doeditvotes信息泄漏。cgi在Bugzilla 2.14.1可能允许远程攻击者更容易登录进行攻击。修改:ADDREF XF: bugzilla-doeditvotes-login-information (7803) ADDREF报价:3800分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0011能接受(4接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,弗伦奇等待绿色修改(1)(2)墙,Foat选民的评论:弗雷希> XF: bugzilla-doeditvotes-login-information(7803) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0014网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0014最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020110类别:科幻参考:BUGTRAQ: 20020105松4.33(至少)URL处理程序允许嵌入命令。参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101027841605918&w=2参考:REDHAT: RHSA-2002:009参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 009. - html参考:ENGARDE: esa - 20020114 - 002参考:CONECTIVA: CLA-2002:460参考:FREEBSD: FreeBSD-SA-02:05参考:惠普:hpsbtl0201 - 015参考:报价:3815参考:网址:http://online.securityfocus.com/bid/3815URL处理方式代码松4.43和更早的允许远程攻击者执行任意命令通过一个URL包含在单引号和包含shell元字符(&)。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0014能接受(5接受,3 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,科尔,阿姆斯特朗等待(2)Foat, Christey选民的评论:Christey >考虑添加报价:3815 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0017网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0017最终决定:阶段性裁决:20030326修改:20030319 - 01提议:20020502分配:20020111类别:科幻参考:国际空间站:20020403远程缓冲区溢出漏洞在IRIX SNMP守护进程参考:网址:http://www.iss.net/security_center/alerts/advise113.php参考:SGI: 20020201 - 01 - p参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020201-01-P参考:报价:4421参考:网址:http://www.securityfocus.com/bid/4421参考:XF: irix-snmp-bo(7846)参考:网址:http://www.iss.net/security_center/static/7846.php缓冲区溢出在SGI IRIX SNMP守护进程(snmpd) 6.5通过6.5.15m允许远程攻击者通过SNMP请求执行任意代码。修改:ADDREF报价:4421 ADDREF XF: irix-snmp-bo(7846)分析- - - - - - - - - -供应商确认:是的咨询抽象:虽然这个问题可能似乎一样可以- 2002 - 0012或2002 - 0013年,它是由不同的补丁,所以CD: SF-LOC建议保持这个分裂。推断行动:- 2002 - 0017能接受(4接受,2 ack, 0评论)目前投票:接受(4)征税,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(4)考克斯墙,Foat, Christey选民的评论:Christey >考虑添加报价:4421年征收>申办4421年弗雷希> XF: irix-snmp-bo(7846) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0024网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0024最终决定:阶段性裁决:20030326修改:20030319 - 01提议:20020315分配:20020114类别:科幻参考:女士:ms02 - 005参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 005. - asp参考:报价:4087参考:网址:http://www.securityfocus.com/bid/4087文件下载框在Internet Explorer 5.01, 5.5和6.0允许攻击者使用的附加和内容类型HTML头字段修改文件的名称是如何显示的,这可能会诱骗用户相信下载一个文件是安全的。修改:ADDREF报价:4087分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0024能接受(5接受,1 ack, 0评论)目前投票:接受(5)Ziese,墙,Foat,科尔,绿色无操作(1)Christey选民的评论:Christey >考虑添加报价:4087 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0032网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0032最终决定:阶段性裁决:20030326修改:20030319 - 01提议:20020611分配:20020116类别:科幻参考:BUGTRAQ: 20020527雅虎信使——多个漏洞参考:网址:http://online.securityfocus.com/archive/1/274223参考:CERT: ca - 2002 - 16参考:网址:http://www.cert.org/advisories/ca - 2002 - 16. - html参考:CERT-VN: VU # 172315参考:网址:http://www.kb.cert.org/vuls/id/172315参考:报价:4838参考:网址:http://www.securityfocus.com/bid/4838参考:XF: yahoo-messenger-script-injection(9184)参考:网址:http://www.iss.net/security_center/static/9184.php雅虎信使5 0 0,1064年早些时候,允许远程攻击者执行任意脚本的其他用户通过addview参数ymsgr URI。修改:ADDREF XF: yahoo-messenger-script-injection(9184)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0032能接受(5接受,2 ack, 0评论)目前投票:接受(4)贝克,墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(3)考克斯Foat, Christey选民的评论:Christey > XF: yahoo-messenger-script-injection(9184)网址:http://www.iss.net/security_center/static/9184.php弗雷希> XF: yahoo-messenger-script-injection(9184) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0033网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0033最终决定:阶段性裁决:20030326修改:20030319 - 01提议:20020611分配:20020116类别:科幻参考:BUGTRAQ: 20020505 (LSD) Solaris cachefsd远程缓冲区溢出漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0026.html参考:CERT: ca - 2002 - 11参考:网址:http://www.cert.org/advisories/ca - 2002 - 11. - html参考:确认:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309参考:CERT-VN: VU # 635811参考:网址:http://www.kb.cert.org/vuls/id/635811参考:报价:4674参考:网址:http://www.securityfocus.com/bid/4674参考:XF: solaris-cachefsd-name-bo(8999)参考:网址:http://www.iss.net/security_center/static/8999.php基于堆的缓冲区溢出在Solaris cachefsd cfsd_calloc函数允许远程攻击者通过请求与执行任意代码目录和缓存名称。修改:ADDREF XF: solaris-cachefsd-name-bo (8999) DESC“堆溢出”改为“基于堆的缓冲区溢出”分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0033能接受(6接受,3 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗弗伦奇等待修改(1)(2)考克斯Christey选民的评论:Christey >注意:这是一个不同的漏洞比- 2002 - 0084。然而,如果有不同的补丁的2个问题,然后他们可能需要合并/ CD: SF-LOC。弗雷希> XF: solaris-cachefsd-name-bo(8999) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0042网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0042最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020116类别:科幻参考:SGI: 20020402 - 01 - p参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020402-01-P参考:XF: irix-xfs-dos(8839)参考:网址:http://www.iss.net/security_center/static/8839.php参考:报价:4511参考:网址:http://www.securityfocus.com/bid/4511脆弱性在SGI XFS文件系统IRIX 6.5.12允许本地用户造成拒绝服务(挂)通过创建一个文件,由XFS处理不当。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0042能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0054网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0054最终决定:阶段性裁决:20030326修改:20030319 - 01提议:20020315分配:20020202类别:科幻参考:女士:ms02 - 011参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 011. - asp参考:报价:4205参考:网址:http://www.securityfocus.com/bid/4205参考:BUGTRAQ: 20020301 IIS SMTP邮件传送组件允许通过空会话引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101501580409373&w=2(1)微软Windows 2000和SMTP服务(2)互联网邮件连接器(IMC) Exchange服务器5.5不妥善处理反应NTLM认证,它允许远程攻击者执行邮件传送通过SMTP AUTH命令使用空会话凭证。修改:ADDREF报价:4205 ADDREF BUGTRAQ: 20020301 IIS SMTP邮件传送组件允许通过空会话DESC“SMTP AUTH”和空会话信息添加到DESC分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0054能接受(5接受,1 ack, 0评论)目前投票:接受(5)Ziese,墙,Foat,科尔,绿色无操作(1)Christey选民的评论:Christey >考虑添加报价:4205 Christey > BUGTRAQ: 20020301 IIS SMTP邮件传送组件允许通过空会话URL:http://marc.theaimsgroup.com/?l=bugtraq&m=101501580409373&w=2desc增加细节,具体问题是相关和SMTP AUTH空会话。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0061网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0061最终决定:阶段性裁决:20030326修改:20030319 - 01提议:20020611分配:20020213类别:科幻参考:BUGTRAQ: 20020321脆弱性在Apache Win32批量文件处理——远程命令执行参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101674082427358&w=2参考:BUGTRAQ: 20020325 Apache 1.3.24发布!(fwd)参考:网址:http://online.securityfocus.com/archive/1/263927参考:XF: apache-dos-batch-command-execution(8589)参考:网址:http://www.iss.net/security_center/static/8589.php参考:报价:4335参考:网址:http://www.securityfocus.com/bid/4335参考:确认:http://www.apacheweek.com/issues/02-03-29 apache1324Apache为Win32 1.3.24之前,和2.0。x 2.0.34-beta之前,允许远程攻击者通过执行任意命令shell元字符(|管道字符)作为参数提供批处理(。bat)或.cmd脚本,发送未经过滤的壳解释器,通常用于cmd . exe。修改:ADDREF确认:http://www.apacheweek.com/issues/02-03-29 apache1324分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0061能接受(6接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,绿色修改(1)考克斯等待(1)Christey选民的评论:Christey >考虑添加报价:4335 Christey > XF: apache-dos-batch-command-execution(8589)网址:http://www.iss.net/security_center/static/8589.php考克斯> ADDREF:http://www.apacheweek.com/issues/02-03-29 apache1324= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0062网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0062最终决定:阶段性裁决:20030326修改:20030319 - 02年提出:20020315分配:20020213类别:科幻参考:REDHAT: RHSA-2002:020参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 020. - html参考:DEBIAN: dsa - 113参考:网址:http://www.debian.org/security/2002/dsa - 113参考:报价:2116参考:网址:http://online.securityfocus.com/bid/2116参考:XF: gnu-ncurses-window-bo(8222)参考:网址:http://www.iss.net/security_center/static/8222.php缓冲区溢出ncurses 5.0, ncurses4兼容包在Red Hat Linux使用,允许本地用户获得特权,与“常规物理光标移动和滚动”。Modifications: ADDREF BID:2116 DESC clarify ncurses4 package ADDREF XF:gnu-ncurses-window-bo(8222) Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0062 ACCEPT (4 accept, 2 ack, 0 review) Current Votes: ACCEPT(4) Ziese, Wall, Cole, Green NOOP(3) Jones, Foat, Christey Voter Comments: Christey> BID:2116 URL:http://online.securityfocus.com/bid/2116还需要添加其他供应商报告。Christey >考虑添加报价:2116 Christey >具体状态ncurses4兼容包是红色的帽子。还说,现在的问题是在“物理光标移动和滚动的例程”由丹尼尔自己如上所述。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0067网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0067最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020315分配:20020219类别:科幻参考:BUGTRAQ: 20020221鱿鱼HTTP代理安全更新咨询2002:1参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101431040422095&w=2参考:确认:http://www.squid-cache.org/Versions/v2/2.4/bugs/参考:REDHAT: RHSA-2002:029参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 029. - html参考:BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101443252627021&w=2参考:曼德拉草:MDKSA-2002:016参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 016. - php参考:火山口:综援- 2002上海合作组织。7参考:网址:http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html参考:CONECTIVA: CLA-2002:464参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464参考:FREEBSD: FreeBSD-SA-02:12参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc参考:XF: squid-htcp-enabled(8261)参考:网址:http://www.iss.net/security_center/static/8261.php参考:报价:4150参考:网址:http://www.securityfocus.com/bid/4150鱿鱼2.4 STABLE3不恰当地禁用HTCP早些时候,即使“htcp_port 0”中指定的鱿鱼。相依,这可能允许远程攻击者绕过访问限制。修改:ADDREF BUGTRAQ: 20020221鱿鱼HTTP代理安全更新咨询2002:1 ADDREF BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼ADDREF曼德拉草:MDKSA-2002:016 CHANGEREF REDHAT(规范化)ADDREF火山口:综援- 2002上海合作组织。7 ADDREF CONECTIVA: CLA-2002:464 ADDREF FREEBSD: FreeBSD-SA-02:12 ADDREF XF: squid-htcp-enabled (8261) ADDREF报价:4150年DESC改变版本STABLE2 STABLE3分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0067能接受(6接受,4 ack, 0评论)目前投票:接受(4)Ziese,墙,科尔,绿色修改(2)考克斯,琼斯等待(2)Foat, Christey选民的评论:Christey > BUGTRAQ: 20020221鱿鱼HTTP代理安全更新咨询2002:1网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101431040422095&w=2Christey > BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼URL:http://marc.theaimsgroup.com/?l=bugtraq&m=101443252627021&w=2Christey >曼德拉草:MDKSA-2002:016 Christey >解决裁判:REDHAT: REDHAT: RHSA-2002:029琼斯>描述改为2.4 STABLE3和早些时候“乌贼”(副STABLE2)。改变描述从“…这可能允许远程攻击者绕过目的访问限制”,“……这可能允许远程攻击者访问和/或修改缓存数据”。Christey >火山口:综援- 2002上海合作组织。7网址:http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.htmlCONECTIVA: CLA-2002:464网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼URL:http://archives.neohapsis.com/archives/bugtraq/2002-02/0257.html曼德拉草:MDKSA-2002:016网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 016. - php3FREEBSD: FreeBSD-SA-02:12网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.ascXF: squid-htcp-enabled(8261)网址:http://www.iss.net/security_center/static/8261.php报价:4150网址:http://www.securityfocus.com/bid/4150考克斯>这个引用REDHAT: REDHAT: RHSA-2002:029代替REDHAT: RHSA-2002:029 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0068网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0068最终决定:阶段性裁决:20030326修改:20030319 - 02年提出:20020315分配:20020219类别:科幻参考:BUGTRAQ: 20020221鱿鱼HTTP代理安全更新咨询2002:1参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101431040422095&w=2参考:确认:http://www.squid-cache.org/Versions/v2/2.4/bugs/参考:BUGTRAQ: 20020222鱿鱼缓冲区溢位参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101440163111826&w=2参考:REDHAT: RHSA-2002:029参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 029. - html参考:BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101443252627021&w=2参考:曼德拉草:MDKSA-2002:016参考:火山口:综援- 2002 - 010.0参考:网址:http://www.caldera.com/support/security/advisories/cssa - 2002 010.0.txt参考:火山口:综援- 2002上海合作组织。7参考:网址:http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html参考:CONECTIVA: CLA-2002:464参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464参考:SUSE: SuSE-SA: 2002:008参考:网址:http://www.suse.com/de/support/security/2002_008_squid_txt.html参考:FREEBSD: FreeBSD-SA-02:12参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc参考:报价:4148参考:网址:http://www.securityfocus.com/bid/4148参考:XF: squid-ftpbuildtitleurl-bo(8258)参考:网址:http://www.iss.net/security_center/static/8258.php鱿鱼2.4 STABLE3早些时候,允许远程攻击者造成拒绝服务(核心转储)和可能执行任意代码与一个ftp:// URL更多的特殊字符,超过缓冲区当鱿鱼URL-escapes字符。修改:ADDREF BUGTRAQ: 20020221鱿鱼HTTP代理安全更新咨询2002:1 ADDREF BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼ADDREF曼德拉草:MDKSA-2002:016 CHANGEREF REDHAT(规范化)ADDREF火山口:综援- 2002 - 010.0 ADDREF火山口:综援- 2002上海合作组织。7 ADDREF CONECTIVA: CLA-2002:464 ADDREF SUSE: SuSE-SA: 2002:008 ADDREF BUGTRAQ: 20020222鱿鱼缓冲区溢出ADDREF FREEBSD: FreeBSD-SA-02:12 ADDREF报价:4148 ADDREF XF: squid-ftpbuildtitleurl-bo (8258) DESC添加问题发生在逃避处理分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0068能接受(6接受,5 ack, 0评论)目前投票:接受(4)Ziese,墙,科尔,绿色修改(2)考克斯,琼斯等待(2)Foat, Christey选民的评论:Christey > BUGTRAQ: 20020221鱿鱼HTTP代理安全更新咨询2002:1网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101431040422095&w=2Christey > BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼URL:http://marc.theaimsgroup.com/?l=bugtraq&m=101443252627021&w=2Christey >曼德拉草:MDKSA-2002:016 Christey >解决裁判:REDHAT: REDHAT: RHSA-2002:029琼斯>下降“畸形”的描述;FTP URL以合理合法的用户id和密码可能导致崩溃。添加足够的细节来区分此漏洞(即。,缺陷验证FTP URL处理)。参考:BUGTRAQ: 20020222 -乌贼缓冲区溢出。建议:“鱿鱼2.4 STABLE3早些时候,包含一个缺陷在处理验证FTP url (FTP url userID和密码),允许远程攻击者造成拒绝服务(核心转储)和可能通过ftp:// url执行任意代码。”Christey> fix typo: "possible" should be "possibly" CALDERA:CSSA-2002-010.0 URL:http://www.caldera.com/support/security/advisories/cssa - 2002 010.0.txt火山:综援- 2002上海合作组织。7网址:http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.htmlCONECTIVA: CLA-2002:464网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464SUSE: SuSE-SA: 2002:008 URL:http://www.suse.com/de/support/security/2002_008_squid_txt.htmlBUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼URL:http://archives.neohapsis.com/archives/bugtraq/2002-02/0257.html曼德拉草:MDKSA-2002:016网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 016. - php3BUGTRAQ: 20020222鱿鱼缓冲区溢出URL:http://marc.theaimsgroup.com/?l=bugtraq&m=101440163111826&w=2FREEBSD: FreeBSD-SA-02:12网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc报价:4148网址:http://www.securityfocus.com/bid/4148XF: squid-ftpbuildtitleurl-bo(8258)网址:http://www.iss.net/security_center/static/8258.php考克斯>这个引用REDHAT: REDHAT: RHSA-2002:029代替REDHAT: RHSA-2002:029 Christey >有关更多信息,请参见Bugtraq帖子…这个问题不是一个畸形的URL,它的字符串URL-escaped时超过缓冲区的大小。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0069网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0069最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020315分配:20020219类别:科幻参考:确认:http://www.squid-cache.org/Versions/v2/2.4/bugs/参考:REDHAT: RHSA-2002:029参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 029. - html参考:BUGTRAQ: 20020221鱿鱼HTTP代理安全更新咨询2002:1参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101431040422095&w=2参考:BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101443252627021&w=2参考:曼德拉草:MDKSA-2002:016参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 016. - php参考:火山口:综援- 2002上海合作组织。7参考:网址:http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html参考:CONECTIVA: CLA-2002:464参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464参考:FREEBSD: FreeBSD-SA-02:12参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc参考:XF: squid-snmp-dos(8260)参考:网址:http://www.iss.net/security_center/static/8260.php参考:报价:4146参考:网址:http://www.securityfocus.com/bid/4146内存泄漏在早些时候在鱿鱼2.4 STABLE3和SNMP允许远程攻击者造成拒绝服务。修改:DESC改变STABLE2 STABLE3 ADDREF BUGTRAQ: 20020221鱿鱼HTTP代理安全更新咨询2002:1 ADDREF BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼ADDREF曼德拉草:MDKSA-2002:016 CHANGEREF REDHAT(规范化)ADDREF火山口:综援- 2002上海合作组织。7 ADDREF CONECTIVA: CLA-2002:464 ADDREF FREEBSD: FreeBSD-SA-02:12 ADDREF XF: squid-snmp-dos (8260) ADDREF报价:4146分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0069能接受(6接受,4 ack, 0评论)目前投票:接受(4)Ziese,墙,科尔,绿色修改(2)考克斯,琼斯等待(2)Foat, Christey选民的评论:Christey > BUGTRAQ: 20020221鱿鱼HTTP代理安全更新咨询2002:1网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101431040422095&w=2需要添加版本号来描述(2.4)Christey > BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼URL:http://marc.theaimsgroup.com/?l=bugtraq&m=101443252627021&w=2Christey >曼德拉草:MDKSA-2002:016 Christey >解决裁判:REDHAT: REDHAT: RHSA-2002:029琼斯>添加版本信息描述(2002 - 0068):2.4 STABLE3和鱿鱼。Christey >火山口:综援- 2002上海合作组织。7网址:http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.htmlCONECTIVA: CLA-2002:464网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464BUGTRAQ: 20020222 tslsa - 2002 - 0031 -鱿鱼URL:http://archives.neohapsis.com/archives/bugtraq/2002-02/0257.html曼德拉草:MDKSA-2002:016网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 016. - php3FREEBSD: FreeBSD-SA-02:12网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.ascXF: squid-snmp-dos(8260)网址:http://www.iss.net/security_center/static/8260.php报价:4146网址:http://www.securityfocus.com/bid/4146考克斯>这个引用REDHAT: REDHAT: RHSA-2002:029代替REDHAT: RHSA-2002:029 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0071网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0071最终决定:阶段性裁决:20030326修改:20030319 - 03提议:20020502分配:20020221类别:科幻参考:ATSTAKE: A041002-1参考:网址:http://www.atstake.com/research/advisories/2002/a041002 - 1. - txt毕马威参考:BUGTRAQ: 20020411 - 2002010: Microsoft IIS .htr ISAPI缓冲区溢出参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101854087828265&w=2参考:VULNWATCH: 20020411 [VULNWATCH]毕马威- 2002010:Microsoft IIS .htr ISAPI缓冲区溢出参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:CERT-VN: VU # 363715参考:网址:http://www.kb.cert.org/vuls/id/363715参考:XF: iis-htr-isapi-bo(8799)参考:网址:http://www.iss.net/security_center/static/8799.php参考:报价:4474参考:网址:http://www.securityfocus.com/bid/4474在ism缓冲区溢出。dll实现HTR ISAPI扩展脚本在互联网信息服务器(IIS) 4.0和5.0允许攻击者造成拒绝服务或执行任意代码通过HTR请求长变量名。修改:ADDREF思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018 ADDREF XF: iis-htr-isapi-bo (8799) ADDREF报价:4474 ADDREF CERT-VN: VU # 363715分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0071能接受(6接受,4 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)考克斯Christey选民的评论:Christey >思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.弗雷希> XF: iis-htr-isapi-bo(8799) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0072网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0072最终决定:阶段性裁决:20030326修改:20030319 - 01提议:20020502分配:20020221类别:科幻参考:BUGTRAQ:毕马威20020411 - 2002009:Microsoft IIS W3SVC拒绝服务引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101853851025208&w=2参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:CERT-VN: VU # 521059参考:网址:http://www.kb.cert.org/vuls/id/521059参考:XF: iis-isapi-filter-error-dos(8800)参考:网址:http://www.iss.net/security_center/static/8800.php参考:报价:4479参考:网址:http://www.securityfocus.com/bid/4479w3svc。dll ISAPI过滤器在头版服务器扩展和ASP。净的Internet Information Server (IIS) 4.0, 5.0,和5.1不妥善处理错误条件提供了一个长URL时,它允许远程攻击者造成拒绝服务(崩溃)当URL解析器访问空指针。修改:ADDREF思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018 ADDREF CERT-VN: VU # 521059 ADDREF XF: iis-isapi-filter-error-dos (8800) ADDREF报价:4479分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0072能接受(6接受,4 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)考克斯Christey选民的评论:Christey >思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.Christey > CERT-VN: VU # 521059网址:http://www.kb.cert.org/vuls/id/521059XF: iis-isapi-filter-error-dos(8800)网址:http://www.iss.net/security_center/static/8800.php报价:4479网址:http://www.securityfocus.com/bid/4479弗雷希> XF: iis-isapi-filter-error-dos(8800) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0073网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0073最终决定:阶段性裁决:20030326修改:20030319 - 02年提出:20020502分配:20020221类别:科幻参考:VULNWATCH: 20020416 (VULNWATCH)微软FTP服务统计Globbing DoS参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html参考:BUGTRAQ: 20020417微软FTP服务统计Globbing DoS参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101901273810598&w=2参考:MISC:http://www.digitaloffense.net/msftpd/advisory.txt参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:XF: iis-ftp-session-status-dos(8801)参考:网址:http://www.iss.net/security_center/static/8801.phpFTP服务的Internet Information Server (IIS) 4.0, 5.0和5.1允许攻击者已经建立了一个FTP会话造成拒绝服务通过精雕细琢状态请求包含水珠字符。修改:ADDREF思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018 ADDREF VULNWATCH: 20020416 (VULNWATCH)微软FTP服务统计Globbing DoS ADDREF XF: iis-ftp-session-status-dos (8801) DESC添加细节给出VULNWATCH邮政ADDREF BUGTRAQ: 20020417微软FTP服务统计Globbing DoS ADDREF MISC:http://www.digitaloffense.net/msftpd/advisory.txt分析- - - - - - - - - -供应商确认:是的咨询准确性:Microsft确认通过电子邮件中描述的问题,这是VulnWatch邮报4月16日2002年。推断行动:- 2002 - 0073能接受(6接受,3 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)考克斯Christey选民的评论:Christey >思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.Christey >是这样可能有关:VULNWATCH: 20020416 (VULNWATCH)微软FTP服务统计Globbing DoS URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html弗伦奇> Christey >是的,女士证实了XF: iis-ftp-session-status-dos(8801) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0074网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0074最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020221类别:科幻参考:BUGTRAQ: 20020410 Cgisecurity咨询# 9:Novell上网,和Microsoft IIS XSS问题参考:网址:http://online.securityfocus.com/archive/1/266888参考:MISC:http://www.cgisecurity.com/advisory/9.txt参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:CERT-VN: VU # 883091参考:网址:http://www.kb.cert.org/vuls/id/883091参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:XF: iis-help-file-css(8802)参考:网址:http://www.iss.net/security_center/static/8802.php参考:报价:4483参考:网址:http://www.securityfocus.com/bid/4483跨站点脚本漏洞帮助文件搜索工具的Internet Information Server (IIS) 4.0, 5.0和5.1允许远程攻击者脚本嵌入到另一个用户的会话。修改:ADDREF MISC:http://www.cgisecurity.com/advisory/9.txtADDREF BUGTRAQ: 20020410 Cgisecurity咨询# 9:Novell上网,和Microsoft IIS XSS问题ADDREF CERT-VN: VU # 883091 ADDREF思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018 ADDREF XF: iis-help-file-css (8802) ADDREF报价:4483分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0074能接受(6接受,4 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)考克斯Christey选民的评论:Christey > MISC:http://www.cgisecurity.com/advisory/9.txtBUGTRAQ: 20020410 Cgisecurity咨询# 9:Novell上网,和Microsoft IIS URL XSS问题:http://online.securityfocus.com/archive/1/266888CERT-VN: VU # 883091网址:http://www.kb.cert.org/vuls/id/883091思科Christey >: 20020415微软在思科产品——ms02 IIS漏洞- 018网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.弗雷希> XF: iis-help-file-css(8802) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0075网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0075最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020221类别:科幻参考:BUGTRAQ: 20020411 (SNS咨询No.49)可能性的互联网信息服务器/服务跨站脚本参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101854677802990&w=2参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:CERT-VN: VU # 520707参考:网址:http://www.kb.cert.org/vuls/id/520707参考:XF: iis-redirected-url-error-css(8804)参考:网址:http://www.iss.net/security_center/static/8804.php参考:报价:4487参考:网址:http://www.securityfocus.com/bid/4487跨站点脚本漏洞Internet Information Server (IIS) 4.0、5.0和5.1允许远程攻击者执行任意脚本和其他网络用户通过一个URL中使用的错误消息重定向(302年”“对象”)移动消息。修改:ADDREF思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018 ADDREF XF: iis-redirected-url-error-css (8804) ADDREF CERT-VN: VU # 520707 ADDREF报价:4487分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0075能接受(6接受,4 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)考克斯Christey选民的评论:Christey >思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.弗雷希> XF: iis-redirected-url-error-css(8804) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0076网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0076最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020221类别:科幻参考:女士:ms02 - 013参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 013. - asp参考:太阳:00218参考:网址:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218参考:康柏:SSRT0822参考:报价:4313参考:XF: java-vm-verifier-variant(8480)参考:网址:http://www.iss.net/security_center/static/8480.phpJava运行时环境(JRE)字节码校验器允许远程攻击者逃避Java沙箱和执行命令通过一个小应用程序,其中包含一个非法操作,如(1)微软虚拟机建立3802年早些时候,用于Internet Explorer 4。x和5。x, (2) Netscape 6.2.1和早些时候,并可能使用脆弱的JDK版本的SDK或其他实现,即“虚拟机验证器”的一种变体的弱点。修改:ADDREF报价:4313 ADDREF康柏:SSRT0822 ADDREF XF: java-vm-verifier-variant(8480)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0076能接受(5接受,3 ack, 0评论)目前投票:接受(4)墙,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(3)考克斯Foat, Christey选民的评论:Christey >考虑添加报价:4313 Christey > ADDREF康柏:SSRT0822 Christey >康柏:SSRT0822弗雷希> XF: java-vm-verifier-variant(8480) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0079网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0079最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020221类别:科幻参考:BUGTRAQ: 20020410 Windows 2000和NT4 IIS asp远程缓冲区溢出参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101846993304518&w=2参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:CERT-VN: VU # 610291参考:网址:http://www.kb.cert.org/vuls/id/610291参考:XF: iis-asp-chunked-encoding-bo(8795)参考:网址:http://www.iss.net/security_center/static/8795.php参考:报价:4485参考:网址:http://www.securityfocus.com/bid/4485缓冲区溢出分块编码传输机制的Internet Information Server (IIS) 4.0和5.0活动服务器页面允许攻击者造成拒绝服务或执行任意代码。修改:ADDREF思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018 ADDREF CERT-VN: VU # 610291 ADDREF报价:4485 ADDREF XF: iis-asp-chunked-encoding-bo(8795)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0079能接受(6接受,4 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)考克斯Christey选民的评论:Christey >思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.Christey > XF: iis-asp-chunked-encoding-bo(8795)网址:http://www.iss.net/security_center/static/8795.php报价:4485网址:http://www.securityfocus.com/bid/4485CERT-VN: VU # 610291网址:http://www.kb.cert.org/vuls/id/610291弗雷希> XF: iis-asp-chunked-encoding-bo(8795) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0094网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0094最终决定:阶段性裁决:20030326修改:建议:20020315分配:20020315类别:科幻参考:BUGTRAQ: 20020102 BSCW:漏洞和问题参考:网址:http://www.securityfocus.com/archive/1/248000参考:MISC:http://bscw.gmd.de/WhatsNew.html参考:报价:3776参考:网址:http://www.securityfocus.com/bid/3776参考:XF: bscw-remote-shell-execution(7774)参考:网址:http://www.iss.net/security_center/static/7774.phpconfig_converters。py BSCW(基本支持合作)3。x和之前版本4.06允许远程攻击者通过执行任意命令shell元字符的文件名在文件名转换。分析- - - - - - - - - -供应商确认:未知的模糊的承认:2001年12月21日进入供应商的“新”页面上州”新版本修复了几个bug和安全问题,“但这是太模糊,无法确定供应商已经固定的* *问题。推断行动:- 2002 - 0094能接受(3接受0 ack, 0评论)目前投票:接受(3)抑郁症,科尔,绿色无操作(3)Ziese,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0095网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0095最终决定:阶段性裁决:20030326修改:建议:20020315分配:20020315类别:科幻参考:BUGTRAQ: 20020102 BSCW:漏洞和问题参考:网址:http://www.securityfocus.com/archive/1/248000参考:报价:3777参考:网址:http://www.securityfocus.com/bid/3777参考:XF: bscw-default-installation-registration(7775)参考:网址:http://www.iss.net/security_center/static/7775.php的默认配置BSCW(基本支持合作)3。x和可能版本4允许用户自注册,这可能允许远程攻击者上传文件并可能加入用户社区,旨在被关闭。分析- - - - - - - - - -供应商确认:未知的模糊的承认:2001年12月21日进入供应商的“新”页面上州”新版本修复了几个bug和安全问题,“但这是太模糊,无法确定供应商已经固定的* *问题。推断行动:- 2002 - 0095能接受(3接受0 ack, 0评论)目前投票:接受(3)抑郁症,科尔,绿色无操作(3)Ziese,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0120网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0120最终决定:阶段性裁决:20030326修改:建议:20020315分配:20020315类别:科幻参考:BUGTRAQ: 20020112 Palm桌面为Mac OS X 4.0 b75 " - 77参考:网址:http://online.securityfocus.com/archive/1/250093参考:报价:3863参考:网址:http://online.securityfocus.com/bid/3863参考:XF: palm-macos-backup-permissions(7937)参考:网址:http://www.iss.net/security_center/static/7937.php苹果Palm桌面4.0 b75 "和4.0 b77创建全局备份文件和文件夹的使用执行同步,这将允许本地用户获取敏感信息。分析- - - - - - - - - -供应商确认:未知的行动:- 2002 - 0120能接受(3接受0 ack, 0评论)目前投票:接受(3)抑郁症,Foat,绿色无操作(2)墙,科尔= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0123网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0123最终决定:阶段性裁决:20030326修改:建议:20020315分配:20020315类别:科幻参考:BUGTRAQ: 20020114 Web服务器4 d /电子商务3.5.3 DoS脆弱性参考:网址:http://online.securityfocus.com/archive/1/250242参考:报价:3874参考:网址:http://online.securityfocus.com/bid/3874参考:XF: ws4d-long-url-dos(7879)参考:网址:http://www.iss.net/security_center/static/7879.php目标计算机服务的Web服务器4 d WS4D /电子商务3.0和更早,甚至3.5.3,允许远程攻击者可能导致拒绝服务和执行任意命令通过一个HTTP请求。分析- - - - - - - - - -供应商确认:是的领域相符确认:3/11/2002查询发送到support@mdg.com。响应收到3/12/2002国家”这个漏洞不是3.5.3,而是version 3.0或更早。这是前一段时间。”So, it is not entirely clear whether the discloser correctly reported the version, or if the problem was re-introduced, or appears in a slightly different distribution. INFERRED ACTION: CAN-2002-0123 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Frech, Cole, Green NOOP(4) Ziese, Balinsky, Wall, Foat Voter Comments: Green> website is very vague regarding vulnerabilities, but the upgrade message is clear enough. ====================================================== Candidate: CAN-2002-0146 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0146最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020611分配:20020318类别:科幻参考:REDHAT: RHSA-2002:047参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 047. - html参考:火山口:综援- 2002 - 027.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 027.0.txt参考:惠普:hpsbtl0205 - 042参考:网址:http://online.securityfocus.com/advisories/4145参考:曼德拉草:MDKSA-2002:036参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 036. - php参考:报价:4788参考:网址:http://www.securityfocus.com/bid/4788参考:XF: fetchmail-imap-msgnum-bo(9133)参考:网址:http://www.iss.net/security_center/static/9133.phpfetchmail 5.9.10之前电子邮件客户端没有正确限制可用信息的最大数量,它允许远程IMAP服务器覆盖内存通过消息计数超过数组的边界。修改:ADDREF火山口:综援- 2002 - 027.0 ADDREF惠普:hpsbtl0205 - 042 ADDREF曼德拉草:MDKSA-2002:036 ADDREF报价:4788 ADDREF XF: fetchmail-imap-msgnum-bo(9133)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0146能接受(6接受,3 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(2)Christey, Foat选民的评论:Christey >火山口:综援- 2002 - 027.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 027.0.txt惠普:hpsbtl0205 - 042网址:http://online.securityfocus.com/advisories/4145曼德拉草:MDKSA-2002:036网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 036. - php报价:4788网址:http://www.securityfocus.com/bid/4788XF: fetchmail-imap-msgnum-bo(9133)网址:http://www.iss.net/security_center/static/9133.php弗雷希> XF: fetchmail-imap-msgnum-bo(9133) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0147网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0147最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020319类别:科幻参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:CERT-VN: VU # 669779参考:网址:http://www.kb.cert.org/vuls/id/669779参考:报价:4490参考:网址:http://www.securityfocus.com/bid/4490参考:XF: iis-asp-data-transfer-bo(8796)参考:网址:http://www.iss.net/security_center/static/8796.php缓冲区溢出的ASP数据传输机制在Internet Information Server (IIS) 4.0, 5.0,和5.1允许远程攻击者造成拒绝服务或执行代码,又名“Microsoft-discovered分块编码缓冲区溢出”的变体。Modifications: ADDREF CISCO:20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018 ADDREF CERT-VN:VU#669779 ADDREF BID:4490 ADDREF XF:iis-asp-data-transfer-bo(8796) Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0147 ACCEPT (6 accept, 4 ack, 0 review) Current Votes: ACCEPT(5) Wall, Foat, Cole, Armstrong, Green MODIFY(1) Frech NOOP(2) Christey, Cox Voter Comments: Christey> CISCO:20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018 URL:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.Christey > CERT-VN: VU # 669779网址:http://www.kb.cert.org/vuls/id/669779报价:4490网址:http://www.securityfocus.com/bid/4490弗雷希> XF: iis-asp-data-transfer-bo(8796) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0148网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0148最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020319类别:科幻参考:BUGTRAQ: 20020410 IIS允许通用CrossSiteScripting参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:XF: iis-http-error-page-css(8803)参考:网址:http://www.iss.net/security_center/static/8803.php参考:CERT-VN: VU # 886699参考:网址:http://www.kb.cert.org/vuls/id/886699参考:报价:4486参考:网址:http://www.securityfocus.com/bid/4486跨站点脚本漏洞在Internet Information Server (IIS) 4.0, 5.0和5.1允许远程攻击者执行任意脚本和其他用户通过HTTP错误页面。修改:ADDREF思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018 ADDREF XF: iis-http-error-page-css (8803) ADDREF CERT-VN: VU # 886699 ADDREF报价:4486分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0148能接受(6接受,4 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)Christey,考克斯选民的评论:Christey >思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.弗雷希> XF: iis-http-error-page-css(8803) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0149网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0149最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020319类别:科幻参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:CERT-VN: VU # 721963参考:网址:http://www.kb.cert.org/vuls/id/721963参考:XF: iis-ssi-safety-check-bo(8798)参考:网址:http://www.iss.net/security_center/static/8798.php参考:报价:4478参考:网址:http://www.securityfocus.com/bid/4478缓冲区溢出在ASP服务器端函数包含在IIS 4.0, 5.0和5.1允许远程攻击者造成拒绝服务并通过长文件名可能执行任意代码。修改:ADDREF思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018 ADDREF XF: iis-ssi-safety-check-bo (8798) ADDREF CERT-VN: VU # 721963 ADDREF报价:4478分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0149能接受(6接受,4 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)Christey,考克斯选民的评论:Christey >思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.弗雷希> XF: iis-ssi-safety-check-bo(8798) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0150网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0150最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020319类别:科幻参考:女士:ms02 - 018参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 018. - asp参考:CERT: ca - 2002 - 09年参考:网址:http://www.cert.org/advisories/ca - 2002 - 09. - html参考:思科:20020415微软IIS漏洞在思科产品- ms02 - 018参考:网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.参考:CERT-VN: VU # 454091参考:网址:http://www.kb.cert.org/vuls/id/454091参考:XF: iis-asp-http-header-bo(8797)参考:网址:http://www.iss.net/security_center/static/8797.php参考:报价:4476参考:网址:http://www.securityfocus.com/bid/4476缓冲区溢出的Internet Information Server (IIS) 4.0, 5.0和5.1允许远程攻击者恶搞的安全检查HTTP header和引起拒绝服务或通过HTTP报头字段值执行任意代码。修改:ADDREF思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018 ADDREF XF: iis-asp-http-header-bo (8797) ADDREF CERT-VN: VU # 454091分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0150能接受(6接受,4 ack, 0评论)目前投票:接受(5)墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(2)Christey,考克斯选民的评论:Christey >思科:20020415 Microsoft IIS漏洞在思科产品- ms02 - 018网址:http://www.cisco.com/warp/public/707/microsoft - iis漏洞ms02 shtml——018.弗雷希> XF: iis-asp-http-header-bo(8797) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0155网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0155最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020611分配:20020319类别:科幻参考:BUGTRAQ: 20020508咨询:MSN Messenger OCX缓冲区溢位参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102089960531919&w=2参考:VULNWATCH: 20020508 (VULNWATCH)咨询:MSN Messenger OCX缓冲区溢位参考:女士:ms02 - 022参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 022. - asp参考:CERT: ca - 2002 - 13参考:网址:http://www.cert.org/advisories/ca - 2002 - 13. - html参考:XF: msn-chatcontrol-resdll-bo(9041)参考:网址:http://www.iss.net/security_center/static/9041.php参考:报价:4707参考:网址:http://www.securityfocus.com/bid/4707缓冲区溢出在微软MSN聊天ActiveX控件,用于MSN Messenger 4.5和4.6,4.5和4.6交易即时通讯,允许远程攻击者执行任意代码通过一个长MSNChat OCX ResDLL参数。修改:ADDREF XF: msn-chatcontrol-resdll-bo (9041) ADDREF报价:4707分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0155能接受(6接受,2 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗弗伦奇等待修改(1)(2)Christey,考克斯选民的评论:Christey > XF: msn-chatcontrol-resdll-bo(9041)网址:http://www.iss.net/security_center/static/9041.php报价:4707网址:http://www.securityfocus.com/bid/4707弗雷希> XF: msn-chatcontrol-resdll-bo(9041) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0157网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0157最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020325类别:科幻参考:BUGTRAQ: 20020502 r7 - 0003:鹦鹉螺符号链接漏洞参考:网址:http://online.securityfocus.com/archive/1/270691/2002-04-29/2002-05-05/0参考:REDHAT: RHSA-2002:064参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 064. - html参考:XF: nautilus-metafile-xml-symlink(8995)参考:网址:http://www.iss.net/security_center/static/8995.php参考:报价:4373参考:网址:http://www.securityfocus.com/bid/4373鹦鹉螺的1.0.4早些时候,允许本地用户覆盖通过符号链接攻击.nautilus-metafile任意文件。xml元数据文件。修改:ADDREF XF: nautilus-metafile-xml-symlink(8995)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0157能接受(6接受,1 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(1)Foat选民的评论:弗雷希> XF: nautilus-metafile-xml-symlink(8995) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0163网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0163最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020328类别:科幻参考:确认:http://www.squid cache.org/advisories/squid - 2002 _2.txt参考:FREEBSD: FreeBSD-SA-02:19参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:19.squid.asc参考:曼德拉草:MDKSA-2002:027参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 027. - php参考:BUGTRAQ: 20020326更新的鱿鱼咨询参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101716495023226&w=2参考:火山口:综援- 2002 - 017.1参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 017.1.txt参考:火山口:综援- 2002上海合作组织。26日参考:REDHAT: RHSA-2002:051参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 051. - html参考:报价:4363参考:网址:http://www.securityfocus.com/bid/4363参考:XF: squid-dns-reply-dos(8628)参考:网址:http://www.iss.net/security_center/static/8628.php2.4 STABLE4之前基于堆的缓冲区溢出的鱿鱼,鱿鱼2.5和2.6,直到3月12日,2002年发行版,允许远程攻击者引起拒绝服务,并可能执行任意代码,通过压缩DNS的反应。修改:ADDREF报价:4363 ADDREF XF: squid-dns-reply-dos (8628) ADDREF BUGTRAQ: 20020326更新鱿鱼咨询ADDREF火山口:综援- 2002 - 017.0 ADDREF FREEBSD: FreeBSD-SA-02:19 ADDREF火山口:综援- 2002上海合作组织。26 ADDREF REDHAT: RHSA-2002:051 DESC“堆溢出”改为“基于堆的缓冲区溢出”分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0163能接受(5接受,4 ack, 0评论)目前投票:接受(4)考克斯科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(3)Christey,墙,Foat选民的评论:Christey >报价:4363网址:http://www.securityfocus.com/bid/4363XF: squid-dns-reply-dos(8628)网址:http://www.iss.net/security_center/static/8628.phpBUGTRAQ: 20020326更新鱿鱼咨询网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101716495023226&w=2火山:综援- 2002 - 017.0曼德拉草:MDKSA-2002:027 FREEBSD: FreeBSD-SA-02:19 Christey >火山口:综援- 2002 - 017.1网址:http://www.caldera.com/support/security/advisories/cssa - 2002 017.1.txt报价:4363网址:http://www.securityfocus.com/bid/4363Christey >火山口:综援- 2002上海合作组织。26 Christey > REDHAT: RHSA-2002:051(每马克Cox)弗雷希> XF: squid-dns-reply-dos(8628) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0169网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0169最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020611分配:20020411类别:CF参考:REDHAT: RHSA-2002:062参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 062. - html参考:惠普:hpsbtl0205 - 038参考:网址:http://online.securityfocus.com/advisories/4095参考:XF: linux-docbook-stylesheet-insecure(8983)参考:网址:http://www.iss.net/security_center/static/8983.php参考:报价:4654参考:网址:http://online.securityfocus.com/bid/4654DocBook的默认样式表在Red Hat Linux 6.2到7.2安装启用了一个不安全的选项,这将允许用户覆盖文件在当前目录从一个不可信的文档使用完整路径名作为元素标识符。修改:ADDREF惠普:hpsbtl0205 - 038 ADDREF XF: linux-docbook-stylesheet-insecure (8983) ADDREF报价:4654分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0169能接受(6接受,2 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(1)Foat选民的评论:弗雷希> XF: linux-docbook-stylesheet-insecure(8983) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0170网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0170最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020411类别:科幻参考:BUGTRAQ: 20020301 (matt@zope.com: [Zope-Annce] Zope热修复补丁2002-03-01(所有权角色执行)]参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101503023511996&w=2参考:确认:http://www.zope.org/Products/Zope/hotfixes/参考:REDHAT: RHSA-2002:060参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 060. - html参考:XF: zope-proxy-role-privileges(8334)参考:网址:http://www.iss.net/security_center/static/8334.php参考:报价:4229参考:网址:http://www.securityfocus.com/bid/4229Zope 2.2.0通过2.5.1不正确验证对象的访问代理的角色,这将允许一些用户访问文件违反计划配置。修改:ADDREF红帽:RHSA-2002:060 ADDREF XF: zope-proxy-role-privileges (8334) ADDREF报价:4229分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0170能接受(5接受,2 ack, 0评论)目前投票:接受(4)考克斯科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(3)Christey,墙,Foat选民的评论:弗雷希> XF: zope-proxy-role-privileges (8334) Christey > REDHAT: RHSA-2002:060 URL:http://www.redhat.com/support/errata/rhsa - 2002 - 060. - html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0171网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0171最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020411类别:科幻参考:SGI: 20020406 - 01 - p参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020406-01-P参考:XF: irix-irisconsole-icadmin-access(8933)参考:网址:http://www.iss.net/security_center/static/8933.php参考:报价:4588参考:网址:http://www.securityfocus.com/bid/4588IRISconsole 2.0可能允许用户登录到icadmin账户的口令不正确在某些情况下,这可能允许用户获得特权。修改:ADDREF XF: irix-irisconsole-icadmin-access (8933) ADDREF报价:4588分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0171能接受(4接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: irix-irisconsole-icadmin-access(8933) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0172网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0172最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020411类别:CF参考:SGI: 20020408 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020408-01-I参考:XF: irix-ipfilter-dos(8960)参考:网址:http://www.iss.net/security_center/static/8960.php参考:报价:4648参考:网址:http://online.securityfocus.com/bid/4648/dev/MAKEDEV /dev/ipfilter SGI IRIX 6.5安装的不安全的默认权限(644),这可能允许本地用户造成拒绝服务(交通中断)。修改:ADDREF XF: irix-ipfilter-dos (8960) ADDREF报价:4648分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0172能接受(4接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(4)Christey,考克斯墙,Foat选民的评论:Christey >报价:4648网址:http://online.securityfocus.com/bid/4648弗雷希> XF: irix-ipfilter-dos(8960) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0173网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0173最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020411类别:科幻参考:SGI: 20020409 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020409-01-I参考:报价:4644参考:网址:http://www.securityfocus.com/bid/4644参考:XF: irix-cpr-bo(8959)参考:网址:http://www.iss.net/security_center/static/8959.php缓冲区溢出eoe.sw在心肺复苏。cpr SGI检查点再启动软件包在SGI IRIX 6.5.10早些时候,可能允许本地用户获得根权限。修改:ADDREF报价:4644 ADDREF XF: irix-cpr-bo(8959)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0173能接受(4接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(4)Christey,考克斯墙,Foat选民的评论:Christey >报价:4644网址:http://www.securityfocus.com/bid/4644弗雷希> XF: irix-cpr-bo(8959) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0174网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0174最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020611分配:20020411类别:科幻参考:SGI: 20020501 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020501-01-I参考:XF: irix-nsd-symlink(8981)参考:网址:http://www.iss.net/security_center/static/8981.php参考:报价:4655参考:网址:http://www.securityfocus.com/bid/4655nsd在SGI IRIX 6.5.11允许本地用户覆盖任意文件并获得通过一个符号链接攻击nsd root特权。转储文件。修改:ADDREF XF: irix-nsd-symlink (8981) ADDREF报价:4655分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0174能接受(4接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: irix-nsd-symlink(8981) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0178网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0178最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020611分配:20020417类别:科幻参考:MISC:http://www.aerasec.de/security/index.html?id=ae - 200204 - 033 - &lang=en参考:REDHAT: RHSA-2002:065参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 065. - html参考:惠普:hpsbtl0205 - 040参考:网址:http://online.securityfocus.com/advisories/4132参考:曼德拉草:MDKSA-2002:052参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 052. - php参考:XF: sharutils-uudecode-symlink(9075)参考:网址:http://www.iss.net/security_center/static/9075.php参考:报价:4742参考:网址:http://www.securityfocus.com/bid/4742参考:BUGTRAQ: 20021030 GLSA: sharutils参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=103599320902432&w=2参考:CERT-VN: VU # 336083参考:网址:http://www.kb.cert.org/vuls/id/336083参考:火山口:综援- 2002 - 040.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 040.0.txt参考:康柏:SSRT2301 uudecode,可用sharutils包4.2.1,准备之前不检查文件名是否uudecoded管道或符号链接文件,这可能允许攻击者覆盖文件或执行命令。修改:ADDREF惠普:hpsbtl0205 - 040 ADDREF曼德拉草:MDKSA-2002:052 ADDREF XF: sharutils-uudecode-symlink (9075) ADDREF报价:4742 ADDREF MISC:http://www.aerasec.de/security/index.html?id=ae - 200204 - 033 - &lang=enADDREF BUGTRAQ: 20021030 GLSA: sharutils ADDREF CERT-VN: VU # 336083 ADDREF火山口:综援- 2002 - 040.0 ADDREF康柏:SSRT2301分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0178能接受(6接受,5 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,绿色修改(1)考克斯等待(1)Christey选民的评论:考克斯> ADDREF:http://www.aerasec.de/security/index.html?id=ae - 200204 - 033 - &lang=enChristey >惠普:hpsbtl0205 - 040网址:http://online.securityfocus.com/advisories/4132XF: sharutils-uudecode-symlink(9075)网址:http://www.iss.net/security_center/static/9075.php报价:4742网址:http://www.securityfocus.com/bid/4742Christey >曼德拉草:MDKSA-2002:052 Christey > BUGTRAQ: 20021030 GLSA: sharutils URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103599320902432&w=2CERT-VN: VU # 336083网址:http://www.kb.cert.org/vuls/id/336083Christey >火山口:综援- 2002 - 040.0 Christey >康柏:SSRT2301 CERT-VN: VU # 336083网址:http://www.kb.cert.org/vuls/id/336083= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0181网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0181最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020502分配:20020417类别:科幻参考:BUGTRAQ: 20020406 IMP 2.2.8(安全)公布的参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101828033830744&w=2参考:DEBIAN: dsa - 126参考:网址:http://www.debian.org/security/2002/dsa - 126参考:火山口:综援- 2002 - 016.1参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2002 016.1.txt参考:CONECTIVA: CLA-2001:473参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000473参考:MISC:http://bugs.horde.org/show_bug.cgi?id=916参考:XF: imp-status-php3-css(8769)参考:网址:http://www.iss.net/security_center/static/8769.php参考:报价:4444参考:网址:http://www.securityfocus.com/bid/4444跨站点脚本漏洞的地位。php3 IMP 2.2.8和部落1.2.7允许远程攻击者编写执行任意的web脚本和其他偷饼干IMP /部落用户通过脚本参数。修改:DESC改述CHANGEREF火山口(新版本号)ADDREF CONECTIVA: CLA-2001:473 ADDREF MISC:http://bugs.horde.org/show_bug.cgi?id=916ADDREF XF: imp-status-php3-css (8769) ADDREF报价:4444分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0181能接受(5接受,2 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,绿色修改(2)弗雷希考克斯等待(3)Christey,墙,Foat选民的评论:考克斯>“执行脚本”听起来像当地执行——这只是跨站脚本Christey >试试这个desc:跨站点脚本漏洞”状态。php3 IMP 2.2.8和部落1.2.7允许远程攻击者执行任意编写脚本和其他偷饼干IMP /部落用户通过脚本参数。”CONECTIVA:CLA-2001:473 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000473MISC:http://bugs.horde.org/show_bug.cgi?id=916XF: imp-status-php3-css(8769)网址:http://www.iss.net/security_center/static/8769.php报价:4444网址:http://www.securityfocus.com/bid/4444CHANGEREF火山口:综援- 2002 - 016.1(新版本#)弗雷希> XF: imp-status-php3-css(8769) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0184网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0184最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020502分配:20020419类别:科幻参考:BUGTRAQ: 20020425(全球InterSec 2002041701) Sudo密码提示参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101974610509912&w=2参考:BUGTRAQ: 20020425 Sudo 1.6.6版本现在可用(fwd)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101975443619600&w=2参考:曼德拉草:MDKSA-2002:028参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 028. - php3参考:DEBIAN: dsa - 128参考:网址:http://www.debian.org/security/2002/dsa - 128参考:REDHAT: RHSA-2002:071参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 071. - html参考:REDHAT: RHSA-2002:072参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 072. - html参考:ENGARDE: esa - 20020429 - 010参考:网址:http://www.linuxsecurity.com/advisories/other_advisory - 2040. - html参考:BUGTRAQ: 20020425 [slackware-security] sudo升级修复潜在的脆弱性参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101979472822196&w=2参考:CONECTIVA: CLA-2002:475参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000475参考:TRUSTIX: tslsa - 2002 - 0046参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102010164413135&w=2参考:BUGTRAQ: 20020429 tslsa - 2002 - 0046 - sudo参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102010164413135&w=2参考:SUSE: SuSE-SA: 2002:014参考:网址:http://www.suse.de/de/security/2002_014_sudo_txt.html参考:CERT-VN: VU # 820083参考:网址:http://www.kb.cert.org/vuls/id/820083参考:XF: sudo-password-expansion-overflow(8936)参考:网址:http://www.iss.net/security_center/static/8936.php参考:报价:4593参考:网址:http://www.securityfocus.com/bid/4593基于堆的缓冲区溢出在sudo 1.6.6可能允许本地用户获得根权限通过特殊字符- p(提示)参数,不适当的扩大。修改:ADDREF BUGTRAQ: 20020429 tslsa - 2002 - 0046 - sudo ADDREF SUSE: SuSE-SA: 2002:014 ADDREF XF: sudo-password-expansion-overflow (8936) DESC条款更改为“基于堆的缓冲区溢出”ADDREF报价:4593 ADDREF CERT-VN: VU # 820083分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0184能接受(7接受,4 ack, 0评论)目前投票:接受(6)考克斯,墙,Foat,科尔,阿姆斯特朗,弗伦奇等待绿色修改(1)(1)Christey选民的评论:Christey > BUGTRAQ: 20020429 tslsa - 2002 - 0046 - sudo URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102010164413135&w=2SUSE: SuSE-SA: 2002:014弗雷希> XF: sudo-password-expansion-overflow(8936) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0185网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0185最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020419类别:科幻参考:MISC:http://www.modpython.org/pipermail/mod_python/2002-April/001991.html参考:MISC:http://www.modpython.org/pipermail/mod_python/2002-April/002003.html参考:REDHAT: RHSA-2002:070参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 070. - html参考:CONECTIVA: CLA-2002:477参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000477参考:XF: modpython-imported-module-access(8997)参考:网址:http://www.iss.net/security_center/static/8997.php参考:报价:4656参考:网址:http://www.securityfocus.com/bid/4656mod_python 2.7.6和更早的版本允许发布模块的模块间接进口然后通过出版商访问,它允许远程攻击者从导入的模块调用可能危险的函数。修改:ADDREF红帽:RHSA-2002:070 ADDREF CONECTIVA: CLA-2002:477 ADDREF XF: modpython-imported-module-access (8997) ADDREF报价:4656分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0185能接受(3接受,1 ack, 0评论)目前投票:接受(2)贝克,考克斯弗伦奇等待修改(1)(6)Christey,墙,Foat,科尔,阿姆斯特朗,绿色选民的评论:考克斯> ADDREF: RHSA-2002:070 Christey > ADDREF REDHAT: RHSA-2002:070 Christey > CONECTIVA: CLA-2002:477 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000477弗雷希> XF: modpython-imported-module-access(8997) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0186网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0186最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020726分配:20020420类别:科幻参考:BUGTRAQ: 20020613 wp - 02 - 0007:微软SQLXML ISAPI溢出和跨站脚本参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102397345410856&w=2参考:VULNWATCH: 20020613 [VULNWATCH] wp - 02 - 0007:微软SQLXML ISAPI溢出和跨站脚本参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0100.html参考:女士:ms02 - 030参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 030. - asp参考:CERT-VN: VU # 811371参考:网址:http://www.kb.cert.org/vuls/id/811371参考:报价:5004参考:网址:http://www.securityfocus.com/bid/5004参考:XF: mssql-sqlxml-isapi-bo(9328)参考:网址:http://www.iss.net/security_center/static/9328.php缓冲区溢出的SQLXML ISAPI扩展Microsoft SQL Server 2000允许远程攻击者执行任意代码与长- type参数通过数据查询,又名“无节制的缓冲SQLXML ISAPI扩展。”Modifications: ADDREF CERT-VN:VU#811371 ADDREF BID:5004 ADDREF XF:mssql-sqlxml-isapi-bo(9328) Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0186 ACCEPT (4 accept, 2 ack, 0 review) Current Votes: ACCEPT(4) Baker, Wall, Foat, Cole NOOP(2) Christey, Cox Voter Comments: Christey> CERT-VN:VU#811371 URL:http://www.kb.cert.org/vuls/id/811371报价:5004网址:http://www.securityfocus.com/bid/5004XF: mssql-sqlxml-isapi-bo(9328)网址:http://www.iss.net/security_center/static/9328.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0187网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0187最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020420类别:科幻参考:BUGTRAQ: 20020613 wp - 02 - 0007:微软SQLXML ISAPI溢出和跨站脚本参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102397345410856&w=2参考:VULNWATCH: 20020613 [VULNWATCH] wp - 02 - 0007:微软SQLXML ISAPI溢出和跨站脚本参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0100.html参考:女士:ms02 - 030参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 030. - asp跨站点脚本漏洞在Microsoft SQL Server 2000的SQLXML组件允许攻击者执行任意脚本通过根参数作为XML SQL查询的一部分,即“通过XML标记脚本注入。”Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0187 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Wall, Foat, Cole NOOP(2) Christey, Cox Voter Comments: Christey> CERT-VN:VU#139931 URL:http://www.kb.cert.org/vuls/id/139931XF: mssql-sqlxml-script-injection(9329)网址:http://www.iss.net/security_center/static/9329.php报价:5005网址:http://www.securityfocus.com/bid/5005= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0190网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0190最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020611分配:20020420类别:科幻参考:女士:ms02 - 023参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 023. - asp参考:CERT-VN: VU # 242891参考:网址:http://www.kb.cert.org/vuls/id/242891参考:XF: ie-netbios-incorrect-security-zone(9084)参考:网址:http://www.iss.net/security_center/static/9084.php参考:报价:4753参考:网址:http://www.securityfocus.com/bid/4753微软Internet Explorer 5.01, 5.5和6.0允许远程攻击者执行任意代码通过一个畸形的web页面,需要更少的安全限制NetBIOS连接,又名“区欺骗通过web页面畸形”的弱点。修改:ADDREF XF: ie-netbios-incorrect-security-zone (9084) ADDREF报价:4753 ADDREF CERT-VN: VU # 242891分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0190能接受(6接受,2 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗弗伦奇等待修改(1)(1)考克斯选民的评论:弗雷希> XF: ie-netbios-incorrect-security-zone(9084) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0191网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0191最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020420类别:科幻参考:BUGTRAQ: 20020402阅读部分本地文件在IE中,根据结构(GM # 004 - IE)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101778302030981&w=2参考:女士:ms02 - 023参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 023. - asp参考:XF: ie-css-read-files(8740)参考:网址:http://www.iss.net/security_center/static/8740.php参考:报价:4411参考:网址:http://online.securityfocus.com/bid/4411微软Internet Explorer 5.01、5.5和6.0,远程攻击者可以查看任意文件包含“{”字符通过样式表的脚本包含cssText属性对象,又名“本地信息披露通过HTML对象”的弱点。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0191能接受(6接受,1 ack, 0评论)目前投票:接受(6)贝克,抑郁症,墙,Foat,科尔,阿姆斯特朗等待考克斯(1)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0213网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0213最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:CF参考:BUGTRAQ: 20020128 (Hackerslab bug_paper] xka应用程序漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101223525118717&w=2参考:SGI: 20020604 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020604-01-I参考:报价:3969参考:网址:http://online.securityfocus.com/bid/3969参考:XF: kashare-xkas-icon-symlink(8002)参考:网址:http://www.iss.net/security_center/static/8002.phpxka在Xinet K-AShare 0.011.01 IRIX允许本地用户读取任意文件通过一个符号链接攻击VOLICON文件,复制到.HSicon文件在共享目录。修改:ADDREF SGI: 20020604 - 01 -我分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0213 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(2)贝克,绿色无操作(4)Christey,墙,Foat,科尔选民的评论:Christey > SGI: 20020604 - 01 -我= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0241网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0241最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:科幻参考:思科:20020207思科安全访问控制服务器Novell目录服务过期/禁用用户身份验证漏洞参考:网址:http://www.cisco.com/warp/public/707/ciscosecure-acs-nds-authentication-vuln-pub.shtml参考:XF: ciscosecure-nds-authentication(8106)参考:网址:http://www.iss.net/security_center/static/8106.php参考:报价:4048参考:网址:http://www.securityfocus.com/bid/4048NDSAuth。DLL在思科安全身份验证控制服务器(ACS) 3.0.1不检查过期或禁用状态Novell的用户目录服务(NDS),这将允许用户向服务器进行身份验证。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0241能接受(3接受,1 ack, 0评论)目前投票:接受(3)抑郁症,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0246网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0246最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020210 Unixware消息目录利用代码参考:网址:http://online.securityfocus.com/archive/1/255414参考:火山口:综援- 2002上海合作组织。3参考:网址:ftp://stage.caldera.com/pub/security/unixware/cssa - 2002 sco.3/cssa - 2002 sco.3.txt参考:报价:4060参考:网址:http://online.securityfocus.com/bid/4060参考:XF: unixware-msg-catalog-format-string(8113)参考:网址:http://www.iss.net/security_center/static/8113.php在消息目录格式字符串漏洞库函数在安装7.1.1 UnixWare允许本地用户获得特权通过修改LC_MESSAGE环境变量阅读其他消息目录包含vxprint等从setuid程序格式字符串。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0246能接受(3接受,1 ack, 0评论)目前投票:接受(3)抑郁症,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0250网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0250最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020208惠普AdvanceStack开关管理认证绕过漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101318469216213&w=2参考:惠普:hpsbux0202 - 185参考:网址:http://online.securityfocus.com/advisories/3870参考:报价:4062参考:网址:http://www.securityfocus.com/bid/4062参考:XF: hp-advancestack-bypass-auth(8124)参考:网址:http://www.iss.net/security_center/static/8124.php网络配置实用程序在惠普AdvanceStack中心J3200A通过J3210A固件A.03.07和更早的版本,允许未经授权的用户通过直接绕过身份验证web_access HTTP请求。html文件,该文件允许用户改变开关的配置和修改管理员密码。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0250能接受(3接受,1 ack, 0评论)目前投票:接受(3)抑郁症,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0267网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0267最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020212口,容易受到任何人获得管理员权限。参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101363233905645&w=2参考:确认:http://sips.sourceforge.net/adminvul.html参考:报价:4097参考:网址:http://online.securityfocus.com/bid/4097参考:XF: sips-theme-admin-access(8193)参考:网址:http://www.iss.net/security_center/static/8193.php偏好。php在简单的网络出版系统(sip) 0.3.1允许远程攻击者获得管理权限通过linebreak在随后的“主题”字段的状态::管理命令,导致状态行进入密码文件。修改:ADDREF XF: sips-theme-admin-access(8193)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0267能接受(3接受,1 ack, 0评论)目前投票:接受(2)科尔,阿姆斯特朗弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: sips-theme-admin-access(8193) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0274网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0274最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020213进出口3.34和低(fwd)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101362618118598&w=2参考:确认:http://www.exim.org/pipermail/exim-announce/2002q1/000053.html参考:XF: exim-config-arg-bo(8194)参考:网址:http://www.iss.net/security_center/static/8194.php参考:报价:4096参考:网址:http://www.securityfocus.com/bid/4096进出口3.34和更早的可能会允许本地用户权限通过缓冲区溢出长- c(配置文件)和其他命令行参数。修改:ADDREF XF: exim-config-arg-bo(8194)分析- - - - - - - - - -供应商确认:是的确认:一篇Exim-announce邮件列表2月19日是指问题“bugtraq发布上周提出的。”INFERRED ACTION: CAN-2002-0274 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Cox, Cole MODIFY(1) Frech NOOP(3) Wall, Foat, Armstrong Voter Comments: Frech> XF:exim-config-arg-bo(8194) CHANGE> [Cox changed vote from REVIEWING to ACCEPT] ====================================================== Candidate: CAN-2002-0276 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0276最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020213 (ngsec - 2002 - 1) Ettercap远程根妥协参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101370874219511&w=2参考:确认:http://ettercap.sourceforge.net/index.php?s=history参考:报价:4104参考:网址:http://online.securityfocus.com/bid/4104参考:XF: ettercap-memcpy-bo(8200)参考:网址:http://www.iss.net/security_center/static/8200.php在各种解码器缓冲区溢出Ettercap 0.6.3.1早些时候,当在网络上运行的MTU大于2000,允许远程攻击者通过一个大的数据包执行任意代码。修改:ADDREF XF: ettercap-memcpy-bo(8200)分析- - - - - - - - - -供应商确认:是的、确认:输入供应商的历史文件的版本0.6.4州“固定远程开发的可能性与MTU > 1500接口”的行动:- 2002 - 0276能接受(3接受,1 ack, 0评论)目前投票:接受(2)科尔,阿姆斯特朗弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: ettercap-memcpy-bo(8200) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0287网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0287最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:CF参考:BUGTRAQ: 20020216 pforum: mysql-injection-bug参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101389284625019&w=2参考:确认:http://www.powie.de/万博下载包news/index.php参考:报价:4114参考:网址:http://online.securityfocus.com/bid/4114参考:XF: pforum-quotes-sql-injection(8203)参考:网址:http://www.iss.net/security_center/static/8203.phppforum 1.14和更早的没有显式地启用PHP magic quotes,它允许远程攻击者绕过身份验证并获得管理员权限通过SQL注入攻击当PHP服务器不是默认配置为使用魔法报价。修改:ADDREF XF: pforum-quotes-sql-injection(8203)分析- - - - - - - - - -供应商确认:是的确认:在新闻页面的评论是在德国,很明显,供应商的声明20020214构成足够的承认,即使使用基本的翻译软件查看:“Hiermit m ?万博下载包chte我阿莱用户des PFORUM auf一张schwere Sicherheitsl吗?cke aufmerksam麦臣……Sicherheitsl ?cke tritt努尔,要是天改entsprechenden网络服务器的PHP。INI magic_quotes_gpc =信德。”INFERRED ACTION: CAN-2002-0287 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Cole, Armstrong MODIFY(1) Frech NOOP(3) Cox, Wall, Foat Voter Comments: Frech> XF:pforum-quotes-sql-injection(8203) ====================================================== Candidate: CAN-2002-0290 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0290最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020218 Netwin新闻引擎缓冲区溢出漏洞(# NISR18022002)参考:网址:万博下载包http://marc.theaimsgroup.com/?l=bugtraq&m=101413521417638&w=2参考:确认:ftp://netwinsite.com/pub/web万博下载包news/beta/webnews11m_solaris.tar.Z参考:报价:4124参考:网址:http://online.securityfocus.com/bid/4124参考:XF: webnews-cg万博下载包i-group-bo(8220)参考:网址:http://www.iss.net/security_center/static/8220.php缓冲区溢出在Netwin新闻引擎CGI程序1.1,新闻引擎万博下载包。exe,允许远程攻击者通过一群长参数执行任意代码。修改:ADDREF XF: webnews-cgi-gr万博下载包oup-bo(8220)分析- - - - - - - - - -供应商确认:是的changelog承认:“新闻引擎/手册/更新。htm”文件新闻引擎分配一个条目日期为2万博下载包月21日状态:“固定:缓冲区溢出漏洞报告NGSSoftware洞察力安全研究”。INFERRED ACTION: CAN-2002-0290 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Cole, Armstrong MODIFY(1) Frech NOOP(3) Cox, Wall, Foat Voter Comments: Frech> XF:webnews-cgi-group-bo(8220) ====================================================== Candidate: CAN-2002-0292 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0292最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020219 [SA-2002:01] Slashcode登录脆弱性参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101414005501708&w=2参考:报价:4116参考:网址:http://online.securityfocus.com/bid/4116参考:XF: slashcode-site-xss(8221)参考:网址:http://www.iss.net/security_center/static/8221.php2.2.5跨站点脚本漏洞在削减),用于Slashcode和其他地方,允许远程攻击者窃取cookie和身份验证信息从一个URL,其他用户通过Javascript可能formkey领域。修改:ADDREF XF: slashcode-site-xss(8221)分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0292能接受(3接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: slashcode-site-xss(8221) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0299网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0299最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020220 CNet酱任意代码执行参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101438631921749&w=2参考:报价:3975参考:网址:http://online.securityfocus.com/bid/3975参考:XF: cnet-catchup-gain-privileges(8035)参考:网址:http://www.iss.net/security_center/static/8035.phpCNet酱之前1.3.1允许攻击者通过.RVP执行任意代码文件,创建一个文件,一个任意扩展(例如。bat),这期间执行扫描。修改:ADDREF XF: cnet-catchup-gain-privileges(8035)分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0299能接受(3接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: cnet-catchup-gain-privileges(8035) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0300网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0300最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020219 gnujsp: dir -和script-disclosure参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101415804625292&w=2参考:BUGTRAQ: 20020220 Re: gnujsp: dir -和script-disclosure参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101422432123898&w=2参考:DEBIAN: dsa - 114参考:网址:http://www.debian.org/security/2002/dsa - 114参考:报价:4125参考:网址:http://online.securityfocus.com/bid/4125参考:XF: gnujsp-jserv-information-disclosure(8240)参考:网址:http://www.iss.net/security_center/static/8240.phpgnujsp 1.0.0和1.0.1允许远程攻击者列出目录,阅读某些脚本的源代码,并绕过访问限制通过直接从gnujsp servlet请求目标文件,不解决JServ限制,不处理请求的文件。修改:ADDREF XF: gnujsp-jserv-information-disclosure(8240)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0300能接受(3接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: gnujsp-jserv-information-disclosure(8240) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0302网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0302最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020220赛门铁克企业防火墙(海基会)通知守护进程通过SN MP参考数据丢失:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101424225814604&w=2参考:确认:http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html参考:报价:4139参考:网址:http://online.securityfocus.com/bid/4139参考:XF: sef-smtp-proxy-information(8251)参考:网址:http://www.iss.net/security_center/static/8251.php通知守护进程为赛门铁克企业防火墙(海基会)6.5。x滴大警报SNMP用作运输时,可以防止一些警报发送事件的攻击。修改:ADDREF XF: sef-smtp-proxy-information(8251)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0302能接受(4接受,1 ack, 0评论)目前投票:接受(3)普罗塞贝克,科尔弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: sef-smtp-proxy-information普罗瑟(8251)>http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0309网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0309最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020221赛门铁克企业防火墙(海基会)SMTP代理矛盾参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101430810813853&w=2参考:BUGTRAQ: 20020220赛门铁克企业防火墙(海基会)SMTP代理矛盾参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101424307617060&w=2参考:确认:http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html参考:报价:4141参考:网址:http://online.securityfocus.com/bid/4141参考:XF: sef-smtp-proxy-information(8251)参考:网址:http://www.iss.net/security_center/static/8251.phpSMTP代理在赛门铁克企业防火墙(海基会)6.5。x包括防火墙的物理接口名称和地址在一个SMTP协议交换当NAT翻译地址以外的防火墙,这可能允许远程攻击者来确定某些防火墙配置信息。修改:ADDREF确认:http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.htmlADDREF XF: sef-smtp-proxy-information(8251)分析- - - - - - - - - -供应商确认:是的后续的行动:- 2002 - 0309能接受(4接受,1 ack, 0评论)目前投票:接受(3)普罗塞贝克,科尔弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: sef-smtp-proxy-information普罗瑟(8251)>http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0318网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0318最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020221 DoS攻击许多半径服务器参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101440113410083&w=2参考:XF: freeradius-access-request-dos(9968)参考:网址:http://www.iss.net/security_center/static/9968.phpFreeRADIUS RADIUS服务器允许远程攻击者造成拒绝服务(CPU消耗)通过大量的访问请求包。修改:ADDREF XF: freeradius-access-request-dos(9968)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0318能接受(3接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:改变>[弗雷希改变投票从审查修改]弗雷希> XF: freeradius-access-request-dos (9968)http://www.freeradius.org/radiusd/doc/ChangeLog可能:修复一个缺陷将挂服务器当许多SQL连接被打开。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0329网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0329最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020227 RE:打开公告板javascript错误。参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101485184605149&w=2参考:BUGTRAQ: 20020227 Snitz 2000代码补丁(RE:开放公告板javascript错误。)参考网址:http://online.securityfocus.com/archive/1/258981参考:确认:http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660参考:报价:4192参考:网址:http://www.securityfocus.com/bid/4192参考:XF: snitz-img-css(8309)参考:网址:http://www.iss.net/security_center/static/8309.php早些时候在Snitz论坛2000 3.3.03和跨站点脚本漏洞允许远程攻击者执行任意脚本和其他论坛2000用户通过Javascript在IMG标记。分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0329能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(4)Christey,考克斯墙,Foat选民的评论:Christey > DELREF报价:4192(提到两次)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0330网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0330最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:科幻参考:BUGTRAQ: 20020225开放公告板javascript错误。参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101466092601554&w=2参考:确认:http://community.iansoft.net/read.php?TID=5159参考:报价:4171参考:网址:http://online.securityfocus.com/bid/4171参考:XF: openbb-img-css(8278)参考:网址:http://www.iss.net/security_center/static/8278.php在codeparse跨站脚本漏洞。php开放公告板(OpenBB) 1.0.0允许远程攻击者通过Javascript执行任意脚本和偷饼干在IMG标记。分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0330能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0339网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0339最终决定:阶段性裁决:20030326修改:建议:20020502分配:20020501类别:科幻参考:思科:20020227思科安全顾问:数据泄漏与思科表达转发参考:网址:http://www.cisco.com/warp/public/707/IOS-CEF-pub.shtml参考:XF: ios-cef-information-leak(8296)参考:网址:http://www.iss.net/security_center/static/8296.php参考:报价:4191参考:网址:http://www.securityfocus.com/bid/4191思科IOS 11.1 cc通过12.2与思科表达之前的数据包转发(CEF)启用包括部分填充的MAC层包当MAC包的长度小于IP包长度。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0339能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0355网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0355最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020502类别:科幻参考:SGI: 20020503 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020503-01-I参考:报价:4682参考:网址:http://www.securityfocus.com/bid/4682参考:XF: irix-netstat-file-existence(9023)参考:网址:http://www.iss.net/security_center/static/9023.phpnetstat在SGI IRIX 6.5.12允许本地用户确定文件系统上的存在,即使用户没有适当的权限。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0355能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,科尔,法国人?阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0356网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0356最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020611分配:20020502类别:科幻参考:SGI: 20020504 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020504-01-I参考:XF: irix-fsrxfs-gain-privileges(9042)参考:网址:http://www.iss.net/security_center/static/9042.php参考:报价:4706参考:网址:http://www.securityfocus.com/bid/4706脆弱性XFS文件系统重组(fsr_xfs)早些时候在SGI IRIX 6.5.10及允许本地用户获得根权限覆盖关键系统文件。修改:ADDREF XF: irix-fsrxfs-gain-privileges (9042) ADDREF报价:4706分析- - - - - - - - - -供应商确认:是的,顾问注意:可以- 2002 - 0356是sgdynamo错误在报告中使用的产品。正确的标识符sgdynamo漏洞是可以- 2002 - 0375。推断行动:- 2002 - 0356能接受(4接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗弗伦奇等待修改(1)(4)Christey,考克斯墙,Foat选民的评论:Christey >注意:- 2002 - 0356在一份报告中错误地引用了sgdynamo产品。正确的标识符sgdynamo漏洞是可以- 2002 - 0375。Christey > XF: irix-fsrxfs-gain-privileges(9042)网址:http://www.iss.net/security_center/static/9042.php报价:4706网址:http://www.securityfocus.com/bid/4706弗雷希> XF: irix-fsrxfs-gain-privileges(9042) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0358网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0358最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020611分配:20020502类别:科幻参考:SGI: 20020602 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020602-01-I参考:XF: irix-mediamail-core-dump(9292)参考:网址:http://www.iss.net/security_center/static/9292.php参考:报价:4959参考:网址:http://www.securityfocus.com/bid/4959MediaMail MediaMail Pro在SGI IRIX 6.5.16早些时候,允许本地用户强制程序转储核心通过特定的参数,这将允许用户读取敏感数据或获得的特权。修改:DESC修复错误:“中间”邮件ADDREF报价:4959 ADDREF XF: irix-mediamail-core-dump(9292)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0358能接受(4接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗弗伦奇等待修改(1)(4)Christey,考克斯墙,Foat选民的评论:Christey >修复错误:“中间”邮件XF: irix-mediamail-core-dump(9292)网址:http://www.iss.net/security_center/static/9292.php报价:4959网址:http://www.securityfocus.com/bid/4959弗雷希> XF: irix-mediamail-core-dump(9292) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0359网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0359最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020726分配:20020502类别:科幻参考:BUGTRAQ: 20020620 (LSD) IRIX rpc。xfsmd多个远程根漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102459162909825&w=2参考:SGI: 20020606 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020606-01-I参考:CERT-VN: VU # 521147参考:网址:http://www.kb.cert.org/vuls/id/521147参考:XF: irix-xfsmd-bypass-authentication(9401)参考:网址:http://www.iss.net/security_center/static/9401.php参考:报价:5072参考:网址:http://www.securityfocus.com/bid/5072通过6.5.16 xfsmd IRIX 6.5使用弱身份验证,它允许远程攻击者调用危险RPC函数,包括那些可以安装或卸载xfs文件系统,获得根权限。修改:ADDREF XF: irix-xfsmd-bypass-authentication (9401) ADDREF报价:5072 ADDREF CERT-VN: VU # 521147 DELREF SGI: 20020605 - 01 -我分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0359 ACCEPT_ACK(2接受,2 ack, 0评论)目前投票:接受(2)贝克,科尔等待(4)Christey,考克斯墙,Foat选民的评论:Christey > XF: irix-xfsmd-bypass-authentication(9401)网址:http://www.iss.net/security_center/static/9401.php报价:5072网址:http://www.securityfocus.com/bid/5072Christey > DELREF SGI: 20020605 - 01 -我(一个是可以- 2003 - 0392)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0363网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0363最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020611分配:20020507类别:科幻参考:MISC:http://www.ghostscript.com/pipermail/gs-code-review/2002-January/001801.html参考:MISC:http://www.ghostscript.com/pipermail/gs-code-review/2002-February/001900.html参考:REDHAT: RHSA-2002:083参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 083. - html参考:火山口:综援- 2002 - 026.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 026.0.txt参考:XF: ghostscript-postscript-command-execution(9254)参考:网址:http://www.iss.net/security_center/static/9254.php参考:报价:4937参考:网址:http://www.securityfocus.com/bid/4937内容之前6.53允许攻击者利用.locksafe或执行任意命令.setsafe重置当前pagedevice。修改:ADDREF火山口:综援- 2002 - 026.0 ADDREF XF: ghostscript-postscript-command-execution (9254) ADDREF报价:4937分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0363能接受(5接受,2 ack, 0评论)目前投票:接受(4)贝克,考克斯科尔,弗伦奇等待Alderson修改(1)(3)Christey,墙,Foat选民的评论:Christey >火山口:综援- 2002 - 026.0 Christey > XF: ghostscript-postscript-command-execution(9254)网址:http://www.iss.net/security_center/static/9254.php报价:4937网址:http://www.securityfocus.com/bid/4937弗雷希> XF: ghostscript-postscript-command-execution(9254) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0364网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0364最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020726分配:20020508类别:科幻参考:BUGTRAQ: 20020612咨询:Windows 2000和NT4 IIS .HTR远程缓冲区溢出(AD20020612)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102392069305962&w=2参考:NTBUGTRAQ: 20020612咨询:Windows 2000和NT4 IIS .HTR远程缓冲区溢出参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=102392308608100&w=2参考:VULNWATCH: 20020612咨询:Windows 2000和NT4 IIS .HTR远程缓冲区溢出(AD20020612)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0099.html参考:BUGTRAQ: 20020613 VNA - .HTR堆溢出参考:网址:http://online.securityfocus.com/archive/1/276767参考:CERT-VN: VU # 313819参考:网址:http://www.kb.cert.org/vuls/id/313819参考:女士:ms02 - 028参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 028. - asp参考:报价:4855参考:网址:http://www.securityfocus.com/bid/4855参考:XF: iis-htr-chunked-encoding-bo(9327)参考:网址:http://www.iss.net/security_center/static/9327.php缓冲区溢出的分块编码传输机制在IIS 4.0和5.0允许攻击者执行任意代码通过HTR请求会话的处理,又名“HTR堆溢出分块编码可以使Web服务器妥协。”Modifications: ADDREF BID:4855 ADDREF BUGTRAQ:20020613 VNA - .HTR HEAP OVERFLOW ADDREF CERT-VN:VU#313819 ADDREF XF:iis-htr-chunked-encoding-bo(9327) Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0364 ACCEPT (4 accept, 2 ack, 0 review) Current Votes: ACCEPT(4) Baker, Wall, Foat, Cole NOOP(2) Christey, Cox Voter Comments: Christey> BID:4855 URL:http://www.securityfocus.com/bid/4855BUGTRAQ: 20020613 VNA - .HTR堆溢出网址:http://online.securityfocus.com/archive/1/276767CERT-VN: VU # 313819网址:http://www.kb.cert.org/vuls/id/313819XF: iis-htr-chunked-encoding-bo(9327)网址:http://www.iss.net/security_center/static/9327.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0366网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0366最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020726分配:20020508类别:科幻参考:微软RASAPI32 BUGTRAQ: 20020613。DLL的引用:网址:http://online.securityfocus.com/archive/1/276776参考:BUGTRAQ: 20020620 VPN和Q318138参考:网址:http://online.securityfocus.com/archive/1/278145参考:MISC:http://www.nextgenss.com/vna/ms-ras.txt参考:女士:ms02 - 029参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 029. - asp参考:报价:4852参考:网址:http://www.securityfocus.com/bid/4852缓冲区溢出在远程访问服务(RAS)电话簿Windows NT 4.0, 2000, XP和路由和远程访问服务器(基本)允许本地用户通过修改rasphone执行任意代码。pbk文件使用拨号条目。修改:微软RASAPI32 ADDREF BUGTRAQ: 20020613。DLL ADDREF BUGTRAQ: 20020620 VPN和Q318138分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0366能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,Foat,科尔等待(2)Christey,考克斯选民的评论:Christey >添加:很长一段脚本的名字是这个问题。微软RASAPI32 BUGTRAQ: 20020613。DLL URL:http://online.securityfocus.com/archive/1/276776BUGTRAQ: 20020620 VPN和Q318138网址:http://online.securityfocus.com/archive/1/278145= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0367网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0367最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020508类别:科幻参考:BUGTRAQ:前轮驱动:20020314 DebPloit(利用)参考:网址:http://www.securityfocus.com/archive/1/262074参考:BUGTRAQ: 20020326 Re: DebPloit(利用)参考:网址:http://www.securityfocus.com/archive/1/264441参考:BUGTRAQ: 20020327当地安全漏洞在Windows NT和Windows 2000参考:网址:http://www.securityfocus.com/archive/1/264927参考:NTBUGTRAQ: 20020314 DebPloit(利用)参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=101614320402695&w=2参考:报价:4287参考:网址:http://www.securityfocus.com/bid/4287参考:XF: win-debug-duplicate-handles(8462)参考:网址:http://www.iss.net/security_center/static/8462.php参考:女士:ms02 - 024参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 024. - aspsms。exe调试子系统在Windows NT和Windows 2000不正确验证连接到其他程序的程序,它允许本地用户获得权限的管理员或系统复制一个处理一个特权的过程,DebPloit做了演示。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0367能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,绿色无操作考克斯(1)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0368网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0368最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020611分配:20020508类别:科幻参考:女士:ms02 - 025参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 025. - asp参考:XF: exchange-msg-attribute-dos(9195)参考:网址:http://www.iss.net/security_center/static/9195.php参考:报价:4881参考:网址:http://www.securityfocus.com/bid/4881商店服务在微软Exchange 2000允许远程攻击者造成拒绝服务(CPU消耗)通过邮件与畸形的RFC消息属性,又名“畸形的邮件属性会导致交换2000耗尽CPU资源。”Modifications: ADDREF XF:exchange-msg-attribute-dos(9195) ADDREF BID:4881 Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0368 ACCEPT (5 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Wall, Cole, Armstrong MODIFY(1) Frech NOOP(3) Christey, Cox, Foat Voter Comments: Christey> XF:exchange-msg-attribute-dos(9195) URL:http://www.iss.net/security_center/static/9195.php报价:4881网址:http://www.securityfocus.com/bid/4881弗雷希> XF: exchange-msg-attribute-dos(9195) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0369网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0369最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020611分配:20020508类别:科幻参考:女士:ms02 - 026参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 026. - asp参考:XF: ms-aspdotnet-stateserver-bo(9276)参考:网址:http://www.iss.net/security_center/static/9276.php参考:报价:4958参考:网址:http://www.securityfocus.com/bid/4958缓冲区溢出在ASP。净工作进程允许远程攻击者可能导致拒绝服务(重启)和执行任意代码通过一个常规处理cookie在StateServer模式。修改:ADDREF XF: ms-aspdotnet-stateserver-bo (9276) ADDREF报价:4958分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0369能接受(5接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(3)Christey,考克斯Foat选民的评论:Christey > XF: ms-aspdotnet-stateserver-bo (9276)http://www.iss.net/security_center/static/9276.php报价:4958网址:http://www.securityfocus.com/bid/4958弗雷希> XF: ms-aspdotnet-stateserver-bo(9276) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0372网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0372最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020726分配:20020508类别:科幻参考:女士:ms02 - 032参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 032. - asp参考:XF: mediaplayer-cache-code-execution(9420)参考:网址:http://www.iss.net/security_center/static/9420.php参考:报价:5107参考:网址:http://www.securityfocus.com/bid/5107微软Windows媒体播放器版本6.4和7.1和Windows XP媒体播放器允许远程攻击者绕过Internet Explorer (IE)的安全机制和运行代码通过一个可执行的.wma媒体文件许可安装要求存储在IE缓存,又名的“缓存路径信息披露通过Windows媒体播放器”。修改:ADDREF XF: mediaplayer-cache-code-execution (9420) ADDREF报价:5107分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0372能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,Foat,科尔等待(2)Christey,考克斯选民的评论:Christey > XF: mediaplayer-cache-code-execution(9420)网址:http://www.iss.net/security_center/static/9420.php报价:5107网址:http://www.securityfocus.com/bid/5107= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0373网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0373最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020726分配:20020508类别:科幻参考:女士:ms02 - 032参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 032. - asp参考:XF: mediaplayer-wmdm-privilege-elevation(9421)参考:网址:http://www.iss.net/security_center/static/9421.php参考:报价:5109参考:网址:http://www.securityfocus.com/bid/5109Windows媒体设备管理器(WMDM)服务的微软Windows媒体播放器7.1在Windows 2000系统允许本地用户获得LocalSystem权利通过程序调用WMDM服务连接到一个无效的本地存储设备,又名“特权高程通过Windows媒体设备管理器服务”。修改:ADDREF XF: mediaplayer-wmdm-privilege-elevation (9421) ADDREF报价:5109分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0373能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,墙,科尔等待(3)Christey,考克斯Foat选民的评论:Christey > XF: mediaplayer-wmdm-privilege-elevation(9421)网址:http://www.iss.net/security_center/static/9421.php报价:5109网址:http://www.securityfocus.com/bid/5109= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0374网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0374最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020611分配:20020508类别:科幻参考:BUGTRAQ: 20020506 ldap漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102070762606525&w=2参考:VULNWATCH: 20020506 ldap漏洞参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html参考:火山口:综援- 2002 - 041.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 041.0.txt参考:曼德拉草:MDKSA-2002:075参考:网址:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:075参考:REDHAT: RHSA-2002:084参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 084. - html参考:REDHAT: RHSA-2002:175参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 175. - html参考:BUGTRAQ: 20021030 GLSA: pam_ldap参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=103601912505261&w=2参考:XF: pamldap-config-format-string(9018)参考:网址:http://www.iss.net/security_center/static/9018.php参考:报价:4679参考:网址:http://online.securityfocus.com/bid/4679格式字符串漏洞的日志功能pam_ldap PAM LDAP模块144年版本之前允许攻击者在配置文件中执行任意代码通过格式化字符串的名字。修改:ADDREF XF: pamldap-config-format-string (9018) ADDREF报价:4679 ADDREF BUGTRAQ: 20021030 GLSA: pam_ldap ADDREF火山口:综援- 2002 - 041.0 ADDREF曼德拉草:MDKSA-2002:075 ADDREF REDHAT: RHSA-2002:175分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0374能接受(6接受,2 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(2)Christey, Foat选民的评论:Christey > XF: pamldap-config-format-string(9018)网址:http://www.iss.net/security_center/static/9018.php报价:4679网址:http://online.securityfocus.com/bid/4679弗雷希> XF: pamldap-config-format-string (9018) Christey > REDHAT: RHSA-2002:084 Christey > BUGTRAQ: 20021030 GLSA: pam_ldap URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103601912505261&w=2火山:综援- 2002 - 041.0 Christey >曼德拉草:MDKSA-2002:075 Christey > REDHAT: RHSA-2002:175 URL:http://www.redhat.com/support/errata/rhsa - 2002 - 175. - html火山:综援- 2002 - 041.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 041.0.txt= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0377网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0377最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020611分配:20020514类别:科幻参考:BUGTRAQ: 20020512 Gaim abritary电子邮件阅读参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102130733815285&w=2参考:VULN-DEV: 20020511 Gaim abritary电子邮件阅读参考:网址:http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html参考:确认:http://gaim.sourceforge.net/ChangeLog参考:XF: gaim-email-access(9061)参考:网址:http://www.iss.net/security_center/static/9061.php参考:报价:4730参考:网址:http://www.securityfocus.com/bid/4730Gaim 0.57敏感信息存储在全局和group-writable文件在/ tmp目录中,它允许本地用户访问其他用户运行MSN网络电子邮件帐户Gaim通过阅读身份验证信息的文件。修改:ADDREF VULN-DEV: 20020511 Gaim abritary邮件阅读ADDREF XF: gaim-email-access (9061) ADDREF报价:4730分析- - - - - - - - - -供应商确认:是的确认:Gaim 0.58版本的更改日志,5月13日说“Tempfiles用于安全MSN / HotMail登录(0.57)中添加现在自己创建的安全。”In addition to a statement on the vendor's News page, dated May 14, regarding "the fix to the recent BugTraq posting about Gaim," this is sufficient acknowledgement. INFERRED ACTION: CAN-2002-0377 ACCEPT (5 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Cox, Cole, Armstrong MODIFY(1) Frech NOOP(3) Christey, Wall, Foat Voter Comments: Christey> VULN-DEV:20020511 Gaim abritary Email Reading URL:http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0584.html弗雷希> XF: gaim-email-access (9061) Christey > XF: gaim-email-access(9061)网址:http://www.iss.net/security_center/static/9061.php报价:4730网址:http://www.securityfocus.com/bid/4730= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0379网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0379最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020611分配:20020517类别:科幻参考:BUGTRAQ: 20020510 wu-imap缓冲区溢出条件参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102107222100529&w=2参考:REDHAT: RHSA-2002:092参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 092. - html参考:CONECTIVA: CLA-2002:487参考:网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000487参考:惠普:hpsbtl0205 - 043参考:网址:http://online.securityfocus.com/advisories/4167参考:火山口:综援- 2002 - 021.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 021.0.txt参考:曼德拉草:MDKSA-2002:034参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 034. - php参考:ENGARDE: esa - 20020607 - 013参考:网址:http://www.linuxsecurity.com/advisories/other_advisory - 2120. - html参考:报价:4713参考:网址:http://www.securityfocus.com/bid/4713参考:XF: wuimapd-partial-mailbox-bo(9055)参考:网址:http://www.iss.net/security_center/static/9055.php华盛顿大学的imap服务器的缓冲区溢出(uw-imapd) imap - 2001 (imapd 2001.315)和imap - 2001 a (imapd 2001.315)与遗留RFC 1730的支持,和imapd 2000.287和更早的,允许远程经过身份验证的用户通过长身体请求执行任意代码。修改:ADDREF CONECTIVA: CLA-2002:487 ADDREF惠普:hpsbtl0205 - 043 ADDREF火山口:综援- 2002 - 021.0 ADDREF曼德拉草:MDKSA-2002:034 ADDREF ENGARDE: esa - 20020607 - 013 ADDREF报价:4713 ADDREF XF: wuimapd-partial-mailbox-bo(9055)分析- - - - - - - - - -供应商确认:是的后续的行动:- 2002 - 0379能接受(6接受,3 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(2)Christey, Foat选民的评论:Christey >添加“长身体请求”desc。CONECTIVA: CLA-2002:487 URL:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000487惠普:hpsbtl0205 - 043网址:http://online.securityfocus.com/advisories/4167火山:综援- 2002 - 021.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 021.0.txt曼德拉草:MDKSA-2002:034网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 034. - phpENGARDE: esa - 20020607 - 013网址:http://www.linuxsecurity.com/advisories/other_advisory - 2120. - html报价:4713网址:http://www.securityfocus.com/bid/4713XF: wuimapd-partial-mailbox-bo(9055)网址:http://www.iss.net/security_center/static/9055.php弗雷希> XF: wuimapd-partial-mailbox-bo(9055) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0381网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0381最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020517类别:科幻参考:MISC:http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022参考:BUGTRAQ: 20020317 TCP连接在bsd系统上广播地址引用:网址:http://online.securityfocus.com/archive/1/262733参考:确认:http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109&r2=1.110参考:确认:http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136&r2=1.137参考:报价:4309参考:网址:http://online.securityfocus.com/bid/4309参考:XF: bsd-broadcast-address(8485)参考:网址:http://www.iss.net/security_center/static/8485.php各BSD操作系统TCP实现(tcp_input.c)不正确块连接广播地址,这可能允许远程攻击者绕过意图过滤器通过与单播数据包链路层地址和IP广播地址。分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0381能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,绿色无操作(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0382网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0382最终决定:阶段性裁决:20030326修改:20030320 - 02年提出:20020611分配:20020521类别:科幻参考:BUGTRAQ: 20020327 Xchat /命令执行dns漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101725430425490&w=2参考:REDHAT: RHSA-2002:097参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 097. - html参考:曼德拉草:MDKSA-2002:051参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 051. - php参考:CONECTIVA: CLA-2002:526参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000526参考:XF: xchat-dns-execute-commands(8704)参考:网址:http://www.iss.net/security_center/static/8704.php参考:报价:4376参考:网址:http://www.securityfocus.com/bid/4376XChat IRC客户端允许远程攻击者通过/ dns命令执行任意命令在一个主机的dns反向查找包含shell元字符。修改:DESC利用XChat正确ADDREF曼德拉草:MDKSA-2002:051 ADDREF CONECTIVA: CLA-2002:526分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0382能接受(5接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,阿姆斯特朗修改(2)考克斯Foat等待(3)Christey,墙,科尔选民的评论:考克斯> XChat应该XChat Foat >考克斯同意修改Christey >曼德拉草:MDKSA-2002:051 Christey > CONECTIVA: CLA-2002:526 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0389网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0389最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020611分配:20020523类别:科幻参考:BUGTRAQ: 20020417邮差/ Pipermail私人邮件列表/本地用户脆弱性参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101902003314968&w=2参考:MISC:http://sourceforge.net/tracker/?func=detail&atid=100103&aid=474616&group_id=103参考:XF: pipermail-view-archives(8874)参考:网址:http://www.iss.net/security_center/static/8874.php参考:报价:4538参考:网址:http://www.securityfocus.com/bid/4538Pipermail邮差商店私人邮件消息与可预见的文件名world-executable目录,它允许本地用户阅读私人邮件列表档案。修改:DESC修复错误ADDREF XF: pipermail-view-archives (8874) ADDREF报价:4538分析- - - - - - - - - -供应商确认:没有争议包含:应对错误报告,供应商说“我不愿意解决这个问题,因为这样的安排对私人档案的网络安全是至关重要的。”INFERRED ACTION: CAN-2002-0389 ACCEPT (3 accept, 0 ack, 0 review) Current Votes: ACCEPT(2) Baker, Cox MODIFY(1) Frech NOOP(4) Christey, Wall, Foat, Cole Voter Comments: Frech> XF: pipermail-view-archives(8874) Christey> Add period to the end of the description. ====================================================== Candidate: CAN-2002-0391 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0391最终决定:阶段性裁决:20030326修改:20030320 - 01提议:20020830分配:20020528类别:科幻参考:国际空间站:20020731远程缓冲区溢出漏洞在太阳RPC参考:网址:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823参考:BUGTRAQ: 20020731远程缓冲区溢出漏洞在太阳RPC参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102813809232532&w=2参考:BUGTRAQ: 20020801 RPC分析参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102821785316087&w=2参考:BUGTRAQ: 20020802 mitkrb5 - sa - 2002 - 001:远程根漏洞在麻省理工学院krb5管理参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102831443208382&w=2参考:CERT: ca - 2002 - 25参考:网址:http://www.cert.org/advisories/ca - 2002 - 25. - html参考:CERT-VN: VU # 192995参考:网址:http://www.kb.cert.org/vuls/id/192995参考:AIXAPAR: IY34194参考:网址:http://archives.neohapsis.com/archives/aix/2002-q4/0002.html参考:火山口:综援- 2002 - 055.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 055.0.txt参考:CONECTIVA: CLA-2002:515参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000515参考:CONECTIVA: CLA-2002:535参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535参考:DEBIAN: dsa - 142参考:网址:http://www.debian.org/security/2002/dsa - 142参考:DEBIAN: dsa - 143参考:网址:http://www.debian.org/security/2002/dsa - 143参考:DEBIAN: dsa - 146参考:网址:http://www.debian.org/security/2002/dsa - 146参考:DEBIAN: dsa - 149参考:网址:http://www.debian.org/security/2002/dsa - 149参考:ENGARDE: esa - 20021003 - 021参考:网址:http://www.linuxsecurity.com/advisories/other_advisory - 2399. - html参考:FREEBSD: FreeBSD-SA-02:34。rpc参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102821928418261&w=2参考:惠普:hpsbtl0208 - 061参考:网址:http://online.securityfocus.com/advisories/4402参考:惠普:hpsbux0209 - 215参考:网址:http://archives.neohapsis.com/archives/hp/2002-q3/0077.html参考:曼德拉草:MDKSA-2002:057参考:网址:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:057参考:女士:ms02 - 057参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 057. - asp参考:NETBSD: NETBSD - sa2002 - 011参考:网址:ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd sa2002 txt.asc——011.参考:REDHAT: RHSA-2002:166参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 166. - html参考:REDHAT: RHSA-2002:172参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 172. - html参考:REDHAT: RHSA-2002:167参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 167. - html参考:SGI: 20020801 - 01 -参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A参考:SGI: 20020801 - 01 - p参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A参考:SUSE: SuSE-SA: 2002:031参考:BUGTRAQ: 20020803 OpenAFS安全咨询2002 - 001:远程根脆弱OpenAFS服务器参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html参考:BUGTRAQ: 20020802 kerberos rpc xdr_array参考:网址:http://online.securityfocus.com/archive/1/285740参考:BUGTRAQ: 20020909 GLSA: glibc参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=103158632831416&w=2参考:XF: sunrpc-xdr-array-bo(9170)参考:网址:http://www.iss.net/security_center/static/9170.php参考:报价:5356参考:网址:http://www.securityfocus.com/bid/5356整数溢出xdr_array函数中使用libc的RPC服务器操作系统,glibc,或其他代码基于SunRPC包括dietlibc、允许远程攻击者执行任意代码通过大量的参数通过RPC服务xdr_array如RPC。cmsd dmispd。修改:ADDREF红帽:RHSA-2002:167 ADDREF XF: sunrpc-xdr-array-bo (9170) ADDREF报价:5356 ADDREF BUGTRAQ: 20020803 OpenAFS安全咨询2002 - 001:远程根脆弱OpenAFS服务器ADDREF CONECTIVA: CLA-2002:515 ADDREF惠普:hpsbtl0208 - 061 ADDREF BUGTRAQ: 20020802 kerberos rpc xdr_array ADDREF BUGTRAQ: 20020909 GLSA: glibc ADDREF SUSE: SuSE-SA: 2002:031 ADDREF女士:ms02 - 057 ADDREF惠普:hpsbux0209 - 215 ADDREF曼德拉草:MDKSA-2002:057 ADDREF ENGARDE: esa - 20021003 - 021 ADDREF火山口:综援- 2002 - 055.0 ADDREF AIXAPAR: IY34194 ADDREF CONECTIVA: CLA-2002:535分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0391能接受(4接受13 ack 0审查)目前投票:接受(3)贝克,墙,考克斯科尔修改(1)无操作(2)Christey, Foat选民的评论:考克斯> ADDREF: RHSA-2002:167 Christey > XF: sunrpc-xdr-array-bo(9170)网址:http://www.iss.net/security_center/static/9170.php报价:5356网址:http://www.securityfocus.com/bid/5356BUGTRAQ: 20020803 OpenAFS安全咨询2002 - 001:远程根脆弱OpenAFS服务器URL:http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.htmlCONECTIVA: CLA-2002:515网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000515惠普:hpsbtl0208 - 061网址:http://online.securityfocus.com/advisories/4402kerberos rpc xdr_array BUGTRAQ: 20020802网址:http://online.securityfocus.com/archive/1/285740Christey > BUGTRAQ: 20020909 GLSA: glibc网址:http://marc.theaimsgroup.com/?l=bugtraq&m=103158632831416&w=2Christey > SUSE: SuSE-SA: 2002:031 Christey >女士:ms02 - 057 Christey >惠普:hpsbux0209 - 215网址:http://archives.neohapsis.com/archives/hp/2002-q3/0077.html曼德拉草:MDKSA-2002:057 ENGARDE: esa - 20021003 - 021 Christey >火山口:综援- 2002 - 055.0 Christey > AIXAPAR: IY34194 URL:http://archives.neohapsis.com/archives/aix/2002-q4/0002.htmlCONECTIVA: CLA-2002:535网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0392网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0392最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020726分配:20020530类别:科幻参考:确认:http://httpd.apache.org/info/security_bulletin_20020617.txt参考:VULNWATCH: 20020617 (VULNWATCH) Apache httpd:脆弱性与分块编码参考:国际空间站:20020617远程妥协漏洞在Apache HTTP服务器参考:BUGTRAQ: 20020617 Re: ISS咨询:远程妥协漏洞在Apache HTTP服务器参考:BUGTRAQ: 20020617 Re:远程妥协漏洞在Apache HTTP服务器参考:BUGTRAQ: 20020618固定版本的Apache 1.3可用参考:BUGTRAQ: Apache vuln 20020619的影响对甲骨文参考:远程Apache 1.3 BUGTRAQ: 20020619。x利用参考:BUGTRAQ: 20020620 Apache利用参考:BUGTRAQ: 20020620 tslsa - 2002 - 0056 - Apache参考:BUGTRAQ: 20020621[安全]远程利用32位Apache HTTP服务器已知参考:网址:http://online.securityfocus.com/archive/1/278149参考:BUGTRAQ: 20020622结束几个参数与一个简单的附件。参考:BUGTRAQ: 20020622 blowchunks——保护现有的apache服务器升级到来之前参考:CERT: ca - 2002 - 17参考:网址:http://www.cert.org/advisories/ca - 2002 - 17. - html参考:SGI: 20020605 - 01 -参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A参考:SGI: 20020605 - 01 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I参考:REDHAT: RHSA-2002:103参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 103. - html参考:曼德拉草:MDKSA-2002:039参考:火山口:综援- 2002 - 029.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 029.0.txt参考:火山口:综援- 2002上海合作组织。31日参考:网址:ftp://ftp.caldera.com/pub/updates/openunix/cssa - 2002 sco.31参考:火山口:综援- 2002上海合作组织。32个参考:网址:ftp://ftp.caldera.com/pub/updates/openserver/cssa - 2002 sco.32参考:康柏:SSRT2253参考:CONECTIVA: CLSA-2002:498参考:网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498参考:DEBIAN: dsa - 131参考:网址:http://www.debian.org/security/2002/dsa - 131参考:DEBIAN: dsa - 132参考:网址:http://www.debian.org/security/2002/dsa - 132参考:DEBIAN: dsa - 133参考:网址:http://www.debian.org/security/2002/dsa - 133参考:ENGARDE: esa - 20020619 - 014参考:网址:http://www.linuxsecurity.com/advisories/other_advisory - 2137. - html参考:REDHAT: RHSA-2002:118参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 118. - html参考:REDHAT: RHSA-2002:117参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 117. - html参考:BUGTRAQ: 20020619 [OpenPKG - sa - 2002.004] OpenPKG安全顾问(apache)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html参考:BUGTRAQ: 20020621 (slackware-security)对mod_ssl进行新的apache /包可用参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html参考:SUSE: SuSE-SA: 2002:022参考:网址:http://www.suse.com/de/security/2002_22_apache.html参考:CERT-VN: VU # 944335参考:网址:http://www.kb.cert.org/vuls/id/944335参考:惠普:hpsbtl0206 - 049参考:网址:http://online.securityfocus.com/advisories/4240参考:惠普:hpsbux0207 - 197参考:网址:http://online.securityfocus.com/advisories/4257参考:报价:5033参考:网址:http://online.securityfocus.com/bid/5033参考:XF: apache-chunked-encoding-bo(9249)参考:网址:http://www.iss.net/security_center/static/9249.php通过1.3.24 Apache 1.3,通过2.0.36 Apache 2.0,允许远程攻击者可能导致拒绝服务和执行任意代码通过一个大块编码导致Apache HTTP请求使用一个不正确的大小。修改:ADDREF火山口:综援- 2002 - 029.0 ADDREF火山口:综援- 2002上海合作组织。31日ADDREF火山口:综援- 2002上海合作组织。32 ADDREF康柏:SSRT2253 ADDREF CONECTIVA: CLSA-2002:498 ADDREF DEBIAN: dsa - 131 ADDREF DEBIAN: dsa - 132 ADDREF DEBIAN: dsa - 133 ADDREF ENGARDE: esa - 20020619 - 014 ADDREF REDHAT: RHSA-2002:118 ADDREF REDHAT: RHSA-2002:117 ADDREF BUGTRAQ: 20020619 [OpenPKG - sa - 2002.004] OpenPKG安全顾问(apache) ADDREF BUGTRAQ: 20020621 (slackware-security)对mod_ssl进行新的apache /包可用ADDREF SUSE: SuSE-SA: 2002:022 ADDREF CERT-VN: VU # 944335 ADDREF惠普:hpsbtl0206 - 049 ADDREF惠普:hpsbux0207 - 197 ADDREF报价:5033 ADDREF XF: apache-chunked-encoding-bo(9249)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0392能接受(5接受,11 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,Foat,科尔等待(1)Christey选民的评论:Christey >火山口:综援- 2002 - 029.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 029.0.txt火山:综援- 2002上海合作组织。31个网址:ftp://ftp.caldera.com/pub/updates/openunix/cssa - 2002 sco.31火山:综援- 2002上海合作组织。32个网址:ftp://ftp.caldera.com/pub/updates/openserver/cssa - 2002 sco.32康柏:SSRT2253 CONECTIVA: CLSA-2002:498网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498DEBIAN: dsa - 131网址:http://www.debian.org/security/2002/dsa - 131DEBIAN: dsa - 132网址:http://www.debian.org/security/2002/dsa - 132DEBIAN: dsa - 133网址:http://www.debian.org/security/2002/dsa - 133ENGARDE: esa - 20020619 - 014网址:http://www.linuxsecurity.com/advisories/other_advisory - 2137. - html红帽:RHSA-2002:118网址:http://rhn.redhat.com/errata/rhsa - 2002 - 118. - html红帽:RHSA-2002:117网址:http://rhn.redhat.com/errata/rhsa - 2002 - 117. - htmlBUGTRAQ: 20020619 [OpenPKG - sa - 2002.004] OpenPKG安全顾问(apache)网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.htmlBUGTRAQ: 20020621 (slackware-security)对mod_ssl进行新的apache /包可用网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.htmlSUSE: SuSE-SA: 2002:022 URL:http://www.suse.com/de/security/2002_22_apache.htmlCERT-VN: VU # 944335网址:http://www.kb.cert.org/vuls/id/944335报价:5033网址:http://online.securityfocus.com/bid/5033XF: apache-chunked-encoding-bo(9249)网址:http://www.iss.net/security_center/static/9249.php惠普:hpsbtl0206 - 049网址:http://online.securityfocus.com/advisories/4240惠普:hpsbux0207 - 197网址:http://online.securityfocus.com/advisories/4257= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0394网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0394最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020611分配:20020530类别:科幻参考:ATSTAKE: A060502-1参考:网址:http://www.atstake.com/research/advisories/2002/a060502 - 1. - txt参考:XF: redm - 1050 - ap -安全-密码(9263)参考:网址:http://www.iss.net/security_center/static/9263.php红色m 1050(蓝牙访问点)使用不分大小写密码,这使得攻击者更容易进行暴力破解密码猜测攻击由于小空间的可能。修改:ADDREF XF: redm - 1050 ap -不安全的密码(9263)分析- - - - - - - - - -供应商确认:推断行动:- 2002 - 0394能接受(3接受0 ack, 0评论)目前投票:接受(2)贝克,弗伦奇等待Foat修改(1)(4)考克斯墙,科尔,阿姆斯特朗选民的评论:弗雷希> XF: redm - 1050 - ap -安全-贝克密码(9263)>供应商响应不争论任何问题,说剩下的问题将在以后的固件更新解决。听起来像确认给我。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0401网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0401最终决定:阶段性裁决:20030326修改:20030321 - 02年提出:20020611分配:20020603类别:科幻参考:BUGTRAQ: 20020529潜在的安全问题在飘渺的参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102268626526119&w=2参考:确认:http://www.ethereal.com/appnotes/enpa - sa - 00004. - html参考:DEBIAN: dsa - 130参考:网址:http://www.debian.org/security/2002/dsa - 130参考:REDHAT: RHSA-2002:088参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 088. - html参考:CONECTIVA: CLSA-2002:505参考:网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505参考:火山口:综援- 2002 - 037.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 037.0.txt参考:报价:4806参考:网址:http://online.securityfocus.com/bid/4806参考:XF: ethereal-smb-dissector-dos(9204)参考:网址:http://www.iss.net/security_center/static/9204.php早些时候在飘渺的0.9.3和SMB解剖器允许远程攻击者造成拒绝服务(崩溃)或通过畸形数据包执行任意代码导致的间接引用一个空指针。修改:ADDREF红帽:RHSA-2002:088 ADDREF XF: ethereal-smb-dissector-dos (9204) ADDREF CONECTIVA: CLSA-2002:505 ADDREF火山口:综援037.0 - 2002 -分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0401能接受(6接受,4 ack, 0评论)目前投票:接受(4)贝克,Foat,科尔,阿姆斯特朗修改(2)弗雷希考克斯等待(2)Christey,墙选民的评论:考克斯> ADDREF: RHSA-2002:088 Christey >修复版本:0.9.3也是影响(感谢马克·考克斯注意这个)Christey > XF: ethereal-smb-dissector-dos(9204)网址:http://www.iss.net/security_center/static/9204.phpCONECTIVA: CLSA-2002:505网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505弗雷希> XF: ethereal-smb-dissector-dos (9204) Christey >火山口:综援- 2002 - 037.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 037.0.txt= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0402网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0402最终决定:阶段性裁决:20030326修改:20030321 - 02年提出:20020611分配:20020603类别:科幻参考:确认:http://www.ethereal.com/appnotes/enpa - sa - 00004. - html参考:DEBIAN: dsa - 130参考:网址:http://www.debian.org/security/2002/dsa - 130参考:BUGTRAQ: 20020529潜在的安全问题在飘渺的参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102268626526119&w=2参考:REDHAT: RHSA-2002:088参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 088. - html参考:CONECTIVA: CLSA-2002:505参考:网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505参考:火山口:综援- 2002 - 037.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 037.0.txt参考:XF: ethereal-x11-dissector-bo(9203)参考:网址:http://www.iss.net/security_center/static/9203.php参考:报价:4805参考:网址:http://online.securityfocus.com/bid/4805缓冲区溢出在飘渺的X11解剖器0.9.3早些时候,允许远程攻击者可能导致拒绝服务(崩溃)和执行任意代码而飘渺的解析击键。修改:ADDREF红帽:RHSA-2002:088 ADDREF CONECTIVA: CLSA-2002:505 ADDREF XF: ethereal-x11-dissector-bo (9203) ADDREF火山口:综援037.0 - 2002 -分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0402能接受(6接受,4 ack, 0评论)目前投票:接受(4)贝克,Foat,科尔,阿姆斯特朗修改(2)弗雷希考克斯等待(2)Christey,墙选民的评论:考克斯> ADDREF: RHSA-2002:088 Christey >修复版本:0.9.3也是影响(感谢马克·考克斯注意这个)Christey > XF: ethereal-x11-dissector-bo(9203)网址:http://www.iss.net/security_center/static/9203.phpCONECTIVA: CLSA-2002:505网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505弗雷希> XF: ethereal-x11-dissector-bo (9203) Christey >火山口:综援- 2002 - 037.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 037.0.txt= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0403网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0403最终决定:阶段性裁决:20030326修改:20030321 - 02年提出:20020611分配:20020603类别:科幻参考:确认:http://www.ethereal.com/appnotes/enpa - sa - 00004. - html参考:DEBIAN: dsa - 130参考:网址:http://www.debian.org/security/2002/dsa - 130参考:BUGTRAQ: 20020529潜在的安全问题在飘渺的参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102268626526119&w=2参考:REDHAT: RHSA-2002:088参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 088. - html参考:CONECTIVA: CLSA-2002:505参考:网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505参考:火山口:综援- 2002 - 037.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 037.0.txt参考:报价:4807参考:网址:http://online.securityfocus.com/bid/4807参考:XF: ethereal-dns-dissector-dos(9205)参考:网址:http://www.iss.net/security_center/static/9205.phpDNS解剖器在飘渺的0.9.3允许远程攻击者造成拒绝服务(CPU消耗)通过一个畸形导致的包进入一个无限循环。修改:ADDREF红帽:RHSA-2002:088 ADDREF CONECTIVA: CLSA-2002:505 ADDREF XF: ethereal-dns-dissector-dos (9205) ADDREF火山口:综援037.0 - 2002 -分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0403能接受(6接受,4 ack, 0评论)目前投票:接受(4)贝克,Foat,科尔,阿姆斯特朗修改(2)弗雷希考克斯等待(2)Christey,墙选民的评论:考克斯> ADDREF: RHSA-2002:088 Christey >修复版本:0.9.3也是影响(感谢马克·考克斯注意这个)Christey > XF: ethereal-dns-dissector-dos(9205)网址:http://www.iss.net/security_center/static/9205.phpCONECTIVA: CLSA-2002:505网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505弗雷希> XF: ethereal-dns-dissector-dos (9205) Christey >火山口:综援- 2002 - 037.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 037.0.txt= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0404网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0404最终决定:阶段性裁决:20030326修改:20030321 - 02年提出:20020611分配:20020603类别:科幻参考:确认:http://www.ethereal.com/appnotes/enpa - sa - 00004. - html参考:DEBIAN: dsa - 130参考:网址:http://www.debian.org/security/2002/dsa - 130参考:BUGTRAQ: 20020529潜在的安全问题在飘渺的参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102268626526119&w=2参考:REDHAT: RHSA-2002:088参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 088. - html参考:CONECTIVA: CLSA-2002:505参考:网址:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505参考:火山口:综援- 2002 - 037.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 037.0.txt参考:报价:4808参考:网址:http://online.securityfocus.com/bid/4808参考:XF: ethereal-giop-dissector-dos(9206)参考:网址:http://www.iss.net/security_center/static/9206.php脆弱性GIOP解剖器在飘渺的0.9.3允许远程攻击者造成拒绝服务(内存消耗)。修改:ADDREF红帽:RHSA-2002:088 ADDREF CONECTIVA: CLSA-2002:505 ADDREF XF: ethereal-giop-dissector-dos (9206) ADDREF火山口:综援037.0 - 2002 -分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0404能接受(6接受,4 ack, 0评论)目前投票:接受(4)贝克,Foat,科尔,阿姆斯特朗修改(2)弗雷希考克斯等待(2)Christey,墙选民的评论:考克斯> ADDREF: RHSA-2002:088 Christey >修复版本:0.9.3也是影响(感谢马克·考克斯注意这个)Christey > XF: ethereal-giop-dissector-dos(9206)网址:http://www.iss.net/security_center/static/9206.php弗雷希> XF: ethereal-giop-dissector-dos (9206) Christey >火山口:综援- 2002 - 037.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 037.0.txt= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0406网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0406最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020302 Sphereserver参考拒绝服务:网址:http://online.securityfocus.com/archive/1/259334参考:XF: sphereserver-connections-dos(8338)参考:网址:http://www.iss.net/security_center/static/8338.php参考:报价:4258参考:网址:http://www.securityfocus.com/bid/4258Menasoft球体server 0.99和0.5 x允许远程攻击者造成拒绝服务通过建立大量的连接到服务器没有提供登录凭证,从而防止其他用户无法登录。分析- - - - - - - - - -供应商确认:推断行动:- 2002 - 0406能接受(3接受0 ack, 0评论)目前投票:接受(3)抑郁症,科尔,Alderson等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0412网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0412最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020304 [H20020304]:远程利用ntop参考格式字符串漏洞:网址:http://online.securityfocus.com/archive/1/259642参考:BUGTRAQ: 20020411警报警报警报警报警报警报警报警报警报警报警报参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101854261030453&w=2参考:BUGTRAQ: 20020411 re:消耗ntop警报参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101856541322245&w=2ntop参考参考:BUGTRAQ: 20020417段错误:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101908224609740&w=2参考:VULNWATCH: 20020304 [VULNWATCH] [H20020304]:远程利用ntop参考格式字符串漏洞:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0056.html参考:确认:http://snapshot.ntop.org/参考:MISC:http://listmanager.unipi.it/pipermail/ntop-dev/2002-February/000489.html参考:XF: ntop-traceevent-format-string(8347)参考:网址:http://www.iss.net/security_center/static/8347.php参考:报价:4225参考:网址:http://www.securityfocus.com/bid/4225格式字符串漏洞在2.1前ntop TraceEvent函数允许远程攻击者执行任意代码,导致格式字符串被注入到syslog调用函数,通过(1)一个HTTP GET请求,(2)在HTTP身份验证用户名,或(3)在HTTP身份验证密码。分析- - - - - - - - - -供应商确认:是的咨询确认:在首页,供应商有一个项目3月5日,2002年,国家“安全暴露(远程代码执行)据报道,ntop bugtraq (bugtraq@securityfocus.com)的全息图”——原大参考bugtraq。推断行动:- 2002 - 0412能接受(6接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,科尔,法国人?考克斯Alderson修改(1)无操作(1)Foat选民的评论:考克斯>我相信这只苹果ntop版本2不是版本1 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0414网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0414最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020304 BSD: IPv4转发不咨询入站SPD KAME-derived IPsec参考:网址:http://www.securityfocus.com/archive/1/259598参考:确认:http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG参考:报价:4224参考:网址:http://www.securityfocus.com/bid/4224参考:XF: kame-forged-packet-forwarding(8416)参考:网址:http://www.iss.net/security_center/static/8416.php参考:VULNWATCH: 20020304 [VULNWATCH] BSD: IPv4转发不咨询入站SPD KAME-derived IPsec参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.htmlNetBSD 1.5.2 KAME-derived实现IPsec, FreeBSD 4.5,和其他操作系统,不适当的咨询安全策略数据库(SPD),这可能会导致一个安全网关(SG)不使用封装安全载荷(ESP)将伪造的IPv4转发数据包。分析- - - - - - - - - -供应商确认:是的更新日志确认:在更新日志项过时“Mon 2:00:06 2002年2月25日,供应商说“执行ipsec策略检查转发情况”和学分Bugtraq海报。推断行动:- 2002 - 0414能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,抑郁症,科尔,Alderson等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0423网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0423最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020306 efingerd远程缓冲区溢出和危险特性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-03/0050.html参考:确认:http://melkor.dnp.fmph.uniba.sk/ garabik / efingerd / efingerd_1.5.tar.gz参考:报价:4239参考:网址:http://www.securityfocus.com/bid/4239参考:XF: efingerd-reverse-lookup-bo(8380)参考:网址:http://www.iss.net/security_center/static/8380.php早些时候在efingerd 1.5和缓冲区溢出,可能高达1.61,允许远程攻击者可能导致拒绝服务和执行任意代码通过一个手指要求获得有着悠久主机名的IP地址,通过反向DNS查找。分析- - - - - - - - - -供应商确认:是的补丁确认:考试1.6.2的源代码的一个孩子。c文件,首次披露约会几周后,唯一的变化是终止的字符串复制。但是源代码显示了strncpy调用,而不是拷贝字符串所宣称的揭露者。回顾旧版本的源代码,似乎第一次尝试解决溢出是在version 1.5中,在那里拷贝字符串被strncpy所取代。然而,由于字符串不是零终止直到1.6.2,揭露者可能认为溢出仍然存在,因为他们至少还能引发崩溃。目前尚不清楚无端接的字符串通过1.6.2版本1.5是可利用的。推断行动:- 2002 - 0423能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,抑郁症,科尔,Alderson等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0424网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0424最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020306 efingerd远程缓冲区溢出和危险特性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-03/0050.html参考:确认:http://melkor.dnp.fmph.uniba.sk/ garabik / efingerd / efingerd_1.6.2.tar.gz参考:报价:4240参考:网址:http://www.securityfocus.com/bid/4240参考:XF: efingerd-file-execution(8381)参考:网址:http://www.iss.net/security_center/static/8381.phpefingerd 1.61和更早,当配置没有- u选项,执行.efingerd文件efingerd用户(通常是“没有人”),它允许本地用户获得特权作为efingerd用户通过修改自己的手指.efingerd文件并运行。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商承认但在1.6.2并不解决问题。README文件efingerd 1.6.2包含了一个新的“安全注意事项”部分指出:“除非使用- u选项运行,efingerd执行…(.efingerd文件)在相同UID efingerd守护进程…这意味着用户可以获得这个UID很容易。”For the purposes of CVE, vendor acknowledgement is all that is necessary. INFERRED ACTION: CAN-2002-0424 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Frech, Cole, Alderson NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0425 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0425最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020306 mIRC DCC参考服务器安全缺陷:网址:http://online.securityfocus.com/archive/1/260244参考:XF: mirc-dcc-reveal-info(8393)参考:网址:http://www.iss.net/security_center/static/8393.php参考:报价:4247参考:网址:http://www.securityfocus.com/bid/4247mIRC DCC服务器协议允许远程攻击者获得敏感信息,如通过“100”测试消息交替IRC昵称的DCC连接请求不能被忽视或取消的用户,这可能泄漏备用昵称在响应消息。分析- - - - - - - - - -供应商确认:推断行动:- 2002 - 0425能接受(3接受0 ack, 0评论)目前投票:接受(3)抑郁症,科尔,Alderson等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0429网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0429最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020308 < = 2.4.18 x86 linux陷阱。c问题参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101561298818888&w=2参考:确认:http://www.openwall.com/linux/参考:REDHAT: RHSA-2002:158参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 158. - html参考:报价:4259参考:网址:http://online.securityfocus.com/bid/4259参考:XF: linux-ibcs-lcall-process(8420)参考:网址:http://www.iss.net/security_center/static/8420.phpiBCS例程在arch / i386 / kernel /陷阱。c x86上的Linux内核2.4.18早些时候,系统允许本地用户杀死任意流程通过二进制兼容性接口(lcall)。修改:ADDREF红帽:RHSA-2002:158 ADDREF XF: linux-ibcs-lcall-process(8420)分析- - - - - - - - - -供应商确认:是的确认:Openwall主页有一个项日期为3月3日,2002年,即“Linux 2.2.20-ow2修复一个x86-specific脆弱性在Linux内核中发现的Stephan Springl当地用户可以虐待一个二进制兼容性接口(lcall)杀死进程不属于他们。”推断行动:- 2002 - 0429能接受(5接受,2 ack, 0评论)目前投票:接受(4)贝克,考克斯科尔,弗伦奇等待Alderson修改(1)(2)墙,Foat选民的评论:弗雷希> XF: linux-ibcs-lcall-process(8420)改变>考克斯(考克斯改变投票从审查接受)> ADDREF: RHSA-2002:158 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0431网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0431最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020309 xtux服务器DoS。参考网址:http://online.securityfocus.com/archive/1/260912参考:MISC:https://sourceforge.net/tracker/index.php?func=detail&aid=529046&group_id=206&atid=100206参考:报价:4260参考:网址:http://www.securityfocus.com/bid/4260参考:XF: xtux-server-dos(8422)参考:网址:http://www.iss.net/security_center/static/8422.phpXTux允许远程攻击者造成拒绝服务(CPU消耗)通过随机输入的初始连接。分析- - - - - - - - - -供应商确认:确认:在撰写本文时(20020514),一个错误报告提交20020319,但是供应商没有回应。推断行动:- 2002 - 0431能接受(3接受0 ack, 0评论)目前投票:接受(3)抑郁症,科尔,Alderson等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0435网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0435最终决定:阶段性裁决:20030326修改:20030321 - 02年提出:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020310 GNU fileutils——递归目录删除竞态条件参考:网址:http://www.securityfocus.com/archive/1/260936参考:确认:http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html参考:火山口:综援- 2002 - 018.1参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 018.1.txt参考:XF: gnu-fileutils-race-condition(8432)参考:网址:http://www.iss.net/security_center/static/8432.php参考:报价:4266参考:网址:http://www.securityfocus.com/bid/4266参考:曼德拉草:MDKSA-2002:031参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 031. - php竞态条件的递归目录删除(1)和(2)目录在GNU文件实用程序(fileutils) 4.1和更早的允许本地用户删除目录的用户运行fileutils低级目录移动到一个更高的水平,因为它被删除,导致fileutils“. .”目录,目录是高于预期,可能到根文件系统。修改:ADDREF曼德拉草:MDKSA-2002:032 CHANGEREF证实[URL]改变CHANGEREF曼德拉草(打错了)分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0435能接受(5接受,2 ack, 0评论)目前投票:接受(5)绿色,贝克,考克斯Foat,科尔等待(2)Christey,墙选民的评论:Christey >曼德拉草:MDKSA-2002:032改变>考克斯(考克斯改变投票从审查接受)>确认:http://mail.gnu.org/pipermail/bug-fileutils/2002-March/002440.html是一个死链接,我跟踪信息新生活链接吗http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.htmlChristey >曼德拉草参考应该曼德拉草:MDKSA-2002:031 tcpdump(032) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0437网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0437最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020311 SMStools漏洞在释放1.4.8参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-03/0103.html参考:确认:http://www.isis.de/members/ s.frings / smstools / history.html参考:报价:4268参考:网址:http://www.securityfocus.com/bid/4268参考:XF: sms-tools-format-string(8433)参考:网址:http://www.iss.net/security_center/static/8433.phpSmsd在短信服务器工具(SMStools)之前1.4.8允许远程攻击者执行任意命令通过shell元字符(反)消息文本,所述术语“字符串格式的脆弱性”一些来源。分析- - - - - - - - - -供应商确认:是的、准确性:原大参考(可能非英语)说,问题是由于“字符串格式漏洞,”听起来好像格式字符串漏洞;但影响被描述为“任意命令注入,”和供应商的更改日志说“禁用执行的程序通过使用反在消息文本,“这使它听起来像一个shell元字符的问题。此外,源代码审查1.4.9表明问题是shell元字符。在smsd getSMSdata ()。c删除引用一个文本字段,然后提供给sendsms(),然后送入my_system(),然后调用系统()。后续邮件大参考确认大参考是处理一个元字符的问题。确认:在一个“谢谢”页面,供应商信用研究员,在更改日志,安全问题描述匹配的日期和版本的影响从最初的披露。推断行动:- 2002 - 0437能接受(3接受,1 ack, 0评论)目前投票:接受(3)绿色,贝克,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0441网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0441最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020311目录遍历脆弱性phpimglist参考:网址:http://www.securityfocus.com/archive/1/261221参考:确认:http://www.liquidpulse.net/get.lp?id=17参考:XF: phpimglist-dot-directory-traversal(8441)参考:网址:http://www.iss.net/security_center/static/8441.php参考:报价:4276参考:网址:http://www.securityfocus.com/bid/4276目录遍历imlist脆弱性。php为php Imglist允许远程攻击者读取任意代码通过一个. .慢性消耗病(点点)参数。分析- - - - - - - - - -供应商确认:是的更新日志确认:1.2.2标识一个bug修复版的更新日志”阻止人们浏览你指定的目录之外的。”INFERRED ACTION: CAN-2002-0441 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Green, Baker, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0442 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0442最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:参考:火山口:综援- 2002上海合作组织。8参考:网址:ftp://stage.caldera.com/pub/security/openserver/cssa - 2002 sco.8/cssa - 2002 sco.8.txt参考:XF: openserver-dlvraudit-bo(8442)参考:网址:http://www.iss.net/security_center/static/8442.php参考:报价:4273参考:网址:http://www.securityfocus.com/bid/4273缓冲区溢出的dlvr_audit火山口OpenServer 5.0.5 5.0.6允许本地用户获得根权限。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0442能接受(3接受,1 ack, 0评论)目前投票:接受(3)绿色,贝克,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0451网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0451最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:在phprojekt BUGTRAQ: 20020313命令执行。参考网址:http://www.securityfocus.com/archive/1/261676参考:确认:http://www.phprojekt.com/modules.php?op=modload&name=万博下载包News&file=article&sid=19&mode=&order=参考:报价:4284参考:网址:http://www.securityfocus.com/bid/4284参考:XF: phpprojekt-filemanager-include-files(8448)参考:网址:http://www.iss.net/security_center/static/8448.phpfilemanager_forms。php在PHProjekt 3.1和3.1允许远程攻击者执行任意的php代码通过指定URL的代码lib_path参数。分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0451能接受(3接受,1 ack, 0评论)目前投票:接受(3)绿色,贝克,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0454网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0454最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020315错误QPopper(所有版本?)参考网址:http://www.securityfocus.com/archive/1/262213参考:确认:ftp://ftp.qualcomm.com/eudora/servers/unix/popper/qpopper4.0.4.tar.gz参考:XF: qpopper-qpopper-dos(8458)参考:网址:http://www.iss.net/security_center/static/8458.php参考:报价:4295参考:网址:http://www.securityfocus.com/bid/4295参考:火山口:综援- 2002上海合作组织。20参考:网址:ftp://stage.caldera.com/pub/security/openserver/cssa - 2002 sco.20Qpopper(又名。qpopper或波普尔)4.0.3早些时候,允许远程攻击者造成拒绝服务(CPU消耗)通过一个非常大的字符串,这导致无限循环。修改:ADDREF火山口:综援- 2002上海合作组织。20分析- - - - - - -供应商确认:是的补丁确认:版本的更改日志4.0.4说“固定DOS攻击出现在一些系统中,“但是描述本身太模糊,无法确定供应商已经固定的* *问题。然而,波普尔的diff /波普尔。c版本4.0.4和4.0.3向我们揭示了一个新的评论:“getline()现在清理存储缓冲区后,放弃丢弃字节。修复循环DOS攻击上看到一些系统。”That would be consistent with the behavior that was originally reported. INFERRED ACTION: CAN-2002-0454 ACCEPT (4 accept, 2 ack, 0 review) Current Votes: ACCEPT(4) Green, Baker, Wall, Cole NOOP(3) Christey, Cox, Foat Voter Comments: Christey> CALDERA:CSSA-2002-SCO.20 ====================================================== Candidate: CAN-2002-0462 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0462最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020318 (ARL02-A11)大山姆(内置独立访客留言簿模块)多个漏洞参考:网址:http://www.securityfocus.com/archive/1/262735参考:确认:http://www.gezzed.net/bigsam/bigsam.1_1_12.php.txt参考:XF: bigsam-displaybegin-dos(8478)参考:网址:http://www.iss.net/security_center/static/8478.php参考:XF: bigsam-safemode-path-disclosure(8479)参考:网址:http://www.iss.net/security_center/static/8479.php参考:报价:4312参考:网址:http://www.securityfocus.com/bid/4312bigsam_guestbook。大山姆php(内置留言板独立模块)1.1.08早些时候,允许远程攻击者造成拒绝服务(CPU消耗)或获得web服务器的绝对路径通过displayBegin参数与一个非常大的数字,这泄漏web路径错误消息启用php safe_mode时,当safe_mode未启用或消耗资源。修改:DESC改述澄清分析- - - - - - - - - -供应商确认:是的确认:在程序的源代码,供应商有一个评论,“检查displayBegin美元不是太大,”和信贷的揭露者。推断行动:- 2002 - 0462能接受(4接受,1 ack, 0评论)目前投票:接受(4)绿色,贝克,Foat,科尔等待(2)考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0463网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0463最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020319 Re: [ARL02-A07] ARSC很简单的聊天系统路径信息披露漏洞参考:网址:http://www.securityfocus.com/archive/1/262802参考:BUGTRAQ: 20020316 [ARL02-A07] ARSC很简单的聊天系统路径信息披露漏洞参考:网址:http://www.securityfocus.com/archive/1/262652参考:报价:4307参考:网址:http://www.securityfocus.com/bid/4307参考:XF: arsc-language-path-disclosure(8472)参考:网址:http://www.iss.net/security_center/static/8472.php家php在ARSC(很简单的聊天)1.0.1早些时候,允许远程攻击者决定的完整路径名web服务器通过一个无效的语言arsc_language参数,在一条错误消息泄漏路径名。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 0463能接受(3接受,1 ack, 0评论)目前投票:接受(3)绿色,贝克,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0464网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0464最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020318主机目录遍历疯狂……参考网址:http://www.securityfocus.com/archive/1/262734参考:确认:http://www.hostingcontroller.com/english/patches/ForAll/download/dot-slash.zip参考:报价:4311参考:网址:http://www.securityfocus.com/bid/4311目录遍历脆弱性主机控制器1.4.1早些时候,允许远程攻击者读取和修改任意文件和目录通过. .(点点)参数(1)file_editor。(2)folderactions asp。asp,或(3)editoractions.asp。分析- - - - - - - - - -供应商确认:是的更新日志确认:readme。txt文件在一片贴上“臭名昭著的点斜杠Bug修复”,3月22日,2002年,声明:“文件夹管理器容易臭名昭著的. ./错误,如果备用路径被使用查询字符串变量,改变路径可以被删除或重命名。”ABSTRACTION: Although another directory traversal vulnerability was discovered shortly before this one (January 2002), CD:SF-LOC suggests keeping separate CVE items for them because separate patches were produced. INFERRED ACTION: CAN-2002-0464 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Green, Baker, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0473 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0473最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:VULN-DEV: 20020318 phpBB2远程执行命令参考:网址:http://online.securityfocus.com/archive/82/262600参考:BUGTRAQ: 20020318 Re: phpBB2远程执行命令(fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-03/0221.html参考:BUGTRAQ: 20020318 phpBB2远程执行命令参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-03/0229.html参考:确认:http://prdownloads.sourceforge.net/phpbb/phpBB-2.0.1.zip参考:MISC:http://phpbb.sourceforge.net/phpBB2/viewtopic.php?t=9483参考:报价:4380参考:网址:http://www.securityfocus.com/bid/4380参考:XF: phpbb-db-command-execution(8476)参考:网址:http://www.iss.net/security_center/static/8476.phpdb。php在phBB 2.0(又名phBB2) RC-3早些时候,允许远程攻击者从远程服务器执行任意代码通过phpbb_root_path参数。分析- - - - - - - - - -供应商确认:是的changelog承认:一个帖子Bugtraq指向一个URL可能包含确认,但已不复存在。开发人员一个网络论坛的一个帖子中,3月23日,2002年,标题是“安全漏洞phpBB 2.0”,意味着任何“CVS版本日期为2002年3月19日之前”是脆弱的。在文档的更新日志的评论/ README。html说版本RC4”解决严重的安全问题包括文件,“这将符合略有模糊Bugtraq帖子,说“一些后门服务器[是]需要发起攻击,”这意味着PHP包含文件或粗糙的问题是等价的。" diff " 2.0.1到2.0.0 RC3表明db的唯一变化。php是一个检查IN_PHPBB变量,在RC3 (a)不存在,(b)中定义的所有顶级2.0.1的php项目,和(c)死后“黑客攻击”这个词如果IN_PHPBB不是定义。推断行动:- 2002 - 0473能接受(3接受,1 ack, 0评论)目前投票:接受(3)绿色,贝克,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0484网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0484最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020321 Re:函数的减免safe_mode限制PHP参考:网址:http://online.securityfocus.com/archive/1/263259参考:BUGTRAQ: 20020317在PHP函数的减免safe_mode限制参考:网址:http://online.securityfocus.com/archive/1/262999参考:BUGTRAQ: 20020322 Re:函数的减免safe_mode限制PHP参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101683938806677&w=2参考:确认:http://bugs.php.net/bug.php?id=16128参考:XF: php-moveuploadedfile-create-files(8591)参考:网址:http://www.iss.net/security_center/static/8591.php参考:报价:4325参考:网址:http://www.securityfocus.com/bid/4325用PHP函数的不不检查基本目录(open_basedir),这可能允许远程攻击者系统上上传文件到意想不到的位置。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 0484能接受(4接受,1 ack, 0评论)目前投票:接受(4)绿色,贝克,考克斯科尔等待(2)墙,Foat选民的评论:改变>(考克斯改变投票从审查接受)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0488网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0488最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020321 PHP脚本:企鹅Traceroute,远程命令执行参考:网址:http://www.securityfocus.com/archive/1/263285参考:确认:http://www.linux-directory.com/scripts/traceroute.pl参考:XF: penguin-traceroute-command-execution(8600)参考:网址:http://www.iss.net/security_center/static/8600.php参考:报价:4332参考:网址:http://www.securityfocus.com/bid/4332企鹅traceroute Linux目录。pl CGI脚本1.0允许远程攻击者执行任意代码通过shell元字符的主机参数。分析- - - - - - - - - -供应商确认:是的补丁确认:在源代码中,供应商清理主机参数,添加一个评论日期为20020321,说行了。推断行动:- 2002 - 0488能接受(5接受,1 ack, 0评论)目前投票:接受(5)绿色,贝克,墙,Foat,科尔等待考克斯(1)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0490网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0490最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020323即时Web邮件附加的POP3命令和邮件标题参考:网址:http://www.securityfocus.com/archive/1/264041参考:确认:http://instantwebmail.sourceforge.net/的更新日志参考:XF: instant-webmail-pop-commands(8650)参考:网址:http://www.iss.net/security_center/static/8650.php参考:报价:4361参考:网址:http://www.securityfocus.com/bid/4361即时网络邮件之前0.60不适当过滤CR / LF序列,它允许远程攻击者(1)执行任意命令通过id参数信息。php,或(2)修改某些邮件消息头通过无数write.php参数。分析- - - - - - - - - -供应商确认:是的更新日志确认:0.60版本的更改日志,2002年3月17日说,“出于安全考虑,不可能写额外的标题除了正常的在编写消息。”INFERRED ACTION: CAN-2002-0490 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Frech, Cole, Armstrong NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0493 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0493最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020325 re: Tomcat安全暴露参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101709002410365&w=2参考:MISC:http://www.apachelabs.org/tomcat-dev/200108.mbox/%3C20010810000819.6350.qmail@icarus.apache.org e % 3参考:XF: tomcat-xml-bypass-restrictions(9863)参考:网址:http://www.iss.net/security_center/static/9863.phpApache Tomcat可能开始没有适当的安全设置,如果阅读时遇到错误。xml文件,它可以让攻击者绕过限制。修改:ADDREF XF: tomcat-xml-bypass-restrictions(9863)分析- - - - - - - - - -供应商确认:推断行动:- 2002 - 0493能接受(4接受,0 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:改变>[弗雷希改变投票从审查修改]弗雷希> XF: tomcat-xml-bypass-restrictions(9863) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0494网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0494最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020325 WebSight目录系统:跨站脚本漏洞参考:网址:http://www.securityfocus.com/archive/1/263914参考:确认:http://sourceforge.net/forum/forum.php?forum_id=163389参考:报价:4357参考:网址:http://www.securityfocus.com/bid/4357参考:XF: websight-directory-system-css(8624)参考:网址:http://www.iss.net/security_center/static/8624.php跨站点脚本漏洞WebSight目录系统0.1允许远程攻击者执行任意Javascript和获得WebSight管理员通过一个新的包含脚本的链接提交一个网站的名字。分析- - - - - - - - - -供应商确认:确认:供应商的新闻发布题为“重要的安全修复!”万博下载包日期为20020325,说,“问题是,在政府领域,没有从正在执行的javascript等预防,”和信贷的海报。推断行动:- 2002 - 0494能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,科尔,法国人?阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0495网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0495最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020325 CGIscript.net——csSearch。cgi -远程代码执行(17000网站脆弱)参考:网址:http://www.securityfocus.com/archive/1/264169参考:MISC:http://www.cgiscript.net/cgi-script/cs万博下载包News/csNews.cgi?database=cgi.db&command=viewone&id=7参考:报价:4368参考:网址:http://www.securityfocus.com/bid/4368参考:XF: cssearch-url-execute-commands(8636)参考:网址:http://www.iss.net/security_center/static/8636.phpcsSearch。早些时候在csSearch 2.3和cgi允许远程攻击者执行任意Perl代码通过savesetup命令和设置参数,设置覆盖。cgi csSearch.cgi加载配置文件。分析- - - - - - - - - -供应商确认:未知的模糊的承认:csSearch Pro web页面,供应商国家”安全警报:我们最近发现的漏洞在csSearch 2.3及以下版本。请下载并安装csSearch 2.5纠正这个问题。”This is not enough detail to be certain that the vendor is addressing this particular vulnerability. INFERRED ACTION: CAN-2002-0495 ACCEPT (4 accept, 0 ack, 0 review) Current Votes: ACCEPT(4) Baker, Frech, Foat, Cole NOOP(3) Cox, Wall, Armstrong Voter Comments: Frech>http://online.securityfocus.com/archive/1/266432= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0497网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0497最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020306地铁0.45,0.46参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-03/0048.html参考:DEBIAN: dsa - 124参考:网址:http://www.debian.org/security/2002/dsa - 124参考:报价:4217参考:网址:http://www.securityfocus.com/bid/4217参考:XF: mtr-options-bo(8367)参考:网址:http://www.iss.net/security_center/static/8367.php早些时候在地铁0.46和缓冲区溢出,当安装setuid root,允许本地用户访问原始套接字通过长MTR_OPTIONS环境变量。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0497能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,抑郁症,考克斯科尔等待(2)墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0501网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0501最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020327格式字符串Posadis DNS服务器引用错误:网址:http://online.securityfocus.com/archive/1/264450参考:确认:http://sourceforge.net/forum/forum.php?forum_id=165094参考:XF: posadis-logging-format-string(8653)参考:网址:http://www.iss.net/security_center/static/8653.php参考:报价:4378参考:网址:http://www.securityfocus.com/bid/4378格式字符串漏洞在log_print()函数之前Posadis DNS服务器版本m5pre2允许本地用户和远程攻击者可能通过执行任意代码插入到日志消息的格式字符串。修改:DESC修复错误分析- - - - - - - - - -供应商确认:是的确认:供应商声明修复漏洞”,2002年3月27日报道Bugtraq。”INFERRED ACTION: CAN-2002-0501 ACCEPT (5 accept, 1 ack, 0 review) Current Votes: ACCEPT(5) Baker, Frech, Foat, Cole, Armstrong NOOP(2) Cox, Wall ====================================================== Candidate: CAN-2002-0505 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0505最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:思科:20020327 LDAP连接泄漏在CTI用户身份验证失败时参考:网址:http://www.cisco.com/warp/public/707/callmanager-ctifw-leak-pub.shtml参考:XF: cisco-cti-memory-leak(8655)参考:网址:http://www.iss.net/security_center/static/8655.php参考:报价:4370参考:网址:http://www.securityfocus.com/bid/4370内存泄漏的呼叫电话集成(CTI)框架为思科认证CallManager 3.0和3.1在3.1(3)允许远程攻击者造成拒绝服务(崩溃和重载)通过一系列的验证失败,例如通过不正确的密码。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0505能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,科尔,法国人?阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0506网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0506最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020328一个可能的缓冲区溢出在libnewt参考:网址:http://online.securityfocus.com/archive/1/264699参考:XF: libnewt-bo(8700)参考:网址:http://www.iss.net/security_center/static/8700.php参考:报价:4393参考:网址:http://www.securityfocus.com/bid/4393纽特的缓冲区溢出。c(纽特窗口库(libnewt) 0.50.33早些时候,允许攻击者可能导致拒绝服务或使用libnewt setuid程序中执行任意代码。只修改:DESC强调setuid项目分析- - - - - - - - - -供应商确认:是的cve-vote推断行动:- 2002 - 0506能接受(3接受,1 ack, 0评论)目前投票:接受(3)弗雷希考克斯科尔等待(3)墙,Foat,阿姆斯特朗选民的评论:考克斯>(虽然只是一个问题如果你有setuid程序使用libnewt) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0511网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0511最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:火山口:综援- 2002 - 013.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2002 013.0.txt参考:XF: nscd-dns-ptr-validation(8745)参考:网址:http://www.iss.net/security_center/static/8745.php参考:报价:4399参考:网址:http://www.securityfocus.com/bid/4399名称服务的默认配置缓存守护进程(nscd)在火山口OpenLinux 3.1和3.1.1使用缓存的PTR记录代替咨询权威域名服务器的一个记录,它可以方便远程攻击者绕过限制基于主机名访问的应用程序。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0511能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,抑郁症,Foat,科尔,阿姆斯特朗等待(2)考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0512网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0512最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020611分配:20020607类别:科幻参考:火山口:综援- 2002 - 005.0参考:网址:http://www.calderasystems.com/support/security/advisories/cssa - 2002 005.0.txt参考:报价:4400参考:网址:http://www.securityfocus.com/bid/4400参考:XF: kde-startkde-search-directory(8737)参考:网址:http://www.iss.net/security_center/static/8737.phpstartkde KDE的火山口OpenLinux 2.3通过3.1.1 LD_LIBRARY_PATH环境变量设置为包括当前工作目录,这可能允许本地用户运行的其他用户获得特权startkde通过木马库。修改:ADDREF XF: kde-startkde-search-directory(8737)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0512能接受(4接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗弗伦奇等待修改(1)(4)Christey,考克斯墙,Foat选民的评论:弗雷希> XF: kde-startkde-search-directory (8737) Christey >通过长有很长的历史的溢出-xrm参数。需要确保没有重叠与其他独立的漏洞报告。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0513网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0513最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020330 popper_mod 1.2.1和以前的帐户妥协参考:网址:http://online.securityfocus.com/archive/1/265438参考:确认:http://www.symatec-computer.com/forums/viewtopic.php?t=14参考:XF: symatec-popper-admin-access(8746)参考:网址:http://www.iss.net/security_center/static/8746.php参考:报价:4412参考:网址:http://www.securityfocus.com/bid/4412早些时候在popper_mod 1.2.1和PHP脚本管理依赖于Apache . htaccess的身份验证,它允许远程攻击者获得特权如果脚本没有适当地配置管理员。分析- - - - - - - - - -供应商确认:是的包含:这是否依赖. htaccess是设计问题还是一个配置的问题,这个问题与漏洞,应该包括在CVE的定义。推断行动:- 2002 - 0513能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,科尔,法国人?阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0516网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0516最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020327 squirrelmail 1.2.5邮件用户可以执行命令参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-03/0350.html参考:BUGTRAQ: 20020331 Re: squirrelmail 1.2.5邮件用户可以执行命令参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-03/0386.html参考:报价:4385参考:网址:http://www.securityfocus.com/bid/4385参考:XF: squirrelmail-theme-command-execution(8671)参考:网址:http://www.iss.net/security_center/static/8671.phpSquirrelMail 1.2.5早些时候,允许经过身份验证的SquirrelMail用户执行任意命令通过修改主题变量在一个cookie。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 0516能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,科尔,法国人?阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0531网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0531最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020403 emumail。cgi参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0066.html参考:确认:http://www.emumail.com/downloads/download_unix.html/参考:XF: emumail-cgi-view-files(8766)参考:网址:http://www.iss.net/security_center/static/8766.php参考:报价:4435参考:网址:http://www.securityfocus.com/bid/4435目录遍历emumail脆弱性。cgi EMU邮箱4.5。x和5。1.0 allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in the type parameter. Analysis -------- Vendor Acknowledgement: yes ACKNOWLEDGEMENT: the download page for Webmail includes a statement dated April 11, 2002, which says "This patch corrects a security flaw in EMU Webmail which may allow remote users to exploit emumail.cgi under certain conditions to read files on the remote system." INFERRED ACTION: CAN-2002-0531 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Frech, Cole, Armstrong NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0532 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0532最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020410 Re: emumail。cgi,一个当地的脆弱性(未验证)参考:网址:http://online.securityfocus.com/archive/1/266930参考:XF: emumail-http-host-execute(8836)参考:网址:http://www.iss.net/security_center/static/8836.php参考:报价:4488参考:网址:http://www.securityfocus.com/bid/4488鸸鹋邮箱允许本地用户执行任意程序通过一个. .(点点)在HTTP主机头指向一个特洛伊木马配置文件,其中包含一个pageroot说明符包含shell元字符。分析- - - - - - - - - -供应商确认:是的领域相符确认:被派往的询盘http://www.emumail.com/support/tech_inquiry.html2002年6月3日。在24小时内,techprod@emumail.com确认漏洞:“是的,这是固定的……有一个更新补丁4.5和5.1在我们的网站上。已知版本4.5和5的影响。x 4.0和更早的版本可能会影响/”推断行动:- 2002 - 0532能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,抑郁症,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0536网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0536最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020403 SQL注入PHPGroupware参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0036.html参考:BUGTRAQ: 20020411 Re: SQL注入PHPGroupware参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0143.html参考:XF: phpgroupware-sql-injection(8755)参考:网址:http://www.iss.net/security_center/static/8755.php参考:报价:4424参考:网址:http://www.securityfocus.com/bid/4424PHPGroupware 0.9.12早些时候,当运行magic_quotes_gpc功能残疾,允许远程攻击者妥协数据库通过SQL注入攻击。分析- - - - - - - - - -供应商确认:是的跟踪包括:供应商的跟踪表明,问题是由于非默认配置magic_quotes_gpc phpGroupWare的配置文件。虽然这可以归因于一个明显限制PHP本身(自报价显然不能清晰地启用PHP程序中自己?),这个供应商没有解决这个问题,所以这个问题应该包含在CVE。推断行动:- 2002 - 0536能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(4)考克斯墙,Foat,阿姆斯特朗= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0538网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0538最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020415猛禽防火墙FTP反弹脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html参考:BUGTRAQ: 20020417 Re:猛禽防火墙FTP反弹脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html参考:确认:http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html参考:XF: raptor-firewall-ftp-bounce(8847)参考:网址:http://www.iss.net/security_center/static/8847.php参考报价:4522参考:URL: h ttp: / /www.securityfocus.com/bid/4522 FTP代理在赛门铁克猛禽防火墙6.5.3和Enterprise 7.0重写一个FTP服务器的“FTP端口”反应,允许远程攻击者将FTP数据连接重定向到任意端口,“FTP反弹”的一种变体的弱点。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 0538能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0539网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0539最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020415 Demarc PureSecure 1.05可能是其他(用户可以绕过登录)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0168.html参考:BUGTRAQ: 20020417 Demarc安全更新咨询参考:网址:http://online.securityfocus.com/archive/1/267941参考:XF: puresecure-sql-injection(8854)参考:网址:http://www.iss.net/security_center/static/8854.php参考:报价:4520参考:网址:http://www.securityfocus.com/bid/4520Demarc PureSecure 1.05允许远程攻击者获得管理权限通过SQL注入攻击的会话ID存储在s_key饼干。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 0539能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0542网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0542最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020411当地根妥协openbsd 3.0及以下参考:网址:http://online.securityfocus.com/archive/1/267089参考:BUGTRAQ: 20020411 OpenBSD本地根妥协参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101855467811695&w=2参考:确认:http://www.openbsd.org/errata30.html的邮件参考:XF: openbsd-mail-root-privileges(8818)参考:网址:http://www.iss.net/security_center/static/8818.php参考:报价:4495参考:网址:http://www.securityfocus.com/bid/4495邮件在OpenBSD 2.9和3.0处理波浪号(~)转义字符在消息即使不是在交互模式下,可以允许本地用户通过调用邮件在cron获得根权限。分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0542能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0543网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0543最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020409深渊网络服务器1.0管理密码文件检索利用参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0110.html参考:确认:http://www.aprelium.com/forum/viewtopic.php?t=24参考:报价:4466参考:网址:http://www.securityfocus.com/bid/4466参考:XF: abyss-unicode-directory-traversal(8805)参考:网址:http://www.iss.net/security_center/static/8805.php目录遍历脆弱性Aprelium深渊Web服务器(abyssws)之前1.0.0.2允许远程攻击者读取文件在Web根之外,包括深渊。配置文件,通过url编码. .(点点)在HTTP请求序列。分析- - - - - - - - - -供应商确认:确认:发布到供应商论坛名为“打补丁的发布1.0.0.2”和过时的20020408表示,对某种形式的补丁是“圆点url指向一个别名目录,可以让人们阅读深渊。配置文件”。INFERRED ACTION: CAN-2002-0543 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Frech, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0545 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0545最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:思科:20020409 Aironet Telnet脆弱性参考:网址:http://www.cisco.com/warp/public/707/Aironet-Telnet.shtml参考:报价:4461参考:网址:http://www.securityfocus.com/bid/4461参考:XF: cisco-aironet-telnet-dos(8788)参考:网址:http://www.iss.net/security_center/static/8788.php思科Aironet之前11.21启用了Telnet允许远程攻击者造成拒绝服务(重启)通过一系列与无效的用户名和密码登录尝试。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0545能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,科尔,法国人?阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0553网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0553最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020413 SunSop:跨站脚本漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0154.html参考:XF: sunshop-new-cust-css(8840)参考:网址:http://www.iss.net/security_center/static/8840.php参考:报价:4506参考:网址:http://www.securityfocus.com/bid/4506早些时候在SunShop 2.5和跨站点脚本漏洞允许远程攻击者获得管理权限SunShop注入脚本领域在新客户注册。分析- - - - - - - - - -供应商确认:是的领域相符确认:电子邮件查询发送到support@turnkeywebtools.com 6月3日,2002年。响应被在一个小时内,说“一个补丁发布之前,漏洞被释放。如果你升级到2.6,你会没有忧虑。”INFERRED ACTION: CAN-2002-0553 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Frech, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0567 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0567最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020206远程Oracle 9 i数据库服务器引用妥协:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101301332402079&w=2参考:CERT-VN: VU # 180147参考:网址:http://www.kb.cert.org/vuls/id/180147参考:CERT: ca - 2002 - 08年参考:网址:http://www.cert.org/advisories/ca - 2002 - 08. - html参考:确认:http://otn.oracle.com/deploy/security/pdf/plsextproc_alert.pdf参考:报价:4033参考:网址:http://www.securityfocus.com/bid/4033参考:XF: oracle-plsql-remote-access(8089)参考:网址:http://xforce.iss.net/static/8089.phpOracle 8和9我与PL / SQL包外部程序(EXTPROC)允许远程攻击者绕过身份验证和执行任意函数通过使用TNS侦听器直接连接到EXTPROC过程。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0567能接受(5接受,3 ack, 0评论)目前投票:接受(5)贝克,抑郁症,墙,科尔,Alderson等待(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0569网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0569最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020611分配:20020607类别:科幻参考:BUGTRAQ: 20020206 Hackproofing Oracle应用服务器论文参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101301813117562&w=2参考:CERT-VN: VU # 977251参考:网址:http://www.kb.cert.org/vuls/id/977251参考:CERT: ca - 2002 - 08年参考:网址:http://www.cert.org/advisories/ca - 2002 - 08. - html参考:MISC:http://www.nextgenss.com/papers/hpoas.pdf参考:报价:4298参考:网址:http://www.securityfocus.com/bid/4298参考:XF: oracle-appserver-config-file-access(8453)参考:网址:http://www.iss.net/security_center/static/8453.phpOracle 9 i应用服务器允许远程攻击者绕过访问限制,通过直接请求XSQL Servlet配置文件(XSQLServlet)。修改:ADDREF XF: oracle-appserver-config-file-access(8453)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0569能接受(5接受,2 ack, 0评论)目前投票:接受(4)贝克,墙,科尔,弗伦奇等待Alderson修改(1)(2)考克斯Foat选民的评论:弗雷希> XF: oracle-appserver-config-file-access(8453) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0571网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0571最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020611类别:科幻参考:BUGTRAQ: 20020416 ansi外连接Oracle语法允许访问任何数据参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0175.html参考:CIAC: m - 071参考:网址:http://www.ciac.org/ciac/bulletins/m - 071. shtml参考:确认:http://otn.oracle.com/deploy/security/pdf/sql_joins_alert.pdf参考:XF: oracle-ansi-sql-bypass-acl(8855)参考:网址:http://www.iss.net/security_center/static/8855.php参考:报价:4523参考:网址:http://www.securityfocus.com/bid/4523Oracle数据库服务器Oracle9i 9.0.1。x允许本地用户访问受限制的数据通过一个SQL查询使用ANSI外连接的语法。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0571能接受(4接受,2 ack, 0评论)目前投票:接受(4)贝克,墙,法国人?科尔等待(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0573网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0573最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020611类别:科幻参考:BUGTRAQ: 20020430 Adivosry +利用远程根洞流行的商业操作系统的默认安装参考:网址:http://online.securityfocus.com/archive/1/270268参考:VULNWATCH: 20020430 [VULNWATCH] Adivosry +利用远程根洞流行的商业操作系统的默认安装参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0049.html参考:CERT: ca - 2002 - 10参考:网址:http://www.cert.org/advisories/ca - 2002 - 10. - html参考:CERT-VN: VU # 638099参考:网址:http://www.kb.cert.org/vuls/id/638099参考:XF: solaris-rwall-format-string(8971)参考:网址:http://www.iss.net/security_center/static/8971.php参考:报价:4639参考:网址:http://www.securityfocus.com/bid/4639格式字符串漏洞墙壁上RPC守护进程(rpc.rwalld)通过8为Solaris 2.5.1允许远程攻击者通过在消息格式字符串执行任意代码不正确时提供给syslog功能墙命令不能执行。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0573能接受(4接受,2 ack, 0评论)目前投票:接受(4)贝克,抑郁症,Foat,科尔等待(2)考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0574网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0574最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020611分配:20020611类别:科幻参考:FREEBSD: FreeBSD-SA-02:21参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:21.tcpip.asc参考:报价:4539参考:网址:http://www.securityfocus.com/bid/4539参考:XF: freebsd-icmp-echo-reply-dos(8893)参考:网址:http://www.iss.net/security_center/static/8893.php早些时候在FreeBSD 4.5和内存泄漏允许远程攻击者造成拒绝服务(内存耗尽)通过ICMP回应数据包在ip_output引发一个错误()的路由表条目的引用计数不递减,这可以防止条目被删除。修改:ADDREF XF: freebsd-icmp-echo-reply-dos(8893)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0574能接受(3接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔弗伦奇等待修改(1)(3)考克斯,墙,Foat选民的评论:弗雷希> XF: freebsd-icmp-echo-reply-dos(8893) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0575网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0575最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020611分配:20020611类别:科幻参考:BUGTRAQ: 20020426修订OpenSSH安全顾问(adv.token)参考:网址:http://online.securityfocus.com/archive/1/269701参考:BUGTRAQ: 20020419 OpenSSH 2.2.0 - 3.1.0服务器包含一个当地可利用的缓冲区溢位参考:网址:http://online.securityfocus.com/archive/1/268718参考:VULN-DEV: 20020419 OpenSSH 2.2.0 - 3.1.0服务器包含一个当地可利用的缓冲区溢位参考:网址:http://marc.theaimsgroup.com/?l=vuln-dev&m=101924296115863&w=2参考:BUGTRAQ: 20020517 OpenSSH 3.2.2发布(fwd)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102167972421837&w=2参考:BUGTRAQ: 20020429 tslsa - 2002 - 0047 - openssh参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0394.html参考:BUGTRAQ: 20020420 OpenSSH安全顾问(adv.token)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0298.html参考:火山口:综援- 2002 - 022.2参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 022.2.txt参考:报价:4560参考:网址:http://www.securityfocus.com/bid/4560参考:XF: openssh-sshd-kerberos-bo(8896)参考:网址:http://www.iss.net/security_center/static/8896.php缓冲区溢出在OpenSSH 2.9.9 3。x在3.2.1之上,与Kerberos / AFS支持和KerberosTgtPassing或AFSTokenPassing启用,允许远程和本地经过身份验证的用户获得特权。修改:ADDREF BUGTRAQ: 20020419 OpenSSH 2.2.0 - 3.1.0服务器包含一个当地可利用的缓冲区溢出ADDREF VULN-DEV: 20020419 OpenSSH 2.2.0 - 3.1.0服务器包含一个当地可利用的缓冲区溢出ADDREF BUGTRAQ: 20020517 OpenSSH 3.2.2发布(fwd)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0575能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,抑郁症,考克斯科尔等待(3)Christey,墙,Foat选民的评论:Christey > BUGTRAQ: 20020419 OpenSSH 2.2.0 - 3.1.0服务器包含一个当地可利用的缓冲区溢出URL:http://online.securityfocus.com/archive/1/268718VULN-DEV: 20020419 OpenSSH 2.2.0 - 3.1.0服务器包含一个当地可利用的缓冲区溢出URL:http://marc.theaimsgroup.com/?l=vuln-dev&m=101924296115863&w=2BUGTRAQ: 20020517 OpenSSH 3.2.2发布(fwd)网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102167972421837&w=2= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0576网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0576最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020611类别:科幻参考:BUGTRAQ:毕马威20020418 - 2002013:Coldfusion路径披露参考:网址:http://online.securityfocus.com/archive/1/268263参考:VULNWATCH: 20020418 [VULNWATCH]毕马威- 2002013:Coldfusion路径披露参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0028.html参考:确认:http://www.macromedia.com/v1/handlers/index.cfm?ID=22906参考:报价:4542参考:网址:http://www.securityfocus.com/bid/4542参考:XF: coldfusion-dos-device-path-disclosure(8866)参考:网址:http://www.iss.net/security_center/static/8866.phpColdFusion之前5.0和Windows系统允许远程攻击者决定的绝对路径名.cfm或.dbm文件通过一个HTTP请求包含一个ms - dos设备名称,如NUL泄漏路径名的一条错误消息。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0576能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,法国人?科尔等待(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0594网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0594最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020611分配:20020611类别:科幻参考:BUGTRAQ: 20020430 RE:读取本地文件在Netscape 6和Mozilla (GM # 001 - ns)参考:网址:http://online.securityfocus.com/archive/1/270249参考:CONECTIVA: CLA-2002:490参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490参考:报价:4640参考:网址:http://www.securityfocus.com/bid/4640参考:XF: mozilla-css-files-exist(8977)参考:网址:http://www.iss.net/security_center/static/8977.phpNetscape 6和Mozilla 1.0 RC1和允许远程攻击者决定早些时候的存在客户端系统上的文件通过一个LINK元素的层叠样式表(CSS)导致HTTP重定向页面。修改:ADDREF XF: mozilla-css-files-exist(8977)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0594能接受(4接受,1 ack, 0评论)目前投票:接受(3)贝克,考克斯科尔弗伦奇等待修改(1)(2)墙,Foat选民的评论:弗雷希> XF: mozilla-css-files-exist(8977)改变>(考克斯改变投票从审查接受)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0597网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0597最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020611分配:20020611类别:科幻参考:BUGTRAQ:毕马威20020417 - 2002011:Windows 2000 microsoft-ds拒绝服务引用:网址:http://online.securityfocus.com/archive/1/268066参考:VULNWATCH: 20020417 [VULNWATCH]毕马威- 2002011:Windows 2000 microsoft-ds拒绝服务引用:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0025.html参考:MSKB: Q320751参考:网址:http://support.microsoft.com/default.aspx?scid=kb; (LN); Q320751参考:XF: win2k-lanman-dos(8867)参考:网址:http://www.iss.net/security_center/static/8867.php参考:报价:4532参考:网址:http://www.securityfocus.com/bid/4532LANMAN服务Microsoft Windows 2000允许远程攻击者造成拒绝服务(CPU /内存耗尽)通过一连串的畸形数据microsoft-ds端口445。修改:ADDREF MSKB: Q320751分析- - - - - - - - - -供应商确认:是的补丁确认:大量的数据资料表明,KB文章Q320751解决了这个问题,特别是Q320751学分毕马威发现。推断行动:- 2002 - 0597能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,抑郁症,Foat,科尔等待(2)考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0598网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0598最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020611类别:科幻参考:BUGTRAQ:毕马威20020419 - 2002014:Foundstone Fscan格式字符串错误引用:网址:http://online.securityfocus.com/archive/1/268581参考:VULNWATCH: 20020419 [VULNWATCH]毕马威- 2002014:Foundstone Fscan格式字符串错误引用:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0030.html参考:确认:http://www.foundstone.com/knowledge/fscan112_advisory.html参考:XF: fscan-banner-format-string(8895)参考:网址:http://www.iss.net/security_center/static/8895.php参考:报价:4549参考:网址:http://www.securityfocus.com/bid/4549格式字符串漏洞在Foundstone FScan 1.12启用了横幅抓住允许远程攻击者通过格式字符串扫描系统上执行任意代码说明符在服务器横幅。分析- - - - - - - - - -供应商确认:是的咨询确认:在一个顾问4月24日,2002年,Foundstone州”用FScan横幅通过- b命令行开关选择可能会导致一个问题,如果旗帜从远程主机接收包含c风格的printf格式说明符如百分比符号匹配字符串或数字格式说明符。”INFERRED ACTION: CAN-2002-0598 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Frech, Foat, Cole NOOP(2) Cox, Wall ====================================================== Candidate: CAN-2002-0599 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0599最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020611类别:科幻参考:BUGTRAQ: 20020428 Blahz-DNS:认证绕过漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0395.html参考:确认:http://sourceforge.net/project/shownotes.php?release_id=87004参考:报价:4618参考:网址:http://www.securityfocus.com/bid/4618参考:XF: blahzdns-auth-bypass(8951)参考:网址:http://www.iss.net/security_center/static/8951.phpBlahz-DNS 0.2和更早的允许远程攻击者绕过身份验证和修改配置通过直接请求dostuff等CGI程序。php而不是通过登录屏幕。分析- - - - - - - - - -供应商确认:是的更新日志确认:0.25补丁说“固定的能力直接绕过登录安全性通过发送命令后端php文件。”INFERRED ACTION: CAN-2002-0599 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Frech, Foat, Cole NOOP(2) Cox, Wall ====================================================== Candidate: CAN-2002-0601 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0601最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020611分配:20020611类别:科幻参考:国际空间站:20020430远程拒绝服务漏洞RealSecure网络传感器参考:网址:http://www.iss.net/security_center/alerts/advise116.php参考:BUGTRAQ: 20020430国际空间站咨询:远程拒绝服务漏洞在RealSecure网络传感器参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0420.html参考:XF: rs-ns-dhcp-dos(8961)参考:网址:http://www.iss.net/security_center/static/8961.php参考:报价:4649参考:网址:http://www.securityfocus.com/bid/4649ISS RealSecure网络传感器5。通过6.5 x允许远程攻击者造成拒绝服务(崩溃)通过DHCP畸形数据包导致RealSecure废弃一个空指针。修改:ADDREF XF: rs-ns-dhcp-dos(8961)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0601能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,墙,科尔弗伦奇等待修改(1)(2)考克斯Foat选民的评论:弗雷希> XF: rs-ns-dhcp-dos(8961) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0605网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0605最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020611类别:科幻参考:BUGTRAQ: 20020503 Macromedia Flash Activex缓冲区溢位参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102039374017185&w=2参考:VULN-DEV: 20020503 Macromedia Flash Activex缓冲区溢位参考:网址:http://marc.theaimsgroup.com/?l=vuln-dev&m=102038919414726&w=2参考:VULNWATCH: 20020502 [VULNWATCH] Macromedia Flash Activex缓冲区溢位参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0051.html参考:NTBUGTRAQ: 20020503 Macromedia Flash Activex缓冲区溢位参考:确认:http://www.macromedia.com/support/flash/ts/documents/buf_ovflow_623.htm参考:XF: flash-activex-movie-bo(8993)参考:网址:http://www.iss.net/security_center/static/8993.php参考:报价:4664参考:网址:http://online.securityfocus.com/bid/4664缓冲区溢出在Flash OCX Macromedia Flash 6修订23(23岁的6 0 0)允许远程攻击者通过很长的电影参数执行任意代码。分析- - - - - - - - - -供应商确认:是的咨询确认:在网上咨询5月6日,2002年,Macromedia州“Macromedia核实参数中的一个漏洞处理Macromedia Flash Player ActiveX控制,版本6中,0,23日0”和包括一个参考大参考最初的咨询。推断行动:- 2002 - 0605能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,科尔,法国人?阿姆斯特朗等待(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0613网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0613最终决定:阶段性裁决:20030326修改:建议:20020611分配:20020611类别:科幻参考:BUGTRAQ: 20020428 dnstools:认证绕过漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0390.html参考:确认:http://www.dnstools.com/dnstools_2.0.1.tar.gz参考:报价:4617参考:网址:http://www.securityfocus.com/bid/4617参考:XF: dnstools-auth-bypass(8948)参考:网址:http://www.iss.net/security_center/static/8948.phpdnstools。php DNSTools 2.0 beta 4和允许远程攻击者绕过身份验证和早些时候获得特权通过设置user_logged_in或user_dnstools_administrator参数。分析- - - - - - - - - -供应商确认:是的更新日志确认:更新日志。txt Release 2.0 Beta 5包括一个条目日期为2002-04-27:“固定URL欺骗的重大安全漏洞。不再信任变量is_logged_in或user_dnstools_administrator美元。”INFERRED ACTION: CAN-2002-0613 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Frech, Foat, Cole NOOP(2) Cox, Wall ====================================================== Candidate: CAN-2002-0616 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0616最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020612类别:科幻参考:女士:ms02 - 031参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 031. - asp参考:XF: excel-inline-macro-execution(9397)参考:网址:http://www.iss.net/security_center/static/9397.php参考:报价:5063参考:网址:http://www.securityfocus.com/bid/5063宏观安全模型在Microsoft Excel 2000和2002年为Windows允许远程攻击者执行代码通过附加一个内联宏一个对象在一个Excel工作簿,又称“Excel内联宏漏洞。”Modifications: ADDREF XF:excel-inline-macro-execution(9397) Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0616 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Wall, Foat, Cole NOOP(1) Cox ====================================================== Candidate: CAN-2002-0617 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0617最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020612类别:科幻参考:女士:ms02 - 031参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 031. - asp宏观安全模型在Microsoft Excel 2000和2002年为Windows允许远程攻击者执行代码通过创建一个超链接在源工作簿画形状,指向目标工作簿包含autoexecute宏,又名“超链的Excel工作簿宏观搭桥。”Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0617 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Baker, Wall, Foat, Cole NOOP(1) Cox ====================================================== Candidate: CAN-2002-0618 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0618最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020612类别:科幻参考:NTBUGTRAQ: 20020524 Excel XP xml样式表的问题参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=102256054320377&w=2参考:MISC:http://www.guninski.com/ex el2.html美元参考:女士:ms02 - 031参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 031. - asp参考:报价:4821参考:网址:http://online.securityfocus.com/bid/4821参考:XF: excel-xsl-script-execution(9399)参考:网址:http://www.iss.net/security_center/static/9399.php宏观安全模型在Microsoft Excel 2000和2002年为Windows允许远程攻击者执行代码在本地计算机区通过嵌入HTML脚本在一个Excel工作簿包含一个XSL样式表,又名“Excel脚本执行XSL样式表”。修改:ADDREF XF: excel-xsl-script-execution(9399)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0618能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,Foat,科尔等待考克斯(1)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0619网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0619最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020612类别:科幻参考:BUGTRAQ: 20020514 dH团队和安全。NNOV:“邮件合并”的变种脆弱性参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102139136019862&w=2参考:女士:ms02 - 031参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 031. - asp参考:XF: word-mail-merge-variant(9077)参考:网址:http://www.iss.net/security_center/static/9077.php参考:报价:5066参考:网址:http://www.securityfocus.com/bid/5066Microsoft Word 2002的邮件合并工具窗口,在Microsoft Access存在一个系统,允许远程攻击者执行Visual Basic (VBA)脚本在邮件合并文档保存在HTML格式,即一个“变体ms00 - 071,邮件合并脆弱性”(cve - 2000 - 0788)。修改:DESC改述ADDREF XF: word-mail-merge-variant (9077) ADDREF报价:5066分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0619能接受(4接受,1 ack, 0评论)目前投票:接受(3)贝克,墙,科尔修改(1)Foat等待(2)Christey,考克斯选民的评论:Foat >候选人在技术上是正确的,但不是语法正确的措辞。建议如下:攻击者的宏代码可以自动如果用户运行Microsoft Access出现在系统和自动选取打开一个邮件合并文档被保存在HTML格式,即一个“变体ms00 - 071,邮件合并Vulnerabilty”(cve - 2000 - 0788)。Christey > desc:缺少“* *访问时存在……”====================================================== Candidate: CAN-2002-0621 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0621最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020612类别:科幻参考:BUGTRAQ: 20020703远程利用缓冲区溢出在微软的商业服务器2000/2 (# NISRNISR03062002)参考:女士:ms02 - 033参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 033. - asp参考:XF: mscs-owc-installer-bo(9424)参考:网址:http://www.iss.net/security_center/static/9424.php参考:报价:5108参考:网址:http://www.securityfocus.com/bid/5108缓冲区溢出在办公室Web组件(油水界面)包安装程序所使用的微软商业Server 2000允许远程攻击者导致过程失败或运行任意代码LocalSystem安全上下文通过确定油水界面的输入包安装程序。修改:DESC修复拼写错误ADDREF XF: mscs-owc-installer-bo (9424) ADDREF报价:5108分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0621能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,Foat,科尔等待(2)Christey,考克斯选民的评论:Christey > XF: mscs-owc-installer-bo(9424)网址:http://www.iss.net/security_center/static/9424.php报价:5108网址:http://www.securityfocus.com/bid/5108Christey >“下结论”?“通过”?= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0622网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0622最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020612类别:科幻参考:BUGTRAQ: 20020703远程利用缓冲区溢出在微软的商业服务器2000/2 (# NISRNISR03062002)参考:女士:ms02 - 033参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 033. - asp参考:XF: mscs-owc-installer-permissions(9425)参考:网址:http://www.iss.net/security_center/static/9425.php参考:报价:5111参考:网址:http://www.securityfocus.com/bid/5111办公室Web组件(油水界面)包安装微软Commerce Server 2000允许远程攻击者通过执行命令的命令作为输入到油水界面包安装程序,又名“油水界面包命令执行”。修改:ADDREF XF: mscs-owc-installer-permissions (9425) ADDREF报价:5111分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0622能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,Foat,科尔等待(2)Christey,考克斯选民的评论:Christey > XF: mscs-owc-installer-permissions(9425)网址:http://www.iss.net/security_center/static/9425.php报价:5111网址:http://www.securityfocus.com/bid/5111= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0623网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0623最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020612类别:科幻参考:女士:ms02 - 033参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 033. - asp参考:报价:5112参考:网址:http://www.securityfocus.com/bid/5112参考:XF: mscs-authfilter-isapi-bo-variant(9426)参考:网址:http://www.iss.net/security_center/static/9426.php缓冲区溢出AuthFilter ISAPI过滤器在2000年和2002年微软商务服务器允许远程攻击者执行任意代码通过身份验证数据,又名“新变种的ISAPI过滤器缓冲区溢出”。修改:ADDREF报价:5112 ADDREF XF: mscs-authfilter-isapi-bo-variant(9426)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0623能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,Foat,科尔等待(2)Christey,考克斯选民的评论:Christey >报价:5112网址:http://www.securityfocus.com/bid/5112XF: mscs-authfilter-isapi-bo-variant(9426)网址:http://www.iss.net/security_center/static/9426.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0631网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0631最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020621类别:科幻参考:SGI: 20020607 - 02 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20020607-02-I参考:报价:5092参考:网址:http://www.securityfocus.com/bid/5092参考:XF: irix-nveventd-file-write(9418)参考:网址:http://www.iss.net/security_center/static/9418.php未知的漏洞在nveventd NetVisualyzer SGI IRIX 6.5通过6.5.16允许本地用户编写任意文件并获得根权限。修改:DESC修复错误ADDREF报价:5092 ADDREF XF: irix-nveventd-file-write(9418)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0631 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔等待(4)Christey,考克斯墙,Foat选民的评论:Christey >修复错误:“根的根”出价:5092网址:http://www.securityfocus.com/bid/5092XF: irix-nveventd-file-write(9418)网址:http://www.iss.net/security_center/static/9418.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0638网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0638最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020830分配:20020627类别:科幻参考:VULNWATCH: 20020729 [VULNWATCH]剃刀咨询:Linux util-linux chfn本地根脆弱参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html参考:BUGTRAQ: 20020729剃须刀咨询:Linux util-linux chfn本地根脆弱参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102795787713996&w=2参考:CERT-VN: VU # 405955参考:网址:http://www.kb.cert.org/vuls/id/405955参考:REDHAT: RHSA-2002:132参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 132. - html参考:REDHAT: RHSA-2002:137参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 137. - html参考:CONECTIVA: CLA-2002:523参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523参考:火山口:综援- 2002 - 043.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 043.0.txt参考:曼德拉草:MDKSA-2002:047参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 047. - php参考:BUGTRAQ: 20020730 tslsa - 2002 - 0064 - util-linux参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html参考:惠普:hpsbtl0207 - 054参考:网址:http://online.securityfocus.com/advisories/4320参考:XF: utillinux-chfn-race-condition(9709)参考:网址:http://www.iss.net/security_center/static/9709.php参考:报价:5344参考:网址:http://www.securityfocus.com/bid/5344setpwnam。c util-linux包中,包括在Red Hat Linux 7.3,前,和其他操作系统,不适当的锁定一个临时文件,修改/ etc / passwd,这可能允许本地用户权限通过一个复杂的竞争条件,使用一个打开的文件描述符在chfn, chsh等实用程序。修改:ADDREF红帽:RHSA-2002:137 ADDREF CONECTIVA: CLA-2002:523 ADDREF火山口:综援043.0 - 2002 -分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0638能接受(5接受,4 ack, 0评论)目前投票:接受(4)贝克,墙,Foat,科尔修改(1)考克斯等待(1)Christey选民的评论:考克斯> ADDREF: RHSA-2002:137 Christey > CONECTIVA: CLA-2002:523 Christey >火山口:综援- 2002 - 043.0 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0639网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0639最终决定:阶段性裁决:20030326修改:20030321 - 02年提出:20020726分配:20020628类别:科幻参考:国际空间站:20020626 OpenSSH远程挑战弱点参考:BUGTRAQ: 20020626 OpenSSH安全顾问(adv.iss)参考:BUGTRAQ: 20020626修订OpenSSH安全顾问(adv.iss)参考:BUGTRAQ: 20020627如何繁殖OpenSSH溢出。参考:NETBSD: 2002 - 005参考:CERT-VN: VU # 369347参考:CERT: ca - 2002 - 18参考:惠普:hpsbux0206 - 195参考:火山口:综援- 2002 - 030.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 030.0.txt参考:BUGTRAQ: 20020626 [OpenPKG - sa - 2002.005] OpenPKG安全顾问(openssh)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0335.html参考:CONECTIVA: CLA-2002:502参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000502参考:ENGARDE: esa - 20020702 - 016参考:网址:http://www.linuxsecurity.com/advisories/other_advisory - 2177. - html参考:曼德拉草:MDKSA-2002:040参考:网址:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:040参考报价:5093参考:XF: openssh-challenge-response-bo(9169)参考:网址:http://www.iss.net/security_center/static/9169.php整数溢出在OpenSSH sshd 2.9.9通过3.3允许远程攻击者执行任意代码在挑战响应身份验证(ChallengeResponseAuthentication)当OpenSSH使用SKEY或BSD_AUTH身份验证。修改:ADDREF火山口:综援- 2002 - 030.0 ADDREF BUGTRAQ: 20020626 [OpenPKG - sa - 2002.005] OpenPKG安全顾问(openssh) ADDREF CONECTIVA: CLA-2002:502 ADDREF ENGARDE: esa - 20020702 - 016 ADDREF曼德拉草:MDKSA-2002:040 ADDREF XF: openssh-challenge-response-bo(9169)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0639能接受(4接受,6 ack, 0评论)目前投票:接受(4)贝克,考克斯Foat,科尔等待(2)Christey,墙选民的评论:Christey >火山口:综援- 2002 - 030.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 030.0.txtBUGTRAQ: 20020626 [OpenPKG - sa - 2002.005] OpenPKG安全顾问(openssh)网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0335.htmlCONECTIVA: CLA-2002:502网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000502ENGARDE: esa - 20020702 - 016网址:http://www.linuxsecurity.com/advisories/other_advisory - 2177. - htmlChristey >曼德拉草:MDKSA-2002:040 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0640网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0640最终决定:阶段性裁决:20030326修改:20030321 - 02年提出:20020726分配:20020628类别:科幻参考:BUGTRAQ: 20020626修订OpenSSH安全顾问(adv.iss)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102514631524575&w=2参考:BUGTRAQ: 20020626 OpenSSH安全顾问(adv.iss)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102514371522793&w=2参考:BUGTRAQ: 20020627如何繁殖OpenSSH溢出。参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102521542826833&w=2参考:BUGTRAQ: 20020628太阳声明OpenSSH远程挑战弱点参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102532054613894&w=2参考:CERT-VN: VU # 369347参考:网址:http://www.kb.cert.org/vuls/id/369347参考:CERT: ca - 2002 - 18参考:网址:http://www.cert.org/advisories/ca - 2002 - 18. - html参考:DEBIAN: dsa - 134参考:网址:http://www.debian.org/security/2002/dsa - 134参考:惠普:hpsbux0206 - 195参考:报价:5093参考:网址:http://www.securityfocus.com/bid/5093参考:REDHAT: RHSA-2002:131参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 131. - html参考:火山口:综援- 2002 - 030.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 030.0.txt参考:CONECTIVA: CLA-2002:502参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000502参考:ENGARDE: esa - 20020702 - 016参考:网址:http://www.linuxsecurity.com/advisories/other_advisory - 2177. - html参考:曼德拉草:MDKSA-2002:040参考:网址:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:040参考:SUSE: SuSE-SA: 2002:024参考:网址:http://www.suse.de/de/security/2002_024_openssh_txt.html参考:REDHAT: RHSA-2002:127参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 127. - html缓冲区溢出的sshd OpenSSH 2.3.1通过3.3可能允许远程攻击者执行任意代码通过大量的反应在挑战响应身份验证当OpenBSD使用PAM模块与交互式键盘认证(PAMAuthenticationViaKbdInt)。修改:ADDREF红帽:RHSA-2002:131 ADDREF火山口:综援- 2002 - 030.0 ADDREF CONECTIVA: CLA-2002:502 ADDREF ENGARDE: esa - 20020702 - 016 ADDREF SUSE: SuSE-SA: 2002:024 ADDREF REDHAT: RHSA-2002:127 ADDREF曼德拉草:MDKSA-2002:040分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0640能接受(4接受,7 ack, 0评论)目前投票:接受(3)贝克,Foat,考克斯科尔修改(1)无操作(2)Christey,墙选民的评论:考克斯> ADDREF: RHSA-2002:131 Christey >火山口:综援- 2002 - 030.0网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 030.0.txtCONECTIVA: CLA-2002:502网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000502ENGARDE: esa - 20020702 - 016网址:http://www.linuxsecurity.com/advisories/other_advisory - 2177. - htmlSUSE: SuSE-SA: 2002:024 URL:http://www.suse.de/de/security/2002_024_openssh_txt.html红帽:RHSA-2002:127网址:http://www.redhat.com/support/errata/rhsa - 2002 - 127. - htmlChristey >曼德拉草:MDKSA-2002:040 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0642网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0642最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020628类别:CF参考:女士:ms02 - 034参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 034. - asp参考:CERT: ca - 2002 - 22参考:网址:http://www.cert.org/advisories/ca - 2002 - 22. - html参考:CERT-VN: VU # 796313参考:网址:http://www.kb.cert.org/vuls/id/796313参考:XF: mssql-registry-insecure-permissions(9523)参考:网址:http://www.iss.net/security_center/static/9523.php参考:报价:5205参考:网址:http://www.securityfocus.com/bid/5205包含SQL Server服务帐户信息的注册表键在Microsoft SQL Server 2000,包括Microsoft SQL Server桌面引擎(MSDE) 2000,有不安全的权限,它允许本地用户获得特权,又名“不正确的权限在SQL Server服务帐户注册表键。”Modifications: ADDREF XF:mssql-registry-insecure-permissions(9523) ADDREF BID:5205 ADDREF CERT:CA-2002-22 ADDREF CERT-VN:VU#796313 Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0642 ACCEPT (6 accept, 3 ack, 0 review) Current Votes: ACCEPT(5) Baker, Wall, Foat, Cole, Armstrong MODIFY(1) Frech NOOP(2) Christey, Cox Voter Comments: Christey> XF:mssql-registry-insecure-permissions(9523) URL:http://www.iss.net/security_center/static/9523.php报价:5205网址:http://www.securityfocus.com/bid/5205证书:ca - 2002 - 22 CERT-VN: VU弗伦奇> XF: # 796313 mssql-registry-insecure-permissions(9523) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0647网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0647最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020830分配:20020628类别:科幻参考:女士:ms02 - 047参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 047. - asp参考:XF: ms-legacytext-activex-bo(9935)参考:网址:http://www.iss.net/security_center/static/9935.php参考:报价:5558参考:网址:http://www.securityfocus.com/bid/5558缓冲区溢出的遗产ActiveX控件用于显示特殊格式化的文本在微软Internet Explorer 5.01, 5.5,和6.0允许远程攻击者执行任意代码,又名“遗产文本格式ActiveX控件的缓冲区溢出”。修改:ADDREF XF: ms-legacytext-activex-bo (9935) ADDREF报价:5558分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0647能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗等待考克斯(1)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0648网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0648最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020830分配:20020628类别:科幻参考:BUGTRAQ: 20020823访问远程/本地内容在IE (GM # 009 - IE)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=103011639524314&w=2参考:女士:ms02 - 047参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 047. - asp参考:XF: ie-xml-redirect-read-files(9936)参考:网址:http://www.iss.net/security_center/static/9936.php参考:报价:5560参考:网址:http://www.securityfocus.com/bid/5560遗留<脚本>的XML数据岛能力微软Internet Explorer 5.01, 5.5,和6.0允许远程攻击者读取任意XML文件,和其他文件的部分,通过一个URL的" src "属性重定向到一个本地文件。修改:ADDREF XF: ie-xml-redirect-read-files (9936) ADDREF报价:5560分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0648能接受(5接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,科尔,阿姆斯特朗修改(1)Foat等待(1)考克斯选民的评论:Foat >描述有一些区别提供了详细的参考。描述表明,这可能导致本地文件的妥协,而另一个引用(包括微软)显示问题是更广泛的范围。建议修改的描述来代替“重定向到一个本地文件”“重定向到另一个域”。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0650网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0650最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020628类别:科幻参考:BUGTRAQ: 20020725 Microsoft SQL Server 2000未经身份验证的系统妥协(# NISR25072002)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102760196931518&w=2参考:NTBUGTRAQ: 20020725 Microsoft SQL Server 2000未经身份验证的系统妥协(# NISR25072002)参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=102760479902411&w=2参考:女士:ms02 - 039参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 039. - asp参考:XF: mssql-resolution-keepalive-dos(9662)参考:网址:http://www.iss.net/security_center/static/9662.php参考:报价:5312参考:网址:http://www.securityfocus.com/bid/5312Microsoft SQL Server 2000的维生机制允许远程攻击者造成拒绝服务(带宽消耗)通过“ping”风格包解决方案服务(UDP端口1434),欺骗另一个SQL服务器系统的IP地址,导致两个服务器交换数据包在一个无限循环。修改:ADDREF XF: mssql-resolution-keepalive-dos (9662) ADDREF报价:5312分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0650能接受(6接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗弗伦奇等待修改(1)(2)Christey,考克斯选民的评论:Christey > XF: mssql-resolution-keepalive-dos(9662)网址:http://www.iss.net/security_center/static/9662.php报价:5312网址:http://www.securityfocus.com/bid/5312弗雷希> XF: mssql-resolution-keepalive-dos(9662) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0653网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0653最终决定:阶段性裁决:20030326修改:20020817 - 01提议:20020726分配:20020702类别:科幻参考:VULN-DEV: 20020622 Apache的另一个缺陷吗?参考网址:http://marc.theaimsgroup.com/?l=vuln-dev&m=102477330617604&w=2参考:BUGTRAQ: 20020624对mod_ssl进行Apache这些漏洞-参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102513970919836&w=2参考:REDHAT: RHSA-2002:134参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 134. - html参考:火山口:综援- 2002 - 031.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 031.0.txt参考:曼德拉草:MDKSA-2002:048参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 048. - php参考:DEBIAN: dsa - 135参考:网址:http://www.debian.org/security/2002/dsa - 135参考:ENGARDE: esa - 20020702 - 017参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102563469326072&w=2参考:SUSE: SuSE-SA: 2002:028参考:网址:http://www.suse.de/de/security/2002_028_mod_ssl.html参考:CONECTIVA: CLA-2002:504参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000504参考:BUGTRAQ: 20020628 tsl - 2002 - 0058 -对mod_ssl进行apache /参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0350.html参考:惠普:hpsbtl0207 - 052参考:网址:http://archives.neohapsis.com/archives/hp/2002-q3/0018.html参考:报价:5084参考:网址:http://online.securityfocus.com/bid/5084参考:XF: apache-modssl-htaccess-bo(9415)参考:网址:http://www.iss.net/security_center/static/9415.php这些对mod_ssl进行缓冲区溢出在rewrite_command钩- Apache模块2.8.9早些时候,允许本地用户执行任意代码作为Apache服务器用户通过. htaccess文件条目。修改:ADDREF曼德拉草:MDKSA-2002:048 ADDREF DEBIAN: dsa - 135 ADDREF ENGARDE: esa - 20020702 - 017 ADDREF SUSE: SuSE-SA: 2002:028 ADDREF CONECTIVA: CLA-2002:504 ADDREF报价:5084 ADDREF VULN-DEV: 20020622 Apache的另一个缺陷吗?ADDREF BUGTRAQ: 20020628 tsl - 2002 - 0058 -对mod_ssl进行apache / ADDREF XF: apache-modssl-htaccess-bo (9415) ADDREF惠普:hpsbtl0207 - 052分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0653能接受(3接受,5 ack, 0评论)目前投票:接受(3)贝克,墙,科尔等待(3)Christey,考克斯Foat选民的评论:Christey >曼德拉草:MDKSA-2002:048 Christey > ADDREF DEBIAN: dsa - 135 ADDREF ENGARDE: esa - 20020702 - 017 ADDREF SUSE: SuSE-SA: 2002:028 desc添加细节。ADDREF CONECTIVA: CLA-2002:504 ADDREF报价:5084 ADDREF VULN-DEV: 20020622 apache的另一个缺陷吗?BUGTRAQ: 20020628 tsl - 2002 - 0058 -对mod_ssl进行apache /惠普:hpsbtl0207 - 052 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0658网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0658最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020830分配:20020702类别:科幻参考:曼德拉草:MDKSA-2002:045参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 045. - php参考:REDHAT: RHSA-2002:153参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 153. - html参考:REDHAT: RHSA-2002:154参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 154. - html参考:REDHAT: RHSA-2002:156参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 156. - html参考:REDHAT: RHSA-2002:164参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 164. - html参考:火山口:综援- 2002 - 032.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 032.0.txt参考:DEBIAN: dsa - 137参考:网址:http://www.debian.org/security/2002/dsa - 137参考:BUGTRAQ: 20020730 [OpenPKG - sa - 2002.007] OpenPKG安全顾问(毫米)参考:惠普:hpsbtl0208 - 056参考:网址:http://online.securityfocus.com/advisories/4392参考:FREEBSD: FreeBSD-SN-02:05参考:网址:http://online.securityfocus.com/advisories/4431参考:SUSE: SuSE-SA: 2002:028参考:网址:http://www.suse.com/de/security/2002_028_mod_ssl.html参考:XF: mm-tmpfile-symlink(9719)参考:网址:http://www.iss.net/security_center/static/9719.php参考:报价:5352参考:网址:http://online.securityfocus.com/bid/5352OSSP mm库(libmm)之前1.2.0允许本地Apache用户获得特权通过临时文件,可能通过一个符号链接攻击。修改:ADDREF REDHAT: RHSA-2002:156分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0658能接受(4接受,6 ack, 0评论)目前投票:接受(3)贝克,墙,科尔修改(1)考克斯等待(1)Foat选民的评论:考克斯> ADDREF: RHSA-2002:163 RHSA-2002:156 RHSA-2002:154 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0663网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0663最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020702类别:科幻参考:ATSTAKE: A071502-1参考:网址:http://www.atstake.com/research/advisories/2002/a071502 - 1. - txt参考:VULNWATCH: 20020715 Re: [VULNWATCH]顾问名称:互联网诺顿个人防火墙HTTP代理脆弱性参考:确认:http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html参考:XF: norton-fw-http-bo(9579)参考:网址:http://www.iss.net/security_center/static/9579.php参考:报价:5237参考:网址:http://www.securityfocus.com/bid/5237缓冲区溢出的HTTP代理赛门铁克诺顿个人互联网防火墙3.0.4.91和诺顿网络安全特警2001允许远程攻击者可能导致拒绝服务和执行任意代码通过一个大即将离任的HTTP请求。修改:ADDREF XF: norton-fw-http-bo (9579) ADDREF报价:5237 ADDREF确认:http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0663能接受(5接受,1 ack, 0评论)目前投票:接受(4)普罗塞贝克,科尔,阿姆斯特朗弗伦奇等待修改(1)(4)Christey,考克斯墙,Foat选民的评论:Christey > XF: norton-fw-http-bo(9579)网址:http://www.iss.net/security_center/static/9579.php报价:5237网址:http://www.securityfocus.com/bid/5237贝克>http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html普罗塞>验证由赛门铁克发现并固定http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html弗雷希> XF: norton-fw-http-bo(9579) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0665网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0665最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020704类别:科幻参考:BUGTRAQ: 20020628 wp - 02 - 0009: Macromedia JRun Admin服务器身份验证绕过参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102529402127195&w=2参考:VULNWATCH: 20020628 [VULNWATCH] wp - 02 - 0009: Macromedia JRun Admin服务器身份验证绕过参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0133.html参考:确认:http://www.macromedia.com/v1/handlers/index.cfm?ID=23164参考:XF: jrun-forwardslash-auth-bypass(9450)参考:网址:http://www.iss.net/security_center/static/9450.php参考:报价:5118参考:网址:http://www.securityfocus.com/bid/5118Macromedia JRun管理服务器允许远程攻击者绕过身份验证登录表单通过一个额外的URL中的斜杠(/)。修改:ADDREF XF: jrun-forwardslash-auth-bypass (9450) ADDREF报价:5118分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0665能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,墙,科尔等待(3)Christey,考克斯Foat选民的评论:Christey > XF: jrun-forwardslash-auth-bypass(9450)网址:http://www.iss.net/security_center/static/9450.php报价:5118网址:http://www.securityfocus.com/bid/5118= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0671网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0671最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020709类别:科幻参考:ATSTAKE: A071202-1参考:网址:http://www.atstake.com/research/advisories/2002/a071202 - 1. - txt参考:确认:http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp参考:XF: pingtel-xpressa-dns-spoofing(9566)参考:网址:http://www.iss.net/security_center/static/9566.php参考:报价:5224参考:网址:http://www.securityfocus.com/bid/5224Pingtel xpressa基于sip的ip电话1.2.5通过1.2.7.4下载手机应用程序从一个网站但不能验证应用程序的完整性,这可能允许远程攻击者通过DNS欺骗安装木马程序。修改:ADDREF XF: pingtel-xpressa-dns-spoofing (9566) ADDREF报价:5224分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0671能接受(3接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔弗伦奇等待修改(1)(5)考克斯Balinsky,墙,Foat,阿姆斯特朗选民的评论:弗雷希> XF: pingtel-xpressa-dns-spoofing(9566) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0676网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0676最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020709类别:科幻参考:BUGTRAQ: 20020706 MacOS X SoftwareUpdate脆弱性参考:MISC:http://www.cunap.com/ hardingr /项目/ osx / exploit.html参考:XF: macos-softwareupdate-no-auth(9502)参考:网址:http://www.iss.net/security_center/static/9502.php参考:报价:5176参考:网址:http://www.securityfocus.com/bid/5176SoftwareUpdate MacOS 10.1。x不使用身份验证下载软件更新时,这可能允许远程攻击者执行任意代码通过假扮成苹果通过技术更新服务器DNS欺骗或缓存中毒等,并提供更新的特洛伊木马。修改:ADDREF XF: macos-softwareupdate-no-auth (9502) ADDREF报价:5176分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0676能接受(5接受,1 ack, 0评论)目前投票:接受(4)贝克,Balinsky,科尔,阿姆斯特朗弗伦奇等待修改(1)(4)Christey,考克斯墙,Foat选民的评论:Christey > XF: macos-softwareupdate-no-auth(9502)网址:http://www.iss.net/security_center/static/9502.php报价:5176网址:http://www.securityfocus.com/bid/5176Balinsky >供应商解决脆弱的应用程序。目前尚不清楚这是同样的问题,但它是可能的。http://docs.info.apple.com/article.html?artnum=75304弗雷希> XF: macos-softwareupdate-no-auth (9502) Christey >因为这可以保留了苹果,我认为我们可以安全地说,他们已经承认错误;-)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0678网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0678最终决定:阶段性裁决:20030326修改:20030321 - 01提议:20020726分配:20020709类别:科幻参考:BUGTRAQ: 20020710(核心- 20020528)中的多个漏洞ToolTalk数据库服务器参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102635906423617&w=2参考:CERT: ca - 2002 - 20参考:网址:http://www.cert.org/advisories/ca - 2002 - 20. - html参考:CERT-VN: VU # 299816参考:网址:http://www.kb.cert.org/vuls/id/299816参考:惠普:hpsbux0207 - 199参考:网址:http://archives.neohapsis.com/archives/hp/2002-q3/0011.html参考:AIXAPAR: IY32368参考:网址:http://archives.neohapsis.com/archives/aix/2002-q3/0002.html参考:AIXAPAR: IY32370参考:网址:http://archives.neohapsis.com/archives/aix/2002-q3/0002.html参考:火山口:综援- 2002上海合作组织。28参考:网址:ftp://ftp.caldera.com/pub/updates/openunix/cssa - 2002 sco.28/cssa - 2002 sco.28.txt参考:SGI: 20021101 - 01 - p参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P参考:XF: tooltalk-ttdbserverd-tttransaction-symlink(9527)参考:网址:http://www.iss.net/security_center/static/9527.php参考:报价:5083参考:网址:http://www.securityfocus.com/bid/5083CDE ToolTalk数据库服务器(ttdbserver)允许本地用户覆盖任意文件通过一个符号链接攻击使用的事务日志文件_TT_TRANSACTION RPC程序。修改:ADDREF XF: tooltalk-ttdbserverd-tttransaction-symlink (9527) ADDREF报价:5083 ADDREF AIXAPAR: IY32368 ADDREF AIXAPAR: IY32370 ADDREF惠普:hpsbux0207 - 199 ADDREF SGI: 20021101 - 01 - p分析- - - - - - - - - -供应商确认:是的咨询映射:在惠普咨询讨论“缓冲区溢出”,它特别提到了ca - 2002 - 20,并咨询供应商声明中包含的文本为ToolTalk CERT-VU的问题由ca - 2002 - 20。推断行动:- 2002 - 0678能接受(5接受,6 ack, 0评论)目前投票:接受(4)贝克,墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(3)Christey,考克斯Foat选民的评论:Christey > XF: tooltalk-ttdbserverd-tttransaction-symlink(9527)网址:http://www.iss.net/security_center/static/9527.php报价:5083网址:http://www.securityfocus.com/bid/5083惠普:hpsbux0207 - 199网址:http://archives.neohapsis.com/archives/hp/2002-q3/0011.html注意:虽然惠普咨询讨论“缓冲区溢出”,它特别提到了ca - 2002 - 20,并咨询供应商声明中包含的文本对ToolTalk CERT-VU的问题由ca - 2002 - 20。AIXAPAR: IY32368网址:http://archives.neohapsis.com/archives/aix/2002-q3/0002.htmlAIXAPAR: IY32370网址:http://archives.neohapsis.com/archives/aix/2002-q3/0002.htmlChristey >惠普:hpsbux0207 - 199网址:http://online.securityfocus.com/advisories/4290Christey > SGI: 20021101 - 01 - p弗雷希> XF: tooltalk-ttdbserverd-tttransaction-symlink(9527) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0679网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0679最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020709类别:科幻参考:BUGTRAQ: 20020812 ENTERCEPT跳弹咨询:多供应商CDE ToolTalk数据库引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102917002523536&w=2参考:CERT: ca - 2002 - 26参考:网址:http://www.cert.org/advisories/ca - 2002 - 26. - html参考:CERT-VN: VU # 387387参考:网址:http://www.kb.cert.org/vuls/id/387387参考:火山口:综援- 2002 sco.28.1参考:康柏:SSRT2274参考:AIXAPAR: IY32792参考:AIXAPAR: IY32793参考:惠普:hpsbux0207 - 199参考:网址:http://online.securityfocus.com/advisories/4290参考:确认:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366&zone_32=category%3Asecurity参考:XF: tooltalk-ttdbserverd-ttcreatefile-bo(9822)参考:网址:http://www.iss.net/security_center/static/9822.php参考:报价:5444参考:网址:http://www.securityfocus.com/bid/5444缓冲区溢出在常见的桌面环境(CDE) ToolTalk RPC数据库服务器(rpc.ttdbserverd)允许远程攻击者执行任意代码通过一个参数_TT_CREATE_FILE过程。修改:ADDREF XF: tooltalk-ttdbserverd-ttcreatefile-bo (9822) ADDREF报价:5444 ADDREF惠普:hpsbux0207 - 199 ADDREF确认:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366&zone_32=category%3Asecurity分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0679能接受(3接受,7 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(4)Christey,考克斯墙,Foat选民的评论:Christey > XF: tooltalk-ttdbserverd-ttcreatefile-bo(9822)网址:http://www.iss.net/security_center/static/9822.php报价:5444网址:http://www.securityfocus.com/bid/5444惠普:hpsbux0207 - 199网址:http://online.securityfocus.com/advisories/4290确认:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366&zone_32=category%3Asecurity= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0685网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0685最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020711类别:科幻参考:BUGTRAQ: 20020710达:远程前景PGP加密插件脆弱性参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102634756815773&w=2参考:NTBUGTRAQ: 20020710达:远程前景PGP加密插件脆弱性参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=102639521518942&w=2参考:确认:http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.04/hotfix/ReadMe.txt参考:XF: pgp-outlook-heap-overflow(9525)参考:网址:http://www.iss.net/security_center/static/9525.php参考:报价:5202参考:网址:http://www.securityfocus.com/bid/5202基于堆的缓冲区溢出的前景PGP加密消息解码功能插件,用于奈PGP桌面安全7.0.4、个人安全7.0.3免费7.0.3,允许远程攻击者修改堆和获得特权通过一个大型的、畸形的邮件消息。修改:ADDREF XF: pgp-outlook-heap-overflow (9525) ADDREF报价:5202 DESC添加“基于堆溢出术语分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0685能接受(5接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(3)Christey,考克斯Foat选民的评论:Christey > XF: pgp-outlook-heap-overflow(9525)网址:http://www.iss.net/security_center/static/9525.php报价:5202网址:http://www.securityfocus.com/bid/5202弗雷希> XF: pgp-outlook-heap-overflow(9525) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0687网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0687最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020712类别:科幻参考:确认:http://www.zope.org/Products/Zope/Hotfix_2002-04-15/security_alert参考:REDHAT: RHSA-2002:060参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 060. - html参考:报价:5813参考:网址:http://www.securityfocus.com/bid/5813参考:XF: zope-inject-headers-dos(9621)参考:网址:http://www.iss.net/security_center/static/9621.php“通过web代码”功能通过2.5.1 Zope 2.0 b1允许不可信用户关闭了Zope服务器通过特定的header。修改:ADDREF红帽:RHSA-2002:060 ADDREF报价:5813 ADDREF XF: zope-inject-headers-dos(9621)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0687能接受(4接受,2 ack, 0评论)目前投票:接受(4)贝克,考克斯科尔,阿姆斯特朗等待(3)Christey,墙,Foat选民的评论:Christey > REDHAT: RHSA-2002:060 URL:http://www.redhat.com/support/errata/rhsa - 2002 - 060. - html报价:5813网址:http://www.securityfocus.com/bid/5813= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0688网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0688最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020712类别:科幻参考:确认:http://www.zope.org/Products/Zope/Hotfix_2002-06-14/security_alert参考:REDHAT: RHSA-2002:060参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 060. - html参考:报价:5812参考:网址:http://www.securityfocus.com/bid/5812参考:XF: zope-zcatalog-index-bypass(9610)参考:网址:http://www.iss.net/security_center/static/9610.phpZCatalog插件索引支持能力Zope测试盒框通过2.5.1允许匿名用户和不可信代码绕过限制的访问和调用任意目录索引的方法。修改:ADDREF红帽:RHSA-2002:060 ADDREF报价:5812 ADDREF XF: zope-zcatalog-index-bypass(9610)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0688 ACCEPT_ACK(2接受,2 ack, 0评论)目前投票:接受(2)贝克,科尔等待(4)Christey,考克斯墙,Foat选民的评论:Christey > REDHAT: RHSA-2002:060 URL:http://www.redhat.com/support/errata/rhsa - 2002 - 060. - html报价:5812网址:http://www.securityfocus.com/bid/5812= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0691网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0691最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020712类别:科幻参考:女士:ms02 - 047参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 047. - asp参考:XF: ie-local-resource-xss(9938)参考:网址:http://www.iss.net/security_center/static/9938.php参考:报价:5561参考:网址:http://www.securityfocus.com/bid/5561微软Internet Explorer 5.01和5.5允许远程攻击者在本地计算机上执行脚本区通过一个URL引用当地一个HTML资源文件的一个变体“跨站点脚本编制本地HTML资源”被- 2002 - 0189。修改:ADDREF XF: ie-local-resource-xss (9938) ADDREF报价:5561分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0691能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗等待(2)Christey,考克斯选民的评论:Christey > XF: ie-local-resource-xss(9938)网址:http://www.iss.net/security_center/static/9938.php报价:5561网址:http://www.securityfocus.com/bid/5561= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0695网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0695最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020712类别:科幻参考:女士:ms02 - 040参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 040. - asp参考:MISC:http://www.nextgenss.com/advisories/mssql-ors.txt参考:XF: mssql-mdac-openrowset-bo(9734)参考:网址:http://www.iss.net/security_center/static/9734.php参考:报价:5372参考:网址:http://online.securityfocus.com/bid/5372transact - SQL缓冲区溢出(t - SQL) OpenRowSet组件微软的数据访问组件(MDAC) 2.5 2.7通过SQL Server 7.0或2000允许远程攻击者通过一个查询执行任意代码调用OpenRowSet命令。修改:ADDREF XF: mssql-mdac-openrowset-bo (9734) ADDREF MISC:http://www.nextgenss.com/advisories/mssql-ors.txtADDREF报价:5372分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0695能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,Foat,科尔等待(2)Christey,考克斯选民的评论:Christey > XF: mssql-mdac-openrowset-bo(9734)网址:http://www.iss.net/security_center/static/9734.phpMISC:http://www.nextgenss.com/advisories/mssql-ors.txt报价:5372网址:http://online.securityfocus.com/bid/5372= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0697网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0697最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020712类别:科幻参考:女士:ms02 - 036参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 036. - asp参考:XF: mms-data-repository-access(9657)参考:网址:http://www.iss.net/security_center/static/9657.php参考:报价:5308参考:网址:http://www.securityfocus.com/bid/5308微软Metadirectory服务(MMS) 2.2允许远程攻击者绕过身份验证和修改敏感数据使用LDAP客户端直接连接到MMS,绕过检查MMS凭证。修改:ADDREF XF: mms-data-repository-access (9657) ADDREF报价:5308分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0697能接受(5接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(3)Christey,考克斯Foat选民的评论:Christey > XF: mms-data-repository-access(9657)网址:http://www.iss.net/security_center/static/9657.php报价:5308网址:http://www.securityfocus.com/bid/5308改变>(阿姆斯特朗从等待接受改变投票)弗雷希> XF: mms-data-repository-access(9657) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0698网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0698最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020712类别:科幻参考:国际空间站:20020724远程缓冲区溢出漏洞在Microsoft Exchange Server参考:网址:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20759参考:MSKB: Q326322参考:网址:http://support.microsoft.com/default.aspx?scid=kb; (LN); Q326322参考:女士:ms02 - 037参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 037. - asp参考:XF: exchange-imc-ehlo-bo(9658)参考:网址:http://www.iss.net/security_center/static/9658.php参考:报价:5306参考:网址:http://www.securityfocus.com/bid/5306缓冲区溢出的Internet邮件连接器(IMC) Microsoft Exchange Server 5.5允许远程攻击者执行任意代码通过一个EHLO请求从一个系统具有悠久的名字通过反向DNS查找,在IMC的你好反应触发溢出。修改:ADDREF XF: exchange-imc-ehlo-bo (9658) ADDREF报价:5306分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0698能接受(5接受,3 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗弗伦奇等待修改(1)(2)Christey,考克斯选民的评论:Christey > XF: exchange-imc-ehlo-bo(9658)网址:http://www.iss.net/security_center/static/9658.php报价:5306网址:http://www.securityfocus.com/bid/5306弗雷希> XF: exchange-imc-ehlo-bo(9658) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0700网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0700最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020712类别:科幻参考:女士:ms02 - 041参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 041. - asp参考:XF: mcms-authentication-bo(9783)参考:网址:http://www.iss.net/security_center/static/9783.php参考:报价:5420参考:网址:http://www.securityfocus.com/bid/5420缓冲区溢出的一个执行用户身份验证系统功能对微软内容管理服务器(反水雷舰)2001允许攻击者执行代码在本地系统背景下通过验证web页面调用的函数,即“无节制的缓冲MDAC功能可以使SQL Server妥协。”Modifications: ADDREF XF:mcms-authentication-bo(9783) ADDREF BID:5420 Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0700 ACCEPT (5 accept, 1 ack, 0 review) Current Votes: ACCEPT(5) Baker, Wall, Foat, Cole, Armstrong NOOP(2) Christey, Cox Voter Comments: Christey> XF:mcms-authentication-bo(9783) URL:http://www.iss.net/security_center/static/9783.php报价:5420网址:http://www.securityfocus.com/bid/5420= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0701网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0701最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020712类别:科幻参考:FREEBSD: FreeBSD-SA-02:30参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102650797504351&w=2参考:OPENBSD: 20020627 009:安全修复:6月27日2002参考:网址:http://www.openbsd.org/errata.html ktrace参考:XF: openbsd-ktrace-gain-privileges(9474)参考:网址:http://www.iss.net/security_center/static/9474.php参考:报价:5133参考:网址:http://www.securityfocus.com/bid/5133ktrace在bsd操作系统允许所有者与特权的过程跟踪过程后的特权已被下调,这可能允许所有者获得敏感信息的过程是运行时获得额外的特权。修改:ADDREF XF: openbsd-ktrace-gain-privileges (9474) ADDREF报价:5133分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0701 ACCEPT_ACK(2接受,2 ack, 0评论)目前投票:接受(2)贝克,科尔等待(4)Christey,考克斯墙,Foat选民的评论:Christey > XF: openbsd-ktrace-gain-privileges(9474)网址:http://www.iss.net/security_center/static/9474.php报价:5133网址:http://www.securityfocus.com/bid/5133= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0703网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0703最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020716类别:科幻参考:REDHAT: RHSA-2002:081参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 081. - html参考:曼德拉草:MDKSA-2002:035参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 035. - php参考:XF: linux-utf8-incorrect-md5(9051)参考:网址:http://www.iss.net/security_center/static/9051.php参考:报价:4716参考:网址:http://www.securityfocus.com/bid/4716一个Perl MD5模块之间的交互(perl-Digest-MD5)和Perl可以产生不正确的MD5校验和utf - 8数据,这可能会阻止系统正确验证数据的完整性。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0703能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,科尔,阿姆斯特朗等待(1)Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0704网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0704最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020716类别:科幻参考:BUGTRAQ: 20020508 (cartsa - 20020402) Linux Netfilter NAT / ICMP代码信息泄漏参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102088521517722&w=2参考:REDHAT: RHSA-2002:086参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 086. - html参考:曼德拉草:MDKSA-2002:030参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 030. - php参考:惠普:hpsbtl0205 - 039参考:网址:http://online.securityfocus.com/advisories/4116参考:XF: linux-netfilter-information-leak(9043)参考:网址:http://www.iss.net/security_center/static/9043.php参考:报价:4699参考:网址:http://www.securityfocus.com/bid/4699网络地址转换(NAT)能力Netfilter (iptables) 1.2.6a和早些时候泄漏翻译IP地址在ICMP错误消息。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0704能接受(5接受,2 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,科尔,阿姆斯特朗等待(1)Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0710网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0710最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020718类别:科幻参考:BUGTRAQ: 20020730目录遍历sendform脆弱性。cgi参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102809084218422&w=2参考:VULNWATCH: 20020731 (VULNWATCH)目录遍历sendform脆弱性。cgi参考:确认:http://www.scn.org/ bb615 /脚本/ sendform.html参考:XF: sendform-blurbfile-directory-traversal(9725)参考:网址:http://www.iss.net/security_center/static/9725.php参考:报价:5286参考:网址:http://www.securityfocus.com/bid/5286目录遍历sendform脆弱性。1.44和更早的cgi允许远程攻击者读取任意文件在BlurbFilePath参数通过指定所需的文件。修改:ADDREF XF: sendform-blurbfile-directory-traversal (9725) ADDREF报价:5286分析- - - - - - - - - -供应商确认:是的、确认:供应商的主页,一个项目7月22日,2002年,说“新:安全解决办法:这限制阅读公开的“广告”文件(可以使用HTML表单使用这个脚本)对特定目录中定义的脚本由网络管理员”。INFERRED ACTION: CAN-2002-0710 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Baker, Cole NOOP(4) Christey, Cox, Wall, Foat Voter Comments: Christey> XF:sendform-blurbfile-directory-traversal(9725) URL:http://www.iss.net/security_center/static/9725.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0714网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0714最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020720类别:科幻参考:确认:http://www.squid cache.org/advisories/squid - 2002 _3.txt参考:确认:http://www.squid-cache.org/Versions/v2/2.4/bugs/参考:REDHAT: RHSA-2002:051参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 051. - html参考:REDHAT: RHSA-2002:130参考:网址:http://rhn.redhat.com/errata/rhsa - 2002 - 130. - html参考:SUSE: SuSE-SA: 2002:025参考:火山口:综援- 2002 - 046.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 046.0.txt参考:CONECTIVA: CLA-2002:506参考:曼德拉草:MDKSA-2002:044参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 044. - php参考:BUGTRAQ: 20020715 tslsa - 2002 - 0062 -鱿鱼参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102674543407606&w=2参考:XF: squid-ftp-data-injection(9479)参考:网址:http://www.iss.net/security_center/static/9479.php参考:报价:5158参考:网址:http://www.securityfocus.com/bid/5158FTP代理鱿鱼之前2.4。STABLE6不比较控制和数据连接的IP地址和FTP服务器,它允许远程攻击者绕过防火墙规则或恶搞FTP服务器响应。修改:ADDREF XF: squid-ftp-data-injection (9479) ADDREF火山口:综援- 2002 - 046.0 ADDREF红帽:RHSA-2002:051分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0714能接受(6接受,4 ack, 0评论)目前投票:接受(5)贝克,考克斯墙,科尔,阿姆斯特朗弗伦奇等待修改(1)(2)Christey, Foat选民的评论:弗雷希> XF: squid-ftp-data-injection (9479) Christey > REDHAT: RHSA-2002:051 URL:http://rhn.redhat.com/errata/rhsa - 2002 - 051. - html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0716网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0716最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020722类别:科幻参考:BUGTRAQ: 20020604 SRT安全顾问(srt2002 - 06 - 04 - 1711):上海合作组织crontab参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102323070305101&w=2参考:VULN-DEV: 20020604 SRT安全顾问(srt2002 - 06 - 04 - 1711):上海合作组织crontab参考:网址:http://marc.theaimsgroup.com/?l=vuln-dev&m=102323386107641&w=2参考:火山口:综援- 2002上海合作组织。35参考:报价:4938参考:网址:http://www.securityfocus.com/bid/4938参考:XF: openserver-crontab-format-string(9271)参考:网址:http://www.iss.net/security_center/static/9271.php格式字符串漏洞的crontab上海合作组织OpenServer 5.0.5 5.0.6允许本地用户获得特权通过文件名的格式说明符的字符串参数。修改:ADDREF报价:4938 ADDREF XF: openserver-crontab-format-string(9271)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0716 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔等待(4)Christey,考克斯墙,Foat选民的评论:Christey >报价:4938网址:http://www.securityfocus.com/bid/4938XF: openserver-crontab-format-string(9271)网址:http://www.iss.net/security_center/static/9271.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0718网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0718最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020722类别:科幻参考:女士:ms02 - 041参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 041. - asp参考:报价:5421参考:网址:http://www.securityfocus.com/bid/5421参考:XF: mcms-authoring-file-execution(9784)参考:网址:http://www.iss.net/security_center/static/9784.php网络编辑命令微软内容管理服务器(反水雷舰)2001允许攻击者进行身份验证和上传可执行内容,通过修改上传的位置,又名“程序执行反水雷舰通过编辑功能”。Modifications: ADDREF BID:5421 ADDREF XF:mcms-authoring-file-execution(9784) Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0718 ACCEPT (5 accept, 1 ack, 0 review) Current Votes: ACCEPT(5) Baker, Wall, Foat, Cole, Armstrong NOOP(2) Christey, Cox Voter Comments: Christey> BID:5421 URL:http://www.securityfocus.com/bid/5421XF: mcms-authoring-file-execution(9784)网址:http://www.iss.net/security_center/static/9784.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0719网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0719最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020722类别:科幻参考:女士:ms02 - 041参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 041. - asp参考:报价:5422参考:网址:http://www.securityfocus.com/bid/5422参考:XF: mcms-resource-sql-injection(9785)参考:网址:http://www.iss.net/security_center/static/9785.php微软的SQL注入漏洞的功能服务内容管理服务器(反水雷舰)2001年允许远程攻击者执行任意命令通过一个反水雷舰资源请求的图像文件或其他文件。修改:ADDREF报价:5422 ADDREF XF: mcms-resource-sql-injection(9785)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0719能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗等待(2)Christey,考克斯选民的评论:Christey >报价:5422网址:http://www.securityfocus.com/bid/5422XF: mcms-resource-sql-injection(9785)网址:http://www.iss.net/security_center/static/9785.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0720网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0720最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020722类别:科幻参考:女士:ms02 - 042参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 042. - asp参考:XF: win2k-ncm-gain-privileges(9856)参考:网址:http://www.iss.net/security_center/static/9856.php参考:报价:5480参考:网址:http://www.securityfocus.com/bid/5480网络连接管理器的处理程序例程(不合格品)在Windows 2000允许本地用户获得特权通过一个复杂的攻击,导致LocalSystem上下文处理程序运行指定的代码。修改:ADDREF XF: win2k-ncm-gain-privileges (9856) ADDREF报价:5480 DESC添加操作系统分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0720能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗等待(2)Christey,考克斯选民的评论:Christey > XF: win2k-ncm-gain-privileges(9856)网址:http://www.iss.net/security_center/static/9856.php报价:5480网址:http://www.securityfocus.com/bid/5480= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0722网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0722最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020722类别:科幻参考:BUGTRAQ: 20020828下载的文件可以欺骗的起源在MSIE参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=103054692223380&w=2参考:女士:ms02 - 047参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 047. - asp参考:XF: ie-file-origin-spoofing(9937)参考:网址:http://www.iss.net/security_center/static/9937.php参考:报价:5559参考:网址:http://www.securityfocus.com/bid/5559微软Internet Explorer 5.01、5.5和6.0允许远程攻击者歪曲源文件的文件下载对话框来诱骗用户认为安全的下载文件类型,即“文件来源欺骗。”Modifications: ADDREF XF:ie-file-origin-spoofing(9937) ADDREF BID:5559 Analysis -------- Vendor Acknowledgement: yes advisory INFERRED ACTION: CAN-2002-0722 ACCEPT (5 accept, 1 ack, 0 review) Current Votes: ACCEPT(5) Baker, Wall, Foat, Cole, Armstrong NOOP(2) Christey, Cox Voter Comments: Christey> XF:ie-file-origin-spoofing(9937) URL:http://www.iss.net/security_center/static/9937.php报价:5559网址:http://www.securityfocus.com/bid/5559= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0726网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0726最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020722类别:科幻参考:ATSTAKE: A082802-1参考:网址:http://www.atstake.com/research/advisories/2002/a082802 - 1. - txt参考:女士:ms02 - 046参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 046. - asp参考:XF: ms-tsac-activex-bo(9934)参考:网址:http://www.iss.net/security_center/static/9934.php参考:报价:5554参考:网址:http://www.securityfocus.com/bid/5554在微软先进终端服务客户端缓冲区溢出(TSAC) ActiveX控件允许远程攻击者通过长期执行任意代码服务器名称字段。修改:ADDREF XF: ms-tsac-activex-bo (9934) ADDREF报价:5554分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0726能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗等待(2)Christey,考克斯选民的评论:Christey > XF: ms-tsac-activex-bo(9934)网址:http://www.iss.net/security_center/static/9934.php报价:5554网址:http://www.securityfocus.com/bid/5554= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0727网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0727最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020722类别:科幻参考:女士:ms02 - 044参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 044. - asp参考:BUGTRAQ: 20020408脚本脚本与油水界面时的IE (GM # 005 - IE)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101829645415486&w=2参考:XF: owc-spreadsheet-host-script-execution(8777)参考:网址:http://www.iss.net/security_center/static/8777.php参考:报价:4449参考:网址:http://online.securityfocus.com/bid/4449主机功能Microsoft Office Web组件(油水界面)2000年和2002年暴露在组件标记为安全的脚本,它允许远程攻击者通过setTimeout方法执行任意命令。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0727能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,墙,科尔,阿姆斯特朗等待(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0733网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0733最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020417 Smalls洞5日产品# 1参考:网址:http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0155.html参考:确认:http://www.acme.com/software/thttpd/ releasenotes参考:MISC:http://www.ifrance.com/kitetoua/tuto/5holes1.txt参考:XF: thttpd-error-page-css(9029)参考:网址:http://www.iss.net/security_center/static/9029.php参考:报价:4601参考:网址:http://www.securityfocus.com/bid/4601早些时候在thttpd 2.20和跨站点脚本漏洞允许远程攻击者通过一个URL执行任意脚本不存在的页面,从而导致thttpd脚本插入一个404错误消息。分析- - - - - - - - - -供应商确认:是的更新日志确认:在2.21发行说明,供应商州“固定跨站点脚本漏洞与内置的错误页面。”INFERRED ACTION: CAN-2002-0733 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Cole, Armstrong NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0734 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0734最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020506 b2 php远程命令执行参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0027.html参考:确认:http://cafelog.com/参考:报价:4673参考:网址:http://www.securityfocus.com/bid/4673参考:XF: b2-b2inc-command-execution(9013)参考:网址:http://www.iss.net/security_center/static/9013.phpb2edit.showposts。早些时候在B2 2.0.6pre2和php不正确加载b2config。php文件在某些配置,远程攻击者可以通过一个URL执行任意的php代码,设置$ b2inc变量指向一个恶意程序存储在远程服务器上。修改:DESC删除“特洛伊木马”的术语分析- - - - - - - - - -供应商确认:是的确认:供应商的主页,一个项目日期“04.05.02”(2002年5月4日)州“有人最近告诉我对b2安全漏洞……安全漏洞的修复非常简单:创建一个名为b2config的文件。php和b2-include文件夹中上传它。”While this in itself doesn't include enough details to be certain that the vendor is fixing *this* problem, it would fix the problem, and later comments on the vendor's page would line up with the date of public announcement of this problem. INFERRED ACTION: CAN-2002-0734 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Cole, Armstrong NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0736 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0736最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020416后台Web管理员身份验证旁路(# NISR17042002A)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0208.html参考:MSKB: Q316838参考:网址:http://support.microsoft.com/support/kb/articles/q316/8/38.asp参考:报价:4528参考:网址:http://www.securityfocus.com/bid/4528参考:XF: backoffice-bypass-authentication(8862)参考:网址:http://www.iss.net/security_center/static/8862.php微软BackOffice 4.0和4.5,当配置为访问其他系统,允许远程攻击者绕过身份验证和访问管理ASP页面通过HTTP请求的授权类型(auth_type)这不是空白。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0736能接受(5接受,1 ack, 0评论)目前投票:接受(5)贝克,墙,Foat,科尔,阿姆斯特朗等待考克斯(1)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0737网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0737最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ:毕马威20020417 - 2002012:水鹿网络服务器服务端Fileparse绕过参考:网址:http://online.securityfocus.com/archive/1/268121参考:VULNWATCH: 20020417 [VULNWATCH]毕马威- 2002012:水鹿网络服务器服务端Fileparse绕过参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0026.html参考:确认:http://www.sambar.com/security.htm参考:XF: sambar-script-source-disclosure(8876)参考:网址:http://www.iss.net/security_center/static/8876.php参考:报价:4533参考:网址:http://www.securityfocus.com/bid/4533水鹿web服务器之前5.2 beta 1允许远程攻击者获得服务器端脚本的源代码,或引起拒绝服务(资源枯竭)通过DOS设备,使用一个URL,以空间和一个空字符结束。分析- - - - - - - - - -供应商确认:确认:在安全页面,最后更新最初披露后的第二天,供应商指出,“所有版本5.2 beta 1版本之前很容易与CGI脚本相关的源代码和JSP文件通过一个URL序列。”INFERRED ACTION: CAN-2002-0737 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Cole, Armstrong NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0738 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0738最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020418 MHonArc v2.5.2脚本过滤绕过漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0260.html参考:确认:http://www.mhonarc.org/MHonArc/CHANGES参考:DEBIAN: dsa - 163参考:网址:http://www.debian.org/security/2002/dsa - 163参考:XF: mhonarc-script-filtering-bypass(8894)参考:网址:http://www.iss.net/security_center/static/8894.php参考:报价:4546参考:网址:http://www.securityfocus.com/bid/4546MHonArc 2.5.2早些时候从归档电子邮件不正确过滤Javascript,这可能允许远程攻击者执行脚本的web客户端脚本标记(1)分裂成小块,(2)包括一个IMG SRC参数中的脚本标签,或(3)使用“& ={脚本}”语法。修改:ADDREF DEBIAN: dsa - 163分析- - - - - - - - - -供应商确认:是的、确认:在更新日志2002/04/18(2.5.3版),卖方国家”加强了HTML mhtxthtml过滤。pl消除一些安全漏洞”和学分Bugtraq研究者。推断行动:- 2002 - 0738能接受(3接受,2 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(4)Christey,考克斯墙,Foat选民的评论:Christey > DEBIAN: dsa - 163 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0741网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0741最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020423 PsyBNC远程Dos POC参考:网址:http://online.securityfocus.com/archive/1/269131参考:BUGTRAQ: 20020422 Re: psyBNC 2.3 DoS /错误引用:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0322.html参考:报价:4570参考:网址:http://www.securityfocus.com/bid/4570参考:XF: psybnc-long-password-dos(8912)参考:网址:http://www.iss.net/security_center/static/8912.phppsyBNC 2.3允许远程攻击者造成拒绝服务(CPU消耗和资源枯竭)通过发送通过命令长密码参数并迅速杀死连接,由psyBNC不正常终止。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 0741 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔等待(4)考克斯墙,Foat,阿姆斯特朗= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0748网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0748最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020423虚拟仪器Web服务器DoS脆弱性参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-04/0323.html参考:确认:http://digital.ni.com/public.nsf/websearch/4C3F86E655E5389886256BA00064B22F?OpenDocument参考:XF: labview-http-get-dos(8919)参考:网址:http://www.iss.net/security_center/static/8919.php参考:报价:4577参考:网址:http://www.securityfocus.com/bid/4577虚拟仪器通过Web服务器5.1.1 6.1允许远程攻击者造成拒绝服务(崩溃)通过一个HTTP GET请求,以两个换行符,而不是预期的回车/换行符的组合。分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0748能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0754网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0754最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:07参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc参考:报价:3919参考:网址:http://www.securityfocus.com/bid/3919参考:XF: kerberos5-k5su-elevate-privileges(7956)参考:网址:http://www.iss.net/security_center/static/7956.phpKerberos 5 su (k5su)早些时候在FreeBSD 4.4和依赖于getlogin系统调用来确定用户运行k5su根,这可能允许root-initiated过程后恢复其特权了。修改:DESC澄清分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0754能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(4)Christey,考克斯墙,Foat选民的评论:Christey >需要重写DESC更清晰。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0755网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0755最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:24参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:24.k5su.asc参考:报价:4777参考:网址:http://www.securityfocus.com/bid/4777参考:XF: freebsd-k5su-gain-privileges(9125)参考:网址:http://www.iss.net/security_center/static/9125.phpKerberos 5 su (k5su)早些时候在FreeBSD 4.5和不验证用户前车轮组的成员授予超级用户特权,这可能允许未经授权的用户执行命令作为根。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0755能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0758网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0758最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:SUSE: SuSE-SA: 2002:016参考:网址:http://www.suse.de/de/support/security/2002_016_sysconfig_txt.html参考:报价:4695参考:网址:http://www.securityfocus.com/bid/4695参考:XF: suse-sysconfig-command-execution(9040)参考:网址:http://www.iss.net/security_center/static/9040.phpifup-dhcp脚本sysconfig包的SuSE 8.0允许远程攻击者通过欺骗DHCP执行任意命令响应,存储和执行在一个文件中。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0758能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0759网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0759最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:25参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.asc参考:火山口:综援- 2002 - 039.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 039.0.txt参考:XF: bzip2-decompression-file-overwrite(9126)参考:网址:http://www.iss.net/security_center/static/9126.php参考:报价:4774参考:网址:http://www.securityfocus.com/bid/4774bzip2 1.0.2 FreeBSD 4.5和更早之前,OpenLinux 3.1和3.1.1,可能还有其他操作系统,不使用O_EXCL国旗创建文件在减压和不警告用户如果将覆盖现有的文件,这可能允许攻击者通过bzip2存档覆盖文件。修改:ADDREF火山口:综援- 2002 - 039.0 DESC添加OpenLinux DESC分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0759能接受(4接受,2 ack, 0评论)目前投票:接受(4)贝克,考克斯科尔,阿姆斯特朗等待(3)Christey,墙,Foat选民的评论:Christey >火山口:综援- 2002 - 039.0 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0760网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0760最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:25参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.asc参考:火山口:综援- 2002 - 039.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 039.0.txt参考:报价:4775参考:网址:http://www.securityfocus.com/bid/4775参考:XF: bzip2-decompression-race-condition(9127)参考:网址:http://www.iss.net/security_center/static/9127.php竞争条件在bzip2 1.0.2,早些时候在FreeBSD 4.5和3.1 OpenLinux 3.1.1,可能还有其他操作系统,之前与全局解压缩文件权限设置中指定的权限是什么bzip2存档,这可能允许本地用户读取的文件被解压。修改:DESC添加OpenLinux ADDREF火山口:综援039.0 - 2002 -分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0760能接受(4接受,2 ack, 0评论)目前投票:接受(4)贝克,考克斯科尔,阿姆斯特朗等待(3)Christey,墙,Foat选民的评论:Christey >火山口:综援- 2002 - 039.0 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0761网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0761最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:25参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.asc参考:火山口:综援- 2002 - 039.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 039.0.txt参考:XF: bzip2-compression-symlink(9128)参考:网址:http://www.iss.net/security_center/static/9128.php参考:报价:4776参考:网址:http://www.securityfocus.com/bid/4776bzip2 1.0.2 FreeBSD 4.5和更早之前,OpenLinux 3.1和3.1.1,甚至系统,使用符号链接的权限,而不是实际的文件创建一个归档文件时,这可能导致文件提取与严格的权限比预期少。修改:DESC添加OpenLinux ADDREF火山口:综援039.0 - 2002 -分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0761能接受(4接受,2 ack, 0评论)目前投票:接受(4)贝克,考克斯科尔,阿姆斯特朗等待(3)Christey,墙,Foat选民的评论:Christey >火山口:综援- 2002 - 039.0 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0762网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0762最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:SUSE: SuSE-SA: 2002:017参考:网址:http://www.suse.de/de/support/security/2002_17_shadow.html参考:XF: suse-shadow-filesize-limits(9102)参考:网址:http://www.iss.net/security_center/static/9102.php参考:报价:4757参考:网址:http://www.securityfocus.com/bid/4757影子包在SuSE 8.0允许本地用户破坏/ etc / passwd和/etc/shadow文件或指定额外的组特权一些用户通过改变文件大小限制在调用程序之前修改的文件。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0762能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0765网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0765最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020527 OpenSSH 3.2.3发布(fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0235.html参考:OPENBSD: 20020522 004:安全修复:5月22日,2002参考:网址:http://www.openbsd.org/errata.html sshbsdauth参考:报价:4803参考:网址:http://www.securityfocus.com/bid/4803参考:XF: bsd-sshd-authentication-error(9215)参考:网址:http://www.iss.net/security_center/static/9215.phpOpenSSH 3.2.2 sshd,当使用YP netgroups和在一定条件下,可以允许用户成功地与另一个用户进行身份验证和登录的密码。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0765能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,Foat,科尔,阿姆斯特朗等待(2)考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0766网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0766最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020509 [VULNWATCH] OpenBSD当地DoS和根利用参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0066.html参考:BUGTRAQ: 20020509 OpenBSD当地DoS和根利用参考:网址:http://online.securityfocus.com/archive/1/271702参考:OPENBSD: 20020508 003:安全修复:5月8日,2002参考:网址:http://www.openbsd.org/errata.html fdalloc2参考:XF: openbsd-file-descriptor-dos(9048)参考:网址:http://www.iss.net/security_center/static/9048.phpOpenBSD 2.9到3.1允许本地用户造成拒绝服务(资源枯竭)并获得根权限通过填充内核的文件描述符表和关闭文件描述符0、1或2在执行一个特权的过程,不妥善处理当OpenBSD未能打开另一个描述符。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0766能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0768网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0768最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:参考:SUSE: SuSE-SA: 2002:018参考:网址:http://www.suse.com/de/support/security/2002_18_lukemftp.html参考:XF: lukemftp-pasv-bo(9130)参考:网址:http://www.iss.net/security_center/static/9130.php缓冲区溢出在SuSE 6.4到8.0 lukemftp FTP客户端,和可能的其他操作系统,允许一个恶意的FTP服务器通过长PASV命令执行任意代码。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0768能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0776网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0776最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020713主机控制器脆弱性参考:网址:http://online.securityfocus.com/archive/1/282129参考:确认:http://hostingcontroller.com/english/logs/sp2log.html参考:XF: hosting-controller-password-modification(9554)参考:网址:http://www.iss.net/security_center/static/9554.php参考:报价:5229参考:网址:http://www.securityfocus.com/bid/5229getuserdesc。asp在2002主机控制器允许远程攻击者修改任意用户的密码和修改用户名参数获得特权,解决的“UpdateUser”热修复。修改:ADDREF XF: hosting-controller-password-modification (9554) ADDREF报价:5229分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0776能接受(4接受,1 ack, 0评论)目前投票:接受(3)贝克,Balinsky,科尔弗伦奇等待修改(1)(4)考克斯墙,Foat,阿姆斯特朗选民的评论:弗雷希> XF: hosting-controller-password-modification(9554) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0777网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0777最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020520 Foundstone咨询——缓冲区溢出Ipswitch Imail 7.1和之前(fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0172.html参考:XF: imail-ldap-bo(9116)参考:网址:http://www.iss.net/security_center/static/9116.php参考:报价:4780参考:网址:http://www.securityfocus.com/bid/4780缓冲区溢出在LDAP组成部分Ipswitch IMail 7.1和更早的允许远程攻击者执行任意代码通过一个长长的“bind DN”参数。分析- - - - - - - - - -供应商确认:是的领域相符确认:唯一明显的信息可能与这个问题有关的供应商http://support.ipswitch.com/kb/im dm01.htm——20020703;有两个相关的评论溢出:“删除缓冲区溢出错误网络日历”和“ILDAP:固定缓冲区溢位可用于一个DOS攻击。”While the latter phrase might be related to the LDAP issue, it is in direct conflict with Foundstone's claim that the problem is exploitable, which may indicate that this is not really the same vulnerability. Inquiry posted tohttp://www.ipswitch.com/cgi/askatech.pl?action=build2002年7月17日。追踪号码:T200207180016。供应商确认这个问题通过电子邮件evalhelp@ipswitch.com 7月18日的回复:“是的,这被修好了…确凿的证据在知识库文章。”INFERRED ACTION: CAN-2002-0777 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Cole, Armstrong NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0778 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0778最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:CF参考:思科:20020528透明缓存引擎和内容引擎TCP继电器脆弱性参考:网址:http://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtml参考:XF: cisco-cache-content-tcp-forward(9082)参考:网址:http://www.iss.net/security_center/static/9082.php参考:报价:4751参考:网址:http://www.securityfocus.com/bid/4751思科的默认配置代理缓存引擎和内容引擎允许远程攻击者使用HTTPS使TCP连接允许IP地址而隐藏实际的源IP。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0778能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,Foat,科尔,阿姆斯特朗等待(2)考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0785网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0785最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020508洞AOL的即时通讯工具参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0086.html参考:XF: aim-addbuddy-bo(9058)参考:网址:http://www.iss.net/security_center/static/9058.php参考:报价:4709参考:网址:http://www.securityfocus.com/bid/4709AOL的即时通讯(AIM)允许远程攻击者造成拒绝服务(崩溃)通过一个“AddBuddy”链接与屏幕名参数集大量的以逗号分隔的值,可能引发缓冲区溢出。分析- - - - - - - - - -供应商确认:推断行动:- 2002 - 0785能接受(4接受,0 ack, 0评论)目前投票:接受(4)贝克,墙,科尔,阿姆斯特朗等待(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0788网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0788最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020508 NTFS和PGP揭露EFS加密数据交互参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0052.html参考:确认:http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.1/hotfix/ReadMe.txt参考:XF: pgp-ntfs-reveal-data(9044)参考:网址:http://www.iss.net/security_center/static/9044.php参考:报价:4702参考:网址:http://www.securityfocus.com/bid/4702PGP 7.0.3之间的交互与“擦删除文件”选项,在Windows上使用时加密文件系统(EFS),创建一个明文不能擦拭或删除临时文件,由于强大的权限,这可能让某些本地用户或攻击者获取明文信息的物理访问。分析- - - - - - - - - -供应商确认:是的咨询确认:在热修复补丁的发布说明,卖方国家”有一个微软的加密文件系统之间的冲突(EFS)在Windows 2000和PGP的文件擦功能。当你使用EFS加密文件时,Windows 2000创建一个临时文件,其中包含加密的明文文件。”INFERRED ACTION: CAN-2002-0788 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Cole, Armstrong NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0789 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0789最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:BUGTRAQ: 20020511 mnogosearch-3.1.19引用错误:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0092.html参考:确认:http://www.mnogosearch.org/Download/mnogosearch-3.1.20.tar.gz参考:MISC:http://www.mnogosearch.org/history.html log31参考:报价:4724参考:网址:http://www.securityfocus.com/bid/4724参考:XF: mnogosearch-search-cgi-bo(9060)参考:网址:http://www.iss.net/security_center/static/9060.php缓冲区溢出的搜索。cgi的mnoGoSearch 3.1.19早些时候,允许远程攻击者通过长期执行任意代码查询(q)参数。分析- - - - - - - - - -供应商确认:是的更新日志确认:产品历史上一个模糊的评论页面包括一个项目版本3.1.20日期为“2002年6月27日,即“安全漏洞已经修复。”This is not sufficient proof that the vendor has fixed *this* issue. HOWEVER, the ChangeLog in the source code for 3.1.20 includes an item dated 27 Jun 2002, which says "A security bug (trap on too long queries) fixed," which *does* qualify as sufficient proof. INFERRED ACTION: CAN-2002-0789 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Cole, Armstrong NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0790 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0790最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:AIXAPAR: IY24556参考:网址:http://techsupport.services.ibm.com/server/aix.uhuic_getrec?args=DVsteamboat.boulder.ibm.com + DBAIX2 + DA6854 + STIY24556 + USbinclchkspuser和clpasswdremote cspoc为AIX暴露一个加密的密码。日志文件,允许本地用户获得特权。分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0790 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔等待(4)考克斯墙,Foat,阿姆斯特朗= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0794网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0794最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:26参考:网址:http://archives.neohapsis.com/archives/freebsd/2002-05/0349.html参考:报价:4879参考:网址:http://www.securityfocus.com/bid/4879参考:XF: freebsd-accept-filter-dos(9209)参考:网址:http://www.iss.net/security_center/static/9209.phpFreeBSD 4中的accept_filter机制通过4.5不正确删除条目从完整听队列添加syncache时,它允许远程攻击者造成拒绝服务(网络服务可用性)通过大量的连接尝试,填补了队列。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0794能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0795网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0795最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:FREEBSD: FreeBSD-SA-02:27参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:27.rc.asc参考:XF: freebsd-rc-delete-directories(9217)参考:网址:http://www.iss.net/security_center/static/9217.php参考:报价:4880参考:网址:http://www.securityfocus.com/bid/4880rc系统启动脚本FreeBSD 4到4.5允许本地用户删除任意文件通过一个符号链接攻击X Windows锁文件。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0795能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0801网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0801最终决定:阶段性裁决:20030326修改:建议:20020726分配:20020725类别:科幻参考:VULNWATCH: 20020529 (VULNWATCH)弗兰克-威廉姆斯:Macromedia JRUN缓冲区溢出漏洞(# NISR29052002)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0085.html参考:BUGTRAQ: 20020529附录咨询# NISR29052002 (JRun缓冲区溢出)参考:网址:http://online.securityfocus.com/archive/1/274601参考:BUGTRAQ: 20020529 Macromedia JRUN缓冲区溢出漏洞(# NISR29052002)参考:网址:http://online.securityfocus.com/archive/1/274528参考:CERT-VN: VU # 703835参考:网址:http://www.kb.cert.org/vuls/id/703835参考:CERT: ca - 2002 - 14参考:网址:http://www.cert.org/advisories/ca - 2002 - 14. - html参考:XF: jrun-isapi-host-bo(9194)参考:网址:http://www.iss.net/security_center/static/9194.php参考:报价:4873参考:网址:http://www.securityfocus.com/bid/4873缓冲区溢出的ISAPI DLL过滤器Macromedia JRun 3.1允许远程攻击者通过直接请求执行任意代码过滤有着悠久的HTTP URL中的主机头字段. jsp文件。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0801能接受(4接受,2 ack, 0评论)目前投票:接受(4)科尔,阿姆斯特朗,贝克,墙壁无操作(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0802网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0802最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020729类别:科幻参考:MISC:http://marc.theaimsgroup.com/?l=postgresql-general&m=102032794322362参考:REDHAT: RHSA-2002:149参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 149. - html参考:XF: postgresql-sqlascii-sql-injection(10328)参考:网址:http://www.iss.net/security_center/static/10328.php多字节支持PostgreSQL 6.5。x SQL_ASCII编码消耗额外的在处理字符,不能转换,可以从查询和删除一个转义字符使应用程序SQL注入攻击。修改:ADDREF红帽:RHSA-2002:149 ADDREF XF: postgresql-sqlascii-sql-injection(10328)分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0802能接受(7接受,1 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,Alderson,贝克,琼斯修改(2)弗雷希考克斯等待(1)Foat选民的评论:考克斯> ADDREF: REDHAT: RHSA-2002:149弗雷希> XF: postgresql-sqlascii-sql-injection(10328) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0804网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0804最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020729类别:科幻参考:BUGTRAQ: 20020608 (BUGZILLA)安全顾问为2.14版本的BUGZILLA 2.14.2之前,2.16之前2.16 rc2参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html参考:确认:http://bugzilla.mozilla.org/show_bug.cgi?id=129466参考:REDHAT: RHSA-2002:109参考:报价:4964参考:网址:http://online.securityfocus.com/bid/4964参考:XF: bugzilla-reversedns-hostname-spoof(9301)参考:网址:http://www.iss.net/security_center/static/9301.php2.14.2之前Bugzilla 2.14, 2.16之前2.16 rc2,当配置为执行反向DNS查找,允许远程攻击者绕过IP限制通过连接从一个系统欺骗反向DNS主机名。修改:ADDREF XF: bugzilla-reversedns-hostname-spoof(9301)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0804能接受(4接受,2 ack, 0评论)目前投票:接受(3)科尔,贝克,弗伦奇等待墙修改(1)(1)Foat选民的评论:弗雷希> XF: bugzilla-reversedns-hostname-spoof(9301) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0805网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0805最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020729类别:科幻参考:BUGTRAQ: 20020608 (BUGZILLA)安全顾问为2.14版本的BUGZILLA 2.14.2之前,和2.16之前2.16 rc2参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html参考:确认:http://bugzilla.mozilla.org/show_bug.cgi?id=134575参考:REDHAT: RHSA-2002:109参考:报价:4964参考:网址:http://online.securityfocus.com/bid/4964参考:XF: bugzilla-world-writable-dir(9302)参考:网址:http://www.iss.net/security_center/static/9302.php2.14.2之前Bugzilla 2.14, 2.16之前2.16 rc2,(1)创建新的目录,人人可写的权限,和(2)创建参数文件,人人可写的权限,它允许本地用户修改文件和执行代码。修改:ADDREF XF: bugzilla-world-writable-dir(9302)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0805能接受(4接受,2 ack, 0评论)目前投票:接受(3)科尔,贝克,弗伦奇等待墙修改(1)(1)Foat选民的评论:弗雷希> XF: bugzilla-world-writable-dir(9302) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0806网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0806最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020729类别:科幻参考:BUGTRAQ: 20020608 (BUGZILLA)安全顾问为2.14版本的BUGZILLA 2.14.2之前,和2.16之前2.16 rc2参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html参考:确认:http://bugzilla.mozilla.org/show_bug.cgi?id=141557参考:REDHAT: RHSA-2002:109参考:报价:4964参考:网址:http://online.securityfocus.com/bid/4964参考:XF: bugzilla-edituser-user-delete(9303)参考:网址:http://www.iss.net/security_center/static/9303.php2.14.2之前Bugzilla 2.14, 2.16之前2.16 rc2,允许经过身份验证的用户具有编辑权限删除其他用户通过直接调用editusers。cgi脚本“▽”选项。修改:ADDREF XF: bugzilla-edituser-user-delete(9303)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0806能接受(4接受,2 ack, 0评论)目前投票:接受(3)科尔,贝克,弗伦奇等待墙修改(1)(1)Foat选民的评论:弗雷希> XF: bugzilla-edituser-user-delete(9303) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0808网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0808最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020729类别:科幻参考:BUGTRAQ: 20020608 (BUGZILLA)安全顾问为2.14版本的BUGZILLA 2.14.2之前,和2.16之前2.16 rc2参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html参考:确认:http://bugzilla.mozilla.org/show_bug.cgi?id=107718参考:REDHAT: RHSA-2002:109参考:报价:4964参考:网址:http://online.securityfocus.com/bid/4964参考:XF: bugzilla-masschange-change-groupset(9305)参考:网址:http://www.iss.net/security_center/static/9305.php2.14.2之前Bugzilla 2.14, 2.16之前2.16 rc2,当执行一个大规模的变化,集所有bug的groupset groupset的第一个错误,可能无意中导致不安全的groupset权限分配给一些bug。修改:ADDREF XF: bugzilla-masschange-change-groupset(9305)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0808能接受(4接受,2 ack, 0评论)目前投票:接受(3)科尔,贝克,弗伦奇等待墙修改(1)(1)Foat选民的评论:弗雷希> XF: bugzilla-masschange-change-groupset(9305) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0809网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0809最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020729类别:科幻参考:BUGTRAQ: 20020608 (BUGZILLA)安全顾问为2.14版本的BUGZILLA 2.14.2之前,和2.16之前2.16 rc2参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html参考:确认:http://bugzilla.mozilla.org/show_bug.cgi?id=148674参考:REDHAT: RHSA-2002:109参考:报价:4964参考:网址:http://online.securityfocus.com/bid/4964参考:XF: bugzilla-group-permissions-removal(10141)参考:网址:http://www.iss.net/security_center/static/10141.php2.14.2之前Bugzilla 2.14, 2.16之前2.16 rc2,不妥善处理url编码字段名称生成一些浏览器,这可能导致某些领域似乎设置,已删除组权限的影响当buglist bug。cgi提供编码字段名称。修改:ADDREF XF: bugzilla-group-permissions-removal(10141)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0809能接受(4接受,2 ack, 0评论)目前投票:接受(3)科尔,贝克,弗伦奇等待墙修改(1)(1)Foat选民的评论:弗雷希> XF: bugzilla-group-permissions-removal(10141) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0810网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0810最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020729类别:科幻参考:BUGTRAQ: 20020608 (BUGZILLA)安全顾问为2.14版本的BUGZILLA 2.14.2之前,和2.16之前2.16 rc2参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html参考:确认:http://bugzilla.mozilla.org/show_bug.cgi?id=92263参考:REDHAT: RHSA-2002:109参考:报价:4964参考:网址:http://online.securityfocus.com/bid/4964参考:XF: bugzilla-shadow-database-information(9306)参考:网址:http://www.iss.net/security_center/static/9306.php2.14.2之前Bugzilla 2.14, 2.16之前2.16 rc2,指导错误消息从syncshadowdb命令HTML输出,这可能泄漏敏感信息,包括明文密码,如果syncshadowdb失败。修改:ADDREF XF: bugzilla-shadow-database-information(9306)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0810能接受(4接受,2 ack, 0评论)目前投票:接受(3)科尔,贝克,弗伦奇等待墙修改(1)(1)Foat选民的评论:弗雷希> XF: bugzilla-shadow-database-information(9306) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0813网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0813最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020730类别:科幻参考:BUGTRAQ: 20020727 Phenoelit咨询,0815 + + * - Cisco_tftp参考:网址:http://online.securityfocus.com/archive/1/284634参考:思科:20020730 TFTP长文件名脆弱性参考:网址:http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml参考:BUGTRAQ: 20020822思科IOS开发PoC参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=103002169829669&w=2参考:XF: cisco-tftp-filename-bo(9700)参考:网址:http://www.iss.net/security_center/static/9700.php参考:报价:5328参考:网址:http://www.securityfocus.com/bid/5328基于堆的缓冲区溢出在TFTP服务器能力思科IOS 11.1, 11.2和11.3允许远程攻击者造成拒绝服务(重置)或修改配置通过长文件名。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0813能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,贝克,墙壁无操作(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0814网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0814最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020730类别:科幻参考:BUGTRAQ: 20020724 VMware GSX服务器远程缓冲区溢出参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102752511030425&w=2参考:BUGTRAQ: 20020726 Re: VMware GSX服务器远程缓冲区溢出参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102765223418716&w=2参考:NTBUGTRAQ: 20020805 VMware GSX服务器2.0.1版本和安全警报参考:网址:http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0057.html参考:确认:http://www.vmware.com/download/gsx_security.html参考:XF: vmware-gsx-auth-bo(9663)参考:网址:http://www.iss.net/security_center/static/9663.php参考:报价:5294参考:网址:http://www.securityfocus.com/bid/5294缓冲区溢出的VMware授权服务服务器VMware GSX 2.0.0构建- 2050远程经过身份验证的用户可以执行任意代码通过一个长期的全球观点。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 0814能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,贝克,Foat等待(2)考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0816网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0816最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020731类别:科幻参考:BUGTRAQ: 20020719 tru64概念证明/bin/su非执行绕过参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102709593117171&w=2参考:康柏:SSRT2257参考:网址:http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html参考:报价:5272参考:网址:http://online.securityfocus.com/bid/5272参考:XF: tru64-su-bo(9640)参考:网址:http://www.iss.net/security_center/static/9640.php缓冲区溢出在苏Tru64 Unix 5。x允许本地用户获得根权限通过很长的用户名和参数。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0816 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(2)科尔,贝克等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0817网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0817最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020801类别:科幻参考:BUGTRAQ: 20020731超级错误引用:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102812622416695&w=2参考:VULNWATCH: 20020730超级错误引用:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0045.html参考:DEBIAN: dsa - 139参考:网址:http://www.debian.org/security/2002/dsa - 139参考:XF: super-syslog-format-string(9741)参考:网址:http://www.iss.net/security_center/static/9741.php参考:报价:5367参考:网址:http://www.securityfocus.com/bid/5367格式字符串漏洞在超级Linux允许本地用户获得根权限通过命令行参数。修改:ADDREF VULNWATCH: 20020730 (VULNWATCH)超级虫子ADDREF XF: super-syslog-format-string (9741) ADDREF报价:5367分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0817能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,贝克,墙壁无操作(3)Christey,考克斯Foat选民的评论:Christey > XF: super-syslog-format-string(9741)网址:http://www.iss.net/security_center/static/9741.phpVULNWATCH: 20020730 (VULNWATCH)超级错误URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0045.html报价:5367网址:http://www.securityfocus.com/bid/5367= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0818网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0818最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020801类别:科幻参考:BUGTRAQ: 20020718 wwwoffle - 2.7 - b和之前这种错误消极的内容长度值参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0194.html参考:SUSE: SuSE-SA: 2002:029参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102821890317683&w=2参考:DEBIAN: dsa - 144参考:网址:http://www.debian.org/security/2002/dsa - 144参考:火山口:综援- 2002 - 048.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 048.0.txt参考:XF: wwwoffle-neg-length-bo(9619)参考:网址:http://www.iss.net/security_center/static/9619.php参考:报价:5260参考:网址:http://www.securityfocus.com/bid/5260wwwoffled在万维网离线Explorer (WWWOFFLE)允许远程攻击者可能导致拒绝服务和执行任意代码通过一个负面内容长度值。修改:ADDREF火山口:综援- 2002 - 048.0分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0818能接受(3接受,3 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(4)Christey,考克斯墙,Foat选民的评论:Christey >火山口:综援- 2002 - 048.0 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0823网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0823最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020802类别:科幻参考:BUGTRAQ: 20020801 Winhelp32远程缓冲区溢出参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102822806329440&w=2参考:NTBUGTRAQ: 20020801 Winhlp32。exe远程BufferOverrun参考:MSKB: Q293338参考:网址:http://support.microsoft.com/default.aspx?scid=kb; en - us; q293338参考:XF: htmlhelp-item-bo(9746)参考:网址:http://www.iss.net/security_center/static/9746.php参考:报价:4857参考:网址:http://www.securityfocus.com/bid/4857在Winhlp32缓冲区溢出。exe允许远程攻击者通过HTML文档执行任意代码调用HTML帮助ActiveX控件(HHCtrl.ocx)长路径名项参数。修改:ADDREF XF: htmlhelp-item-bo (9746) ADDREF报价:4857分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0823能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,阿姆斯特朗,贝克,墙壁无操作(3)Christey,考克斯Foat选民的评论:Christey > XF: htmlhelp-item-bo(9746)网址:http://www.iss.net/security_center/static/9746.php报价:4857网址:http://www.securityfocus.com/bid/4857MSKB: Q293338网址:http://support.microsoft.com/default.aspx?scid=kb; (LN); Q293338= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0824网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0824最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020803类别:科幻参考:FREEBSD: FreeBSD-SA-02:32。pppd参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102812546815606&w=2参考:NETBSD: NETBSD - sa2002 - 010参考:网址:ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd sa2002 txt.asc——010.参考:OPENBSD: 20020729 011:安全修复:7月29日,2002参考:网址:http://www.openbsd.org/errata31.html参考:XF: pppd-race-condition(9738)参考:网址:http://www.iss.net/security_center/static/9738.php参考:报价:5355参考:网址:http://www.securityfocus.com/bid/5355BSD pppd允许本地用户改变任意文件的权限通过一个符号链接攻击一个被指定为tty设备文件。修改:DESC添加“BSD ADDREF XF: pppd-race-condition (9738) ADDREF报价:5355 ADDREF OPENBSD: 20020729 011:安全修复:7月29日,2002年的分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0824能接受(3接受,3 ack, 0评论)目前投票:接受(2)科尔,贝克修改(1)考克斯等待(3)Christey,墙,Foat选民的评论:考克斯“BSD pppd”Christey > >改变XF: pppd-race-condition(9738)网址:http://www.iss.net/security_center/static/9738.php报价:5355网址:http://www.securityfocus.com/bid/5355= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0826网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0826最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020806类别:科幻参考:ATSTAKE: A080802-1参考:网址:http://www.atstake.com/research/advisories/2002/a080802 - 1. - txt参考:确认:http://www.ipswitch.com/Support/WS_FTP-Server/patch-upgrades.html参考:XF: wsftp-site-cpwd-bo(9794)参考:网址:http://www.iss.net/security_center/static/9794.php参考:报价:5427参考:网址:http://www.securityfocus.com/bid/5427缓冲区溢出在WS_FTP FTP服务器3.1.1允许远程身份验证的用户通过长网站CPWD命令执行任意代码。修改:ADDREF XF: wsftp-site-cpwd-bo (9794) ADDREF报价:5427分析- - - - - - - - - -供应商确认:是的、确认:供应商的补丁/升级页面包括一个项目3.1.2“纠正一个网站的安全问题处理的有关CPWD命令……固定在CPWD命令缓冲区溢出”推断行动:- 2002 - 0826能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,阿姆斯特朗,贝克,墙壁无操作(3)Christey,考克斯Foat选民的评论:Christey > XF: wsftp-site-cpwd-bo(9794)网址:http://www.iss.net/security_center/static/9794.php报价:5427网址:http://www.securityfocus.com/bid/5427= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0829网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0829最终决定:阶段性裁决:20030326修改:20030324 - 01提议:20020830分配:20020806类别:科幻参考:FREEBSD: FreeBSD-SA-02:35。ffs参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102865404413458&w=2参考:XF: freebsd-ffs-integer-overflow(9771)参考:网址:http://www.iss.net/security_center/static/9771.php参考:报价:5399参考:网址:http://www.securityfocus.com/bid/5399整数溢出在Berkeley快速文件系统(FFS)在FreeBSD 4.6.1 RELEASE-p4早些时候,允许本地用户访问任意文件内容在FFS获得特权通过创建一个文件大于所允许的虚拟内存系统。修改:ADDREF XF: freebsd-ffs-integer-overflow (9771) ADDREF报价:5399分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0829能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(4)Christey,考克斯墙,Foat选民的评论:Christey > XF: freebsd-ffs-integer-overflow(9771)网址:http://www.iss.net/security_center/static/9771.php报价:5399网址:http://www.securityfocus.com/bid/5399= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0830网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0830最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020806类别:科幻参考:FREEBSD: FreeBSD-SA-02:36。nfs参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102865517214722&w=2参考:确认:http://www.info.apple.com/usen/security/security_updates.html参考:NETBSD: NETBSD - sa2002 - 013参考:网址:ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd sa2002 txt.asc——013.网络文件系统(NFS)在FreeBSD 4.6.1 RELEASE-p7早些时候,NetBSD 1.5.3和更正,可能还有其他操作系统,允许远程攻击者造成拒绝服务(挂)通过RPC消息以零长度载荷,导致NFS参考前一个有效载荷,进入一个无限循环。修改:ADDREF确认:http://www.info.apple.com/usen/security/security_updates.htmlADDREF NETBSD: NETBSD - sa2002 - 013 DESC包括其他操作系统分析- - - - - - - - - -供应商确认:是的咨询确认:苹果承认这在其安全更新日期为2002-11-21(直接引用不能被发现)。推断行动:- 2002 - 0830能接受(3接受,3 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(4)Christey,考克斯墙,Foat选民的评论:Christey >确认:http://www.info.apple.com/usen/security/security_updates.html(苹果说:“这是FreeBSD-SA-02:36.nfs”) Christey > NETBSD: NETBSD - sa2002 - 013网址:ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd sa2002 txt.asc——013.= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0831网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0831最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020806类别:科幻参考:FREEBSD: FreeBSD-SA-02:37。kqueue参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102865142610126&w=2参考:XF: freebsd-kqueue-dos(9774)参考:网址:http://www.iss.net/security_center/static/9774.php参考:报价:5405参考:网址:http://www.securityfocus.com/bid/5405kqueue机制在FreeBSD 4.3到4.6稳定允许本地用户造成拒绝服务(内核恐慌)通过电话管一端的终止和EVFILT_WRITE过滤器的另一端。修改:ADDREF XF: freebsd-kqueue-dos (9774) ADDREF报价:5405分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0831能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(4)Christey,考克斯墙,Foat选民的评论:Christey > XF: freebsd-kqueue-dos(9774)网址:http://www.iss.net/security_center/static/9774.php报价:5405网址:http://www.securityfocus.com/bid/5405= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0845网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0845最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020809类别:科幻参考:BUGTRAQ: 20020808达:太阳(TM)一个/ iPlanet Web服务器4.1和6.0远程缓冲区溢出参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102890933623192&w=2参考:确认:http://www.sun.com/service/support/software/iplanet/alerts/transferencodingalert-23july2002.html参考:XF: iplanet-chunked-encoding-bo(9799)参考:网址:http://www.iss.net/security_center/static/9799.php参考:报价:5433参考:网址:http://www.securityfocus.com/bid/5433缓冲区溢出在太阳/ iPlanet Web Server 4.1和6.0允许远程攻击者通过一个HTTP请求执行任意代码使用分块传输编码。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0845能接受(5接受,1 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,贝克,墙,Foat等待考克斯(1)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0846网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0846最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020809类别:科幻参考:BUGTRAQ: 20020808达:Macromedia Flash冲击波畸形头溢出参考:BUGTRAQ: 20020830 RE: Macromedia Flash冲击波畸形头溢出参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=103072708329280&w=2参考:确认:http://www.macromedia.com/v1/handlers/index.cfm?ID=23293参考:XF: flash-swf-header-bo(9798)参考:网址:http://www.iss.net/security_center/static/9798.php参考:报价:5430参考:网址:http://www.securityfocus.com/bid/5430Macromedia Flash冲击波的译码器允许远程攻击者执行任意代码通过一个畸形的SWF头包含更多的数据比指定的长度。修改:ADDREF BUGTRAQ: 20020830 RE: Macromedia Flash冲击波畸形头溢出ADDREF XF: flash-swf-header-bo (9798) ADDREF报价:5430分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0846能接受(5接受,1 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,贝克,考克斯墙无操作(2)Christey, Foat选民的评论:Christey > BUGTRAQ: 20020830 RE: Macromedia Flash冲击波畸形头溢出URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103072708329280&w=2Christey > XF: flash-swf-header-bo(9798)网址:http://www.iss.net/security_center/static/9798.php报价:5430网址:http://www.securityfocus.com/bid/5430= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0847网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0847最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020809类别:科幻参考:DEBIAN: dsa - 145参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102874450402924&w=2参考:确认:http://sourceforge.net/project/shownotes.php?release_id=88790参考:XF: tinyproxy-memory-corruption(9079)参考:网址:http://www.iss.net/security_center/static/9079.php参考:报价:4731参考:网址:http://www.securityfocus.com/bid/4731tinyproxy HTTP代理1.5.0,3,早些时候允许远程攻击者通过内存被释放两次执行任意代码(双重释放)。分析- - - - - - - - - -供应商确认:是的咨询确认:供应商的更新日志1.5.0状态:“固定一堆内存泄漏,内存被释放两次的情况下一个潜在的安全问题。”INFERRED ACTION: CAN-2002-0847 ACCEPT (3 accept, 2 ack, 0 review) Current Votes: ACCEPT(3) Cole, Armstrong, Baker NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-0848 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0848最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020809类别:科幻参考:思科:20020807思科VPN 5000系列集中器半径PAP身份验证漏洞参考:网址:http://www.cisco.com/warp/public/707/vpn5k-radius-pap-vuln-pub.shtml参考:XF: cisco-vpn5000-plaintext-password(9781)参考:网址:http://www.iss.net/security_center/static/9781.php参考:报价:5417参考:网址:http://www.securityfocus.com/bid/5417思科VPN 5000系列集中器硬件6.0.21.0002和早些时候,5.2.23.0003早些时候,当使用半径与一种挑战的密码身份验证协议(PAP)或挑战,发送明文的用户密码验证重试请求,这可能允许远程攻击者盗取密码通过嗅探。修改:ADDREF XF: cisco-vpn5000-plaintext-password (9781) ADDREF报价:5417分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0848能接受(5接受,1 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,贝克,墙,Foat等待(2)Christey,考克斯选民的评论:Christey > XF: cisco-vpn5000-plaintext-password(9781)网址:http://www.iss.net/security_center/static/9781.php报价:5417网址:http://www.securityfocus.com/bid/5417= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0851网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0851最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020810类别:科幻参考:VULNWATCH: 20020809本地根利用参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0068.html参考:SUSE: SuSE-SA: 2002:030参考:XF: isdn4linux-ipppd-format-string(9811)参考:网址:http://www.iss.net/security_center/static/9811.php参考:报价:5437参考:网址:http://www.securityfocus.com/bid/5437格式字符串漏洞在ISDN点对点协议(PPP)守护进程(ipppd) ISDN4Linux (i4l)包允许本地用户获得根权限通过设备名称的格式字符串命令行参数,这不是在调用syslog妥善处理。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0851能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,阿姆斯特朗,贝克,墙壁无操作(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0853网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0853最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020812类别:科幻参考:思科:20020812思科VPN客户端多个漏洞参考:网址:http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml参考:CERT-VN: VU # 287771参考:网址:http://www.kb.cert.org/vuls/id/287771参考:XF: cisco-vpn-zerolength-dos(9821)参考:网址:http://www.iss.net/security_center/static/9821.php参考:报价:5440参考:网址:http://www.securityfocus.com/bid/5440思科虚拟专用网(VPN)客户3.5.4早些时候,允许远程攻击者造成拒绝服务(CPU消耗)通过一个包和一个零长度负载。修改:ADDREF CERT-VN: VU # 287771 ADDREF XF: cisco-vpn-zerolength-dos (9821) ADDREF报价:5440分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0853能接受(5接受,2 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,贝克,墙,Foat等待(2)Christey,考克斯选民的评论:Christey > CERT-VN: VU # 287771网址:http://www.kb.cert.org/vuls/id/287771XF: cisco-vpn-zerolength-dos(9821)网址:http://www.iss.net/security_center/static/9821.php报价:5440网址:http://www.securityfocus.com/bid/5440= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0856网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0856最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020813类别:科幻参考:国际空间站:20020813远程拒绝服务漏洞在Oracle9i SQL *网参考:网址:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20941参考:VULNWATCH: 20020813国际空间站安全简单:远程拒绝服务漏洞在Oracle9i SQL *网参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0072.html参考:确认:http://otn.oracle.com/deploy/security/pdf/2002alert38rev1.pdf参考:XF: oracle-listener-debug-dos(9237)参考:网址:http://www.iss.net/security_center/static/9237.php参考:报价:5457参考:网址:http://www.securityfocus.com/bid/5457SQL *净侦听器Oracle Oracle9i 9.0。x和9.2允许远程攻击者造成拒绝服务(崩溃)通过某些调试调试不妥善处理的请求功能。修改:ADDREF报价:5457 ADDREF VULNWATCH: 20020813国际空间站安全简单:远程拒绝服务漏洞在Oracle9i SQL *网分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0856 ACCEPT_ACK(2接受,2 ack, 0评论)目前投票:接受(2)阿姆斯特朗,贝克等待(5)科尔,Christey,考克斯墙,Foat选民的评论:Christey >报价:5457网址:http://www.securityfocus.com/bid/5457VULNWATCH: 20020813国际空间站安全简单:远程拒绝服务漏洞在Oracle9i SQL *网网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0072.html= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0859网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0859最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020815类别:科幻参考:BUGTRAQ: 20020619 Microsoft SQL Server 2000 OpenDataSource缓冲区溢出(# NISR19062002)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102450188620081&w=2参考:MISC:http://www.nextgenss.com/advisories/mssql-ods.txt参考:XF: mssql-jet-ods-bo(9375)参考:网址:http://www.iss.net/security_center/static/9375.php参考:报价:5057参考:网址:http://www.securityfocus.com/bid/5057参考:MSKB: Q282010参考:网址:http://support.microsoft.com/default.aspx?scid=kb; (LN); Q282010缓冲区溢出OpenDataSource函数喷气发动机的Microsoft SQL Server 2000允许远程攻击者执行任意代码。修改:ADDREF XF: mssql-jet-ods-bo (9375) ADDREF MSKB: Q282010 ADDREF报价:5057 ADDREF MISC:http://www.nextgenss.com/advisories/mssql-ods.txt分析- - - - - - - - - -供应商确认:是的领域相符确认:知识库文章引用NGSSoftware没有明确承认问题;然而,微软承认这个问题通过电子邮件询价。推断行动:- 2002 - 0859能接受(5接受,1 ack, 0评论)目前投票:接受(4)科尔,绿色,贝克,弗伦奇等待墙修改(1)(2)考克斯Foat选民的评论:弗雷希> XF: mssql-jet-ods-bo(9375) = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0860网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0860最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020815类别:科幻参考:女士:ms02 - 044参考:网址:http://www.microsoft.com/technet/security/bulletin/ms02 - 044. - asp参考:BUGTRAQ: 20020408阅读本地文件与油水界面在IE (GM # 006 - IE)参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=101829911018463&w=2参考:XF: owc-spreadsheet-loadtext-read-files(8778)参考:网址:http://www.iss.net/security_center/static/8778.php参考:报价:4453参考:网址:http://online.securityfocus.com/bid/4453LoadText方法在电子表格组件在Microsoft Office Web组件(油水界面)2000年和2002年通过Internet Explorer允许远程攻击者读取任意文件通过一个URL重定向到目标文件。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0860能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,阿姆斯特朗,贝克,墙壁无操作(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0871网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0871最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:DEBIAN: dsa - 151参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102927065426172&w=2参考:曼德拉草:MDKSA-2002:053参考:网址:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 053. - php参考:REDHAT: RHSA-2002:196参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 196. - html参考:BUGTRAQ: 20020814 GLSA: xinetd参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102935383506155&w=2参考:XF: xinetd-signal-leak-dos(9844)参考:网址:http://www.iss.net/security_center/static/9844.php参考:报价:5458参考:网址:http://www.securityfocus.com/bid/5458xinetd 2.3.4泄漏文件描述符的信号管由xinetd启动的服务,可以让这些服务通过管引起拒绝服务。修改:DESC修复错误ADDREF曼德拉草:MDKSA-2002:053 ADDREF XF: xinetd-signal-leak-dos (9844) ADDREF报价:5458 ADDREF红帽:RHSA-2002:196分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0871能接受(5接受,2 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,贝克,考克斯Foat等待(2)Christey,墙选民的评论:Christey >曼德拉草:MDKSA-2002:053 URL:http://www.linux mandrake.com/en/security/2002/mdksa - 2002 - 053. - phpXF: xinetd-signal-leak-dos(9844)网址:http://www.iss.net/security_center/static/9844.php报价:5458网址:http://www.securityfocus.com/bid/5458Christey >错误:“让这些服务导致“Christey > REDHAT: RHSA-2002:196修复错误:“导致”= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0872网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0872最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020813新l2tpd release 0.68参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-08/0102.html参考:DEBIAN: dsa - 152参考:网址:http://www.debian.org/security/2002/dsa - 152参考:报价:5451参考:网址:http://www.securityfocus.com/bid/5451参考:XF: l2tpd-rand-number-predictable(9845)参考:网址:http://www.iss.net/security_center/static/9845.phpl2tpd 0.67不初始化随机数生成器,它允许远程攻击者劫持会话。修改:ADDREF BUGTRAQ: 20020813新l2tpd release 0.68 ADDREF报价:5451 ADDREF XF: l2tpd-rand-number-predictable(9845)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0872能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(4)Christey,考克斯墙,Foat选民的评论:Christey > BUGTRAQ: 20020813新l2tpd release 0.68 URL:http://archives.neohapsis.com/archives/bugtraq/2002-08/0102.html报价:5451网址:http://www.securityfocus.com/bid/5451XF: l2tpd-rand-number-predictable(9845)网址:http://www.iss.net/security_center/static/9845.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0873网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0873最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020813新l2tpd release 0.68参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102925612907148&w=2参考:DEBIAN: dsa - 152参考:网址:http://www.debian.org/security/2002/dsa - 152参考:XF: l2tpd-vendor-field-bo(10460)参考:网址:http://www.iss.net/security_center/static/10460.php脆弱性l2tpd 0.67允许远程攻击者覆盖供应商字段通过长值的属性/值对,可能通过缓冲区溢出。修改:ADDREF XF: l2tpd-vendor-field-bo(10460)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0873能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(4)Christey,考克斯墙,Foat选民的评论:Christey >考虑删除Bugtraq引用,因为它似乎并没有提及这个问题,除非它的标题“解决一些由6 avon中的错误处理”= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0875网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0875最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:DEBIAN: dsa - 154参考:网址:http://www.debian.org/security/2002/dsa - 154参考:SGI: 20000301 - 03 -我参考:网址:ftp://patches.sgi.com/support/free/security/advisories/20000301-03-I参考:FREEBSD: FreeBSD-SN-02:05参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc参考:报价:5487参考:网址:http://online.securityfocus.com/bid/5487参考:XF: sgi-fam-insecure-permissions(9880)参考:网址:http://www.iss.net/security_center/static/9880.php2.6.6脆弱性FAM 2.6.8,其他版本允许无特权的用户获得的名称访问仅限于根组的文件。修改:ADDREF SGI: 20000301 - 03 -我ADDREF FREEBSD: FreeBSD-SN-02:05 ADDREF报价:5487 ADDREF XF: sgi-fam-insecure-permissions(9880)分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0875能接受(3接受,3 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(4)Christey,考克斯墙,Foat选民的评论:Christey > SGI: 20000301 - 03 -我FREEBSD: FreeBSD-SN-02:05 URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc报价:5487网址:http://online.securityfocus.com/bid/5487XF: sgi-fam-insecure-permissions(9880)网址:http://www.iss.net/security_center/static/9880.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0887网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0887最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20010522 (SRT2001-10) - scoadmin / tmp问题参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=99057164129869&w=2参考:火山口:综援- 2002上海合作组织。22个参考:网址:ftp://stage.caldera.com/pub/security/openserver/cssa - 2002 sco.22/cssa - 2002 sco.22.txt参考:报价:4875参考:网址:http://www.securityfocus.com/bid/4875参考:XF: openserver-scoadmin-symlink(9210)参考:网址:http://www.iss.net/security_center/static/9210.phpscoadmin火山口/上海合作组织OpenServer 5.0.5 5.0.6允许本地用户覆盖任意文件通过一个符号链接攻击临时文件,演示了使用日志文件。修改:DESC澄清作用的日志文件分析- - - - - - - - - -供应商确认:是的咨询确认:火山咨询学分”凯文·菲尼斯特雷(dotslash@snosoft.com)”在这个问题上,他认为楼主Bugtraq。推断行动:- 2002 - 0887能接受(6接受,1 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,Alderson,贝克,琼斯弗雷希修改(1)无操作(2)考克斯Foat选民的评论:琼斯>建议删除从CVE描述(即“日志”。”,……在临时文件。”)。火山口表示“临时文件”,这可能是除了日志文件;日志文件被发现者作为一个概念验证,但问题是应用程序的创建和使用的临时文件。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0889网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0889最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:VULN-DEV: 20020428 QPopper 4.0.4缓冲区溢位参考:网址:http://marc.theaimsgroup.com/?l=vuln-dev&m=102003707432457&w=2参考:BUGTRAQ: 20020428 QPopper 4.0.4缓冲区溢位参考:网址:http://online.securityfocus.com/archive/1/269969参考:火山口:综援- 2002上海合作组织。20参考:网址:ftp://stage.caldera.com/pub/security/openserver/cssa - 2002 sco.20/cssa - 2002 sco.20.txt参考:XF: qpopper-bulldir-bo(8949)参考:网址:http://www.iss.net/security_center/static/8949.php参考:报价:4614参考:网址:http://www.securityfocus.com/bid/4614缓冲区溢出在Qpopper波普尔4.0.4,早些时候允许本地用户可能导致拒绝服务和执行任意代码通过一个长bulldir论点在用户的.qpopper-options配置文件。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0889能接受(6接受,1 ack, 0评论)目前投票:接受(6)科尔,阿姆斯特朗,Alderson,贝克,抑郁症,琼斯等待(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0891网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0891最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020527防火墙25未经授权重启问题参考:网址:http://online.securityfocus.com/archive/1/274240参考:确认:http://www.netscreen.com/support/ns25_reboot.html参考:XF: netscreen-screenos-username-dos(9186)参考:网址:http://www.iss.net/security_center/static/9186.php参考:报价:4842参考:网址:http://www.securityfocus.com/bid/4842防火墙的web界面(WebUI) ScreenOS 2.6.1r8之前,和某些2.8。3.0 x和。x版本3.0.3r1之前,允许远程攻击者造成拒绝服务(崩溃)通过一个用户名。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0891能接受(6接受,1 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,Alderson,贝克,琼斯弗雷希修改(1)无操作(3)Christey,考克斯Foat选民的评论:琼斯> /防火墙警告,脆弱的版本应该是:“2.6.1r8之前版本,2.8.0r2、2.8.1r1 3.0.1r2, 3.0.2r3, 3.0.3r1。”Christey> The NetScreen alert referenced in the CONFIRM URL, dated June 3, 2002, says that the problem was "addressed in all versions of ScreenOS released after April 23, 2002. This list includes versions 2.6.1r8 and later, 2.8.0r2 and later, 2.8.1r1 and later, 3.0.1r2 and later, 3.0.2r3 and later, 3.0.3r1 and later" I've modified the description to reflect these ranges, though not to the level of detail covered by the advisory. ====================================================== Candidate: CAN-2002-0892 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0892最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:CF参考:BUGTRAQ: 20020522多个漏洞NewAtlanta ServletExec ISAPI 4.1参考:网址:http://online.securityfocus.com/archive/1/273615参考:VULNWATCH: 20020522 (VULNWATCH)多个漏洞NewAtlanta ServletExec ISAPI 4.1参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0077.html参考:确认:http://www.newatlanta.com/do/findFaq?faq_id=151参考:报价:4793参考:网址:http://www.securityfocus.com/bid/4793参考:XF: servletexec-jsp10servlet-path-disclosure(9139)参考:网址:http://www.iss.net/security_center/static/9139.php的默认配置NewAtlanta ServletExec ISAPI 4.1允许远程攻击者来决定网络的路径通过直接请求com.newatlanta.servletexec根。JSP10Servlet没有文件名,在一条错误消息泄漏路径名。分析- - - - - - - - - -供应商确认:确认:151 ServletExec FAQ条目的问题“如果我请求一个JSP页面,不存在我收到回复在我的浏览器中,透露我web服务器的文档根目录的绝对路径或者文档根我的web应用程序。这难道不是一个安全风险?”The response is: "Use the errorPage init parameter with the JSP10Servlet so that the JSP10Servlet will no longer use the default response which discloses the path." INFERRED ACTION: CAN-2002-0892 ACCEPT (6 accept, 1 ack, 0 review) Current Votes: ACCEPT(5) Cole, Armstrong, Alderson, Baker, Frech MODIFY(1) Jones NOOP(2) Cox, Foat Voter Comments: Jones> CVE description should read "... via a direct request to /servlet/com.newatlanta.servletexec.JSP10Servlet/ without ..." ====================================================== Candidate: CAN-2002-0897 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0897最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:VULNWATCH: 20020524 [SecurityOffice] LocalWeb2000 Web服务器文件访问保护脆弱参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0079.html参考:BUGTRAQ: 20020524 [SecurityOffice] LocalWeb2000 Web服务器文件访问保护脆弱参考:网址:http://online.securityfocus.com/archive/1/274020参考:报价:4820参考:网址:http://www.securityfocus.com/bid/4820参考:XF: localweb2k-protection-bypass(9165)参考:网址:http://www.iss.net/security_center/static/9165.phpLocalWEB2000 2.1.0的web服务器允许远程攻击者绕过访问限制限制文件通过一个URL包含“/。/”目录。修改:CHANGEREF VULNWATCH(规范化)分析- - - - - - - - - -供应商确认:确认:电子邮件查询发送到bugalert@intranet-server.co。2002年7月28日,英国。推断行动:- 2002 - 0897能接受(3接受0 ack, 0评论)目前投票:接受男性(3)艾德森,抑郁症,琼斯等待(4)科尔,阿姆斯特朗,考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0898网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0898最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:NTBUGTRAQ: 20020527阅读任何本地文件在歌剧(GM # 001 - op)参考:网址:http://marc.theaimsgroup.com/?l=ntbugtraq&m=102256058220402&w=2参考:BUGTRAQ: 20020527阅读任何本地文件在歌剧(GM # 001 - op)参考:网址:http://online.securityfocus.com/archive/1/274202参考:确认:http://www.opera.com/windows/changelog/log603.html参考:报价:4834参考:网址:http://www.securityfocus.com/bid/4834参考:XF: opera-browser-file-retrieval(9188)参考:网址:http://www.iss.net/security_center/static/9188.php歌剧6.0.1和6.0.2允许远程网站上传任意文件从客户机系统,没有促使客户端,通过输入type =文件标记的值包含一个换行符。修改:DESC修复错误分析- - - - - - - - - -供应商确认:是的、确认:歌剧的更改日志6.0.3说“文件上传固定安全问题,据GreyMagic软件,”问题的发现者。推断行动:- 2002 - 0898能接受(6接受,1 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,Alderson,贝克,琼斯弗雷希修改(1)无操作(2)考克斯Foat选民的评论:琼斯>“arbiotrary”应该是“任意”。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0900网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0900最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020524 pks公钥服务器DOS和远程执行参考:网址:http://online.securityfocus.com/archive/1/274107参考:确认:http://www.rubin.ch/pgp/src/patch_buffoverflow20020525参考:报价:4828参考:网址:http://www.securityfocus.com/bid/4828参考:XF: pgp-pks-search-bo(9171)参考:网址:http://www.iss.net/security_center/static/9171.php缓冲区溢出在pks PGP公钥web服务器0.9.5允许远程攻击者可能导致拒绝服务(崩溃)和执行任意代码通过一个长时间的搜索参数查找功能。修改:ADDREF确认:http://www.rubin.ch/pgp/src/patch_buffoverflow20020525分析- - - - - - - - - -供应商确认:确认:伊斯兰公正福利党开发者,理查德•布车阵发了一封邮件2月25日,2003年,说一个补丁是可用的。他还说,0.9.5和后来的版本是固定的。推断行动:- 2002 - 0900 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受男性(2)艾德森,弗雷希无操作(6)Foat,科尔,阿姆斯特朗,Christey,考克斯,琼斯选民的评论:琼斯>不清楚哪些版本是脆弱的。理查德•布车阵Christey >与其开发人员,2月25日发了一封邮件,2003年,说一个补丁是可用的。确认:http://www.rubin.ch/pgp/src/patch_buffoverflow20020525他还说,0.9.5和后来的版本是固定的。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0904网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0904最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:VULN-DEV: 20020529新Kismet包- SayText()和suid kismet_server问题参考:网址:http://marc.theaimsgroup.com/?l=vuln-dev&m=102269718506080&w=2参考:BUGTRAQ: 20020528新Kismet包可用——SayText()和suid kismet_server问题参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0259.html参考:确认:http://www.kismetwireless.net/CHANGELOG参考:报价:4883参考:网址:http://www.securityfocus.com/bid/4883参考:XF: kismet-saytext-command-execution(9213)参考:网址:http://www.iss.net/security_center/static/9213.phpSayText函数Kismet 2.2.1早些时候,允许远程攻击者通过执行任意命令shell元字符(撇号或管道)essid论点。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商的更新日志,一个条目日期为“2002年5月27日”表示“固定remote-exploitable洞(ack)拥有精心设计的SSID是"推断行动:- 2002 - 0904能接受(6接受,1 ack, 0评论)目前投票:接受(6)科尔,阿姆斯特朗,Alderson,贝克,抑郁症,琼斯等待(2)Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0906网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0906最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:CERT-VN: VU # 814627参考:网址:http://www.kb.cert.org/vuls/id/814627参考:确认:http://www.sendmail.org/8.12.5.html参考:报价:5122参考:网址:http://www.securityfocus.com/bid/5122参考:XF: sendmail-dns-txt-bo(9443)参考:网址:http://www.iss.net/security_center/static/9443.php缓冲区溢出在Sendmail 8.12.5,当配置为使用一个定制的DNS查询映射到TXT记录,允许远程攻击者可能导致拒绝服务和通过一个恶意的DNS服务器执行任意代码。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0906能接受(7接受,2 ack, 0评论)目前投票:接受(7)Foat,科尔,绿色,贝克,抑郁症,考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0911网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0911最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:火山口:综援- 2002 - 024.0参考:网址:ftp://ftp.caldera.com/pub/security/openlinux/cssa - 2002 024.0.txt参考:报价:4923参考:网址:http://www.securityfocus.com/bid/4923参考:XF: volution-manager-plaintext-password(9240)参考:网址:http://www.iss.net/security_center/static/9240.php火山口涡旋经理1.1存储在slapd目录管理员密码明文。配置文件,允许本地用户获得特权。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0911能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,贝克,弗雷希无操作(2)Foat,墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0914网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0914最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020601安全。NNOV:快递CPU疲惫+奖金imap-uw参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-05/0295.html参考:确认:http://sourceforge.net/project/shownotes.php?release_id=93065参考:报价:4908参考:网址:http://www.securityfocus.com/bid/4908参考:XF: courier-mta-year-dos(9228)参考:网址:http://www.iss.net/security_center/static/9228.php双精度快递邮件MTA允许远程攻击者造成拒绝服务(CPU消耗)通过消息或负极大值,导致一个紧密的循环。分析- - - - - - - - - -供应商确认:是的更新日志确认:一条更新日志包括可追溯到2002-05-20“rfc822_parsedt。c (rfc822_parsedt):忽略明显无效的年(别人会担心Y10K)。”INFERRED ACTION: CAN-2002-0914 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Cole, Baker, Frech NOOP(2) Foat, Wall ====================================================== Candidate: CAN-2002-0916 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0916最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:VULNWATCH: 20020603 [VULNWATCH] [DER # 11] - Remotey可利用的fmt鱿鱼引用字符串错误:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0087.html参考:BUGTRAQ: 20020604 (DER # 11)——Remotey可利用的fmt鱿鱼引用字符串错误:网址:http://online.securityfocus.com/archive/1/275347参考:确认:http://www.squid-cache.org/Versions/v2/2.4/diff-2.4.STABLE6-2.4.STABLE7.gz参考:报价:4929参考:网址:http://www.securityfocus.com/bid/4929参考:XF: msntauth-squid-format-string(9248)参考:网址:http://www.iss.net/security_center/static/9248.php格式字符串漏洞在allowuser代码Stellar-X msntauth身份验证模块,分布在2.4鱿鱼。STABLE6早些时候,允许远程攻击者执行任意代码通过用户名格式字符串,syslog调用不妥善处理。分析- - - - - - - - - -供应商确认:是的diff承认:尽管没有供应商报告,明确提及格式字符串的问题,很明显的差异(和通过电子邮件确认),主要变化是代码,解决格式字符串和缓冲区溢出问题最初报道。应该注意的是,鱿鱼分布是固定的,但原Stellar-X不是(截至7月29日)。推断行动:- 2002 - 0916能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,贝克,弗雷希无操作(2)Foat,墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0935网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0935最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:VULNWATCH: 20020620 [VULNWATCH]毕马威- 2002025:Apache Tomcat拒绝服务引用:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0120.html毕马威参考:BUGTRAQ: 20020620 - 2002025: Apache Tomcat拒绝服务引用:网址:http://online.securityfocus.com/archive/1/277940参考:XF: tomcat-null-thread-dos(9396)参考:网址:http://www.iss.net/security_center/static/9396.php参考:报价:5067参考:网址:http://www.securityfocus.com/bid/5067Apache Tomcat 4.0.3,可能还有其他版本4.1.3 beta之前,允许远程攻击者造成拒绝服务(资源枯竭)通过大量的请求到服务器以空字符,导致工作线程挂起。分析- - - - - - - - - -供应商确认:未知discloser-claimed推断行动:- 2002 - 0935能接受(4接受,0 ack, 0评论)目前投票:接受(4)科尔,绿色,贝克,弗雷希无操作(3)Foat,考克斯墙选民的评论:绿色>——SECURITYTRACKER报告说,这个问题已经被APACHE承认= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0938网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0938最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020614 XSS CiscoSecure ACS v3.0参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0156.html参考:BUGTRAQ: 20020621 Re: XSS CiscoSecure ACS v3.0参考:网址:http://online.securityfocus.com/archive/1/278222参考:报价:5026参考:网址:http://www.securityfocus.com/bid/5026参考:XF: ciscosecure-web-css(9353)参考:网址:http://www.iss.net/security_center/static/9353.php跨站点脚本漏洞CiscoSecure ACS 3.0允许远程攻击者执行任意脚本或HTML和其他网络用户通过安装程序链接的操作参数。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 0938能接受(5接受,1 ack, 0评论)目前投票:接受(5)科尔,绿色,贝克,抑郁症,墙壁无操作(2)Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0941网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0941最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020617 nCipher公司咨询# 4:控制台Java应用程序可以在Windows上泄漏密码参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html参考:报价:5024参考:网址:http://www.securityfocus.com/bid/5024参考:XF: ncipher-consolecallback-passphrase-leak(9354)参考:网址:http://www.iss.net/security_center/static/9354.phpnCipher公司下运行的ConsoleCallBack类JRE 1.4.0 1.4.0_01, TrustedCodeTool和可能使用的其他应用程序,可能会泄露密码,当用户中止应用程序提示密码,这可能允许攻击者获得特权。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0941能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,绿色,贝克,弗雷希无操作(3)Foat,考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0945网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0945最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020608 SeaNox Devwex -拒绝服务和目录遍历参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0056.html参考:确认:http://www.seanox.de/projects.devwex.php参考:XF: devwex-get-bo(9298)参考:网址:http://www.iss.net/security_center/static/9298.php参考:报价:4979参考:网址:http://www.securityfocus.com/bid/4979缓冲区溢出在SeaNox Devwex允许远程攻击者可能导致拒绝服务(崩溃)和执行任意代码通过一个HTTP GET请求。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商的“不妨”页面(可以在左边菜单)一个项目开始于6月1日,2002年,哪个州(基于谷歌翻译):”目录处理[是]修改在一个安全的和errortolerant路径处理。带来的Java可能是女士ueberladene[很久了吗?)请求VM(导致)崩溃。”INFERRED ACTION: CAN-2002-0945 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Cole, Baker, Frech NOOP(2) Foat, Wall ====================================================== Candidate: CAN-2002-0946 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0946最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020608 SeaNox Devwex -拒绝服务和目录遍历参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0056.html参考:确认:http://www.seanox.de/projects.devwex.php参考:报价:4978参考:网址:http://www.securityfocus.com/bid/4978参考:XF: devwex-dotdot-directory-traversal(9299)参考:网址:http://www.iss.net/security_center/static/9299.php目录遍历脆弱性SeaNox Devwex 1.2002.0601之前允许远程攻击者读取任意文件通过. .\(点点)序列在一个HTTP请求。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商的“不妨”页面(可以在左边菜单)一个项目开始于6月1日,2002年,哪个州(基于谷歌翻译):”目录处理[是]修改在一个安全的和errortolerant路径处理。带来的Java可能是女士ueberladene[很久了吗?)请求VM(导致)崩溃。”INFERRED ACTION: CAN-2002-0946 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Cole, Baker, Frech NOOP(2) Foat, Wall ====================================================== Candidate: CAN-2002-0947 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0947最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020612 Oracle服务器报告缓冲区溢出(# NISR12062002B)参考:网址:http://online.securityfocus.com/archive/1/276524参考:VULNWATCH: 20020612 (VULNWATCH) Oracle服务器报告缓冲区溢出(# NISR12062002B)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0097.html参考:CERT-VN: VU # 997403参考:网址:http://www.kb.cert.org/vuls/id/997403参考:确认:http://technet.oracle.com/deploy/security/pdf/reports6i_alert.pdf参考:MISC:http://www.nextgenss.com/vna/ora-reports.txt参考:报价:4848参考:网址:http://www.securityfocus.com/bid/4848参考:XF: oracle-reports-server-bo(9289)参考:网址:http://www.iss.net/security_center/static/9289.php缓冲区溢出rwcgi60 CGI程序的Oracle服务器6.0.8.18.0和早些时候报道,用于Oracle9iAS和其他产品一样,允许远程攻击者通过长数据库名称参数执行任意代码。修改:Oracle9iAS DESC澄清角色分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0947能接受(6接受,2 ack, 0评论)目前投票:接受(5)科尔,阿姆斯特朗,Alderson,贝克,琼斯弗雷希修改(1)无操作(2)Foat,考克斯选民的评论:琼斯>建议描述读”……我之前释放6.0.8.18.0和Oracle服务器报告6…”,删除“9 ias甲骨文产品“从Oracle咨询州包含脆弱的服务器版本的报告。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0952网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0952最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:思科:20020619思科ONS15454 IP TOS脆弱性参考:网址:http://www.cisco.com/warp/public/707/ons-tos-vuln-pub.shtml参考:XF: cisco-ons-tcc-dos(9377)参考:网址:http://www.iss.net/security_center/static/9377.php参考:报价:5058参考:网址:http://www.securityfocus.com/bid/5058思科ONS15454光传输平台运行ONS 3.1.0 3.2.0允许远程攻击者造成拒绝服务(重置)通过发送IP数据包与非零的服务类型(TOS)位定时控制卡(太极拳)局域网接口。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0952能接受(5接受,1 ack, 0评论)目前投票:接受(5)科尔,绿色,贝克,抑郁症,墙壁无操作(2)Foat,考克斯= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0953网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0953最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020617 PHP源注入PHPAddress参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0182.html参考:BUGTRAQ: 20020619源注入PHPAddress参考:网址:http://online.securityfocus.com/archive/1/277987参考:XF: phpaddress-include-remote-files(9379)参考:网址:http://www.iss.net/security_center/static/9379.php参考:报价:5039参考:网址:http://www.securityfocus.com/bid/5039全局变量。php在php解决0.2 f,启用了php allow_url_fopen和register_globals变量,允许远程攻击者通过URL执行任意的php代码中的代码LangCookie参数。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 0953能接受(4接受,1 ack, 0评论)目前投票:接受(4)科尔,绿色,贝克,弗雷希无操作(3)Foat,考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0958网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0958最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020606 (ARL02-A12) PHP(反应堆)跨站脚本漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0034.html参考:确认:http://sourceforge.net/project/shownotes.php?release_id=91877参考:XF: phpreactor-browse-xss(9280)参考:网址:http://www.iss.net/security_center/static/9280.php参考:报价:4952参考:网址:http://www.securityfocus.com/bid/4952跨站点脚本漏洞在浏览。php为php(反应堆)1.2.7允许远程攻击者编写执行脚本和其他用户通过参数在评论部分。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商变更1.2.7p1说“固定2 XSS错误。”A source code diff of inc/global.inc.php in phpreactor-1.2.7 and phpreactor-1.2.7p1 shows that the only change was a call to strip_tags() when setting the $go variable. INFERRED ACTION: CAN-2002-0958 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Cole, Baker, Frech NOOP(2) Foat, Wall ====================================================== Candidate: CAN-2002-0964 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0964最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020620半衰期假球员错误引用:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0248.html参考:XF: halflife-mulitple-player-dos(9412)参考:网址:http://www.iss.net/security_center/static/9412.php参考:报价:5076参考:网址:http://www.securityfocus.com/bid/5076半衰期服务器1.1.1.0早些时候,允许远程攻击者造成拒绝服务(资源枯竭)通过多个响应与不同的cd_key值最初的挑战,在球员限制和防止其他玩家连接到原始响应超时。分析- - - - - - - - - -供应商确认:推断行动:- 2002 - 0964能接受(3接受0 ack, 0评论)目前投票:接受(3)绿色,贝克,弗雷希无操作(4)Foat,科尔,考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0965网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0965最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020612甲骨文TNS侦听器缓冲区溢出(# NISR12062002A)参考:网址:http://online.securityfocus.com/archive/1/276526参考:VULNWATCH: 20020612 (VULNWATCH)甲骨文TNS侦听器缓冲区溢出(# NISR12062002A)参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0096.html参考:确认:http://otn.oracle.com/deploy/security/pdf/net9_dos_alert.pdf参考:报价:4845参考:网址:http://www.securityfocus.com/bid/4845参考:XF: oracle-listener-servicename-bo(9288)参考:网址:http://www.iss.net/security_center/static/9288.php缓冲区溢出的TNS侦听器Oracle 9 i数据库服务器在Windows系统上,和Oracle 8 VM,允许本地用户执行任意代码通过一个长SERVICE_NAME参数,编写一个错误消息时不妥善处理日志文件。修改:DESC修复受影响的版本ADDREF XF: oracle-listener-servicename-bo(9288)分析- - - - - - - - - -供应商确认:是的咨询确认:尽管甲骨文咨询本身没有明确提及缓冲区溢出,甲骨文的咨询页面上的链接到这个文档说“缓冲区溢出漏洞在Oracle净(Oracle9i数据库服务器)。”This, combined with the acknowledgement to the disclosers and correlated dates, provides sufficient information to indicate acknowledgement. INFERRED ACTION: CAN-2002-0965 ACCEPT (6 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Cole, Armstrong, Alderson, Baker MODIFY(2) Frech, Jones NOOP(2) Foat, Cox Voter Comments: Jones> Oracle 9i Database Server on Windows systems and Oracle 8 on VM allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when forming an error message prior to writing to a log file." Frech> XF:oracle-listener-servicename-bo(9288) ====================================================== Candidate: CAN-2002-0967 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0967最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020606 eDonkey 2000 ed2k: URL缓冲区溢位参考:网址:http://online.securityfocus.com/archive/1/275708参考:确认:http://www.edonkey2000.com/参考:XF: edonkey2000-ed2k-filename-bo(9278)参考:网址:http://www.iss.net/security_center/static/9278.php参考:报价:4951参考:网址:http://www.securityfocus.com/bid/4951缓冲区溢出2000年eDonkey 35.16.60早些时候,允许远程攻击者可能导致拒绝服务(崩溃)和执行任意代码通过一个长URL“ed2k:”。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商的主页,一个项目日期6.5.02国家”的安全利用windows的GUI客户端已经固定的……由于Shane Hird[通知]指出我们。”INFERRED ACTION: CAN-2002-0967 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Cole, Baker, Frech NOOP(2) Foat, Wall ====================================================== Candidate: CAN-2002-0968 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0968最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020816类别:科幻参考:BUGTRAQ: 20020613远程DoS AnalogX SimpleServer: www 1.16参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0106.html参考:BUGTRAQ: 20020702 Re:偏远DoS AnlaogX SimpleServer: www 1.16参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102563702928443&w=2参考:确认:http://www.analogx.com/contents/download/network/sswww.htm参考:报价:5006参考:网址:http://www.securityfocus.com/bid/5006参考:XF: analogx-simpleserver-at-dos(9338)参考:网址:http://www.iss.net/security_center/static/9338.php1.16和更早的缓冲区溢出在AnalogX SimpleServer: WWW上允许远程攻击者造成拒绝服务(崩溃)和执行代码通过一个HTTP请求方法名称。分析- - - - - - - - - -供应商确认:是的更新日志确认:1.23版本的更改日志说“固定可能利用大字符串的命令。”INFERRED ACTION: CAN-2002-0968 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Cole, Green, Baker, Frech NOOP(3) Foat, Cox, Wall ====================================================== Candidate: CAN-2002-0981 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0981最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020822类别:科幻参考:火山口:综援- 2002上海合作组织。36个参考:网址:ftp://ftp.caldera.com/pub/updates/openunix/cssa - 2002 sco.36/cssa - 2002 sco.36.txt参考:XF: openunix-unixware-ndcfg-bo(9945)参考:网址:http://www.iss.net/security_center/static/9945.php参考:报价:5551参考:网址:http://www.securityfocus.com/bid/5551缓冲区溢出在ndcfg命令安装7.1.1 UnixWare和开放的UNIX 8.0.0允许本地用户通过长命令行执行任意代码。修改:ADDREF XF: openunix-unixware-ndcfg-bo (9945) ADDREF报价:5551分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0981能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(4)Foat Christey,考克斯墙选民的评论:Christey > XF: openunix-unixware-ndcfg-bo(9945)网址:http://www.iss.net/security_center/static/9945.php报价:5551网址:http://www.securityfocus.com/bid/5551= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0984网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0984最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020823类别:科幻参考:BUGTRAQ: 20020822光安全顾问:Remotely-exploitable代码执行参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-08/0231.html参考:DEBIAN: dsa - 156参考:网址:http://www.debian.org/security/2002/dsa - 156参考:XF: light-channel-execute-script(9943)参考:网址:http://www.iss.net/security_center/static/9943.php参考:报价:5555参考:网址:http://www.securityfocus.com/bid/5555IRC脚本包含在2.7。2.8 x 2.7.30p5之前,。x 2.8 pre10之前,运行史诗允许远程攻击者执行任意代码如果用户连接通道的主题包括EPIC4代码。修改:ADDREF BUGTRAQ: 20020822光安全顾问:Remotely-exploitable代码执行ADDREF XF: light-channel-execute-script (9943) ADDREF报价:5555分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0984能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(4)Foat Christey,考克斯墙选民的评论:Christey > XF: light-channel-execute-script(9943)网址:http://www.iss.net/security_center/static/9943.php报价:5555网址:http://www.securityfocus.com/bid/5555Christey > BUGTRAQ: 20020822光安全顾问:Remotely-exploitable代码执行URL:http://archives.neohapsis.com/archives/bugtraq/2002-08/0231.htmlXF: light-channel-execute-script(9943)网址:http://www.iss.net/security_center/static/9943.php报价:5555网址:http://www.securityfocus.com/bid/5555= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0987网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0987最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020826类别:科幻参考:火山口:综援- 2002上海合作组织。38参考:网址:ftp://ftp.sco.com/pub/updates/openunix/cssa - 2002 sco.38参考:XF: openunix-unixware-xsco-privileges(9976)参考:网址:http://www.iss.net/security_center/static/9976.php参考:报价:5575参考:网址:http://www.securityfocus.com/bid/5575X服务器(Xsco) OpenUNIX 8.0.0和安装7.1.1 UnixWare不放弃特权之前调用程序使用popen xkbcomp等,这将允许本地用户获得特权。修改:ADDREF XF: openunix-unixware-xsco-privileges (9976) ADDREF报价:5575分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0987能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(3)Foat,考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0988网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0988最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020826类别:科幻参考:火山口:综援- 2002上海合作组织。38参考:网址:ftp://ftp.sco.com/pub/updates/openunix/cssa - 2002 sco.38参考:XF: openunix-unixware-xsco-bo(9977)参考:网址:http://www.iss.net/security_center/static/9977.php参考:报价:5577参考:网址:http://www.securityfocus.com/bid/5577缓冲区溢出的X服务器(Xsco) OpenUNIX 8.0.0和安装7.1.1 UnixWare XBM / xkbcomp功能相关的可能。修改:ADDREF XF: openunix-unixware-xsco-bo (9977) ADDREF报价:5577分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 0988能接受(3接受,1 ack, 0评论)目前投票:接受(3)科尔,阿姆斯特朗,贝克等待(3)Foat,考克斯墙= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0989网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0989最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020827类别:科幻参考:确认:http://gaim.sourceforge.net/ChangeLog参考:DEBIAN: dsa - 158参考:网址:http://www.debian.org/security/2002/dsa - 158参考:确认:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=72728参考:曼德拉草:MDKSA-2002:054参考:网址:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:054参考:REDHAT: RHSA-2002:189参考:网址:http://www.redhat.com/support/errata/rhsa - 2002 - 189. - html参考:CONECTIVA: CLA-2002:521参考:网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000521参考:惠普:hpsbtl0209 - 067参考:网址:http://online.securityfocus.com/advisories/4471参考:FREEBSD: FreeBSD-SN-02:06参考:网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.asc参考:BUGTRAQ: 20020827 GLSA: gaim参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=103046442403404&w=2参考:报价:5574参考:网址:http://www.securityfocus.com/bid/5574参考:XF: gaim-url-handler-command-execution(9978)参考:网址:http://www.iss.net/security_center/static/9978.phpURL处理程序在浏览器手动选择Gaim 0.59.1之前允许远程攻击者执行任意脚本通过shell元字符在一个链接。修改:ADDREF曼德拉草:MDKSA-2002:054 ADDREF REDHAT: RHSA-2002:189 ADDREF CONECTIVA: CLA-2002:521 ADDREF惠普:hpsbtl0209 - 067 ADDREF FREEBSD: FreeBSD-SN-02:06 ADDREF XF: gaim-url-handler-command-execution (9978) ADDREF报价:5574分析- - - - - - - - - -供应商确认:是的推断行动:- 2002 - 0989能接受(4,5 ack, 0评论)目前投票:接受(4)科尔,阿姆斯特朗,贝克,考克斯等待(3)Foat, Christey,墙选民的评论:Christey > ADDREF曼德拉草:MDKSA-2002:054 Christey > REDHAT: RHSA-2002:189 URL:http://www.redhat.com/support/errata/rhsa - 2002 - 189. - htmlChristey > CONECTIVA: CLA-2002:521网址:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000521报价:5574网址:http://www.securityfocus.com/bid/5574惠普:hpsbtl0209 - 067网址:http://online.securityfocus.com/advisories/4471FREEBSD: FreeBSD-SN-02:06网址:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:06.ascXF: gaim-url-handler-command-execution(9978)网址:http://www.iss.net/security_center/static/9978.php= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 0995网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 0995最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020702 PHPAuction错误引用:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0014.html参考:确认:http://www.phpauction.org/viewnew.php?id=5参考:XF: phpauction-admin-account-creation(9462)参考:网址:http://www.iss.net/security_center/static/9462.php参考:报价:5141参考:网址:http://www.securityfocus.com/bid/5141登录。php PHPAuction允许远程攻击者获得特权通过直接调用登录。php的行为参数设置为“插入”,这将提供用户名添加到adminUsers表。分析- - - - - - - - - -供应商确认:是的咨询确认:供应商的网站包含一个咨询日期初始Bugtraq后的第二天,这国家”解决地址管理/登录。php文件和可能出现的安全漏洞没有这种变化。现在有一定的安全检查添加安全管理员后端。”INFERRED ACTION: CAN-2002-0995 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Cole, Baker, Frech NOOP(3) Foat, Cox, Wall ====================================================== Candidate: CAN-2002-1000 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1000最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020626 Foundstone咨询——缓冲区溢出AnalogX SimpleServer:喊(fwd)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0338.html参考:确认:http://www.analogx.com/contents/download/network/ssshout.htm参考:报价:5104参考:网址:http://www.securityfocus.com/bid/5104参考:XF: analogx-simpleserver-shout-bo(9427)参考:网址:http://www.iss.net/security_center/static/9427.php缓冲区溢出在AnalogX SimpleServer:喊1.0允许远程攻击者造成拒绝服务和执行任意代码通过一个长请求TCP端口8001。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商网站上的更新日志包含一个条目1.02版本,“固定断言错误发现Foundstone(大参考)。”INFERRED ACTION: CAN-2002-1000 ACCEPT (4 accept, 1 ack, 0 review) Current Votes: ACCEPT(4) Green, Baker, Frech, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-1002 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1002最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020812这- 2002 - 2963081 - Novell iManager (eMFrame 1.2.1) DoS攻击参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-08/0093.html参考:BUGTRAQ: 20020627 Cluestick咨询# 001参考:网址:http://online.securityfocus.com/archive/1/279683参考:XF: netware-imanage-username-dos(9444)参考:网址:http://www.iss.net/security_center/static/9444.php参考:报价:5117参考:网址:http://www.securityfocus.com/bid/5117在Novell iManager缓冲区溢出(eMFrame 1.2.1)允许远程攻击者造成拒绝服务(崩溃)通过用户名。分析- - - - - - - - - -供应商确认:对后续的行动:- 2002 - 1002能接受(4接受,1 ack, 0评论)目前投票:接受(4)绿色,贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1004网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1004最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020703 Argosoft邮件服务器+ / Pro Webmail反向目录遍历参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0029.html参考:确认:http://www.argosoft.com/applications/mailserver/changelist.asp参考:报价:5144参考:网址:http://www.securityfocus.com/bid/5144参考:XF: argosoft-dotdot-directory-traversal(9477)参考:网址:http://www.iss.net/security_center/static/9477.php目录遍历脆弱性ArGoSoft邮件服务器的邮箱功能加或Pro 1.8.1.5早些时候,允许远程攻击者读取任意文件通过. .(点点)序列在一个URL。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商的更改日志包含一个条目1.8.1.6日期为7月3日,2002年,国家“固定邮箱安全问题反向遍历目录,由团队发现n有限(大参考)。”INFERRED ACTION: CAN-2002-1004 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Frech, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-1006 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1006最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020701 ptl - 2002 - 03 Betsie XSS Vuln参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0002.html参考:确认:http://www.bbc.co.uk/education/betsie/parser.pl.txt参考:报价:5135参考:网址:http://www.securityfocus.com/bid/5135参考:XF: betsie-parserl-xss(9468)参考:网址:http://www.iss.net/security_center/static/9468.php跨站点脚本(XSS)脆弱性在BBC教育互联网语音增强器(Betsie) 1.5.11早些时候,允许远程攻击者通过parserl.pl执行任意的web脚本。修改:DESC添加“XSS”缩写分析- - - - - - - - - -供应商确认:是的补丁确认:parserl内的评论。pl脚本本身(2002年8月18日版本1.5.12)包括一个声明“打跨站点脚本漏洞,”和原Bugtraq海报感谢在页面的顶部。推断行动:- 2002 - 1006能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1013网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1013最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020702核心- 20020620:Inktomi交通服务器缓冲区溢位参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0023.html参考:确认:http://support.inktomi.com/kb/070202 - 003. - html参考:报价:5098参考:网址:http://www.securityfocus.com/bid/5098参考:XF: inktomi-trafficserver-manager-bo(9465)参考:网址:http://www.iss.net/security_center/static/9465.php缓冲区溢出在服务器通过5.2.2 4.0.18 traffic_manager Inktomi交通,交通优势1.1.2 1.5.0,Media-IXT 3.0.4允许本地用户获得根权限通过长路径参数。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 1013能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(4)Christey,考克斯墙,Foat选民的评论:弗雷希>确认现在http://support.inktomi.com/kb/private/070202 - 003. - html,只是提供给客户提供一个当前支持合同。Christey >我将原确认URL表明,在一个时间点,整个公众可以访问一个确认。= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1014网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1014最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020712 [SPSadvisory # 48] RealONE球员黄金/ RealJukebox2缓冲区溢位参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0127.html参考:确认:http://service.real.com/help/faq/security/bufferoverrun07092002.html参考:XF: realplayer-rjs-controlnimage-bo(9538)参考:网址:http://www.iss.net/security_center/static/9538.php参考:报价:5217参考:网址:http://www.securityfocus.com/bid/5217缓冲区溢出RealJukebox 2 1.0.2.340 1.0.2.379, RealOne球员黄金6.0.10.505,允许远程攻击者执行任意代码通过一个RFS皮肤的皮肤文件。ini CONTROLnImage参数包含一个长值,比如CONTROL1Image。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 1014能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1015网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1015最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020712 [SPSadvisory # 47] RealONE球员黄金/ RealJukebox2皮肤文件下载漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0130.html参考:确认:http://service.real.com/help/faq/security/bufferoverrun07092002.html参考:XF: realplayer-rjs-file-download(9539)参考:网址:http://www.iss.net/security_center/static/9539.php参考:报价:5210参考:网址:http://www.securityfocus.com/bid/5210RealJukebox 2 1.0.2.340 1.0.2.379, RealOne球员黄金6.0.10.505,允许远程攻击者在本地计算机上执行任意脚本脚本插入区域的皮肤。ini文件的rj存档,然后引用的皮肤。ini从网页中提取后,由Internet Explorer解析为HTML或其他基于微软网络读者。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 1015能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1024网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1024最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:CERT-VN: VU # 290140参考:网址:http://www.kb.cert.org/vuls/id/290140参考:思科:20020627为SSH可以导致崩溃参考扫描:网址:http://www.cisco.com/warp/public/707/SSH-scanning.shtml参考:XF: cisco-ssh-scan-dos(9437)参考:网址:http://www.iss.net/security_center/static/9437.php参考:报价:5114参考:网址:http://www.securityfocus.com/bid/5114思科IOS 12.0到12.2,当支持SSH,允许远程攻击者造成拒绝服务(CPU消耗)通过一个很大的包,是为了利用SSH CRC32攻击检测溢流(cve - 2001 - 0144)。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 1024能接受(5接受,2 ack, 0评论)目前投票:接受(5)绿色,贝克,墙,法国人?科尔等待(2)考克斯Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1025网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1025最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:VULNWATCH: 20020701 [VULNWATCH]毕马威- 2002026:Jrun源代码里披露参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0138.html毕马威参考:BUGTRAQ: 20020701 - 2002026: Jrun源代码里披露参考:网址:http://online.securityfocus.com/archive/1/280062参考:确认:http://www.macromedia.com/v1/handlers/index.cfm?ID=23164参考:报价:5134参考:网址:http://www.securityfocus.com/bid/5134参考:XF: jrun-null-view-source(9459)参考:网址:http://www.iss.net/security_center/static/9459.phpJRun 3.0到4.0允许远程攻击者读取JSP源代码通过零字节编码在一个HTTP GET请求,导致服务器发送未解析的JSP文件。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 1025能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1030网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1030最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:VULNWATCH: 20020708 [VULNWATCH]毕马威- 2002029:Bea Weblogic性能包拒绝服务引用:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0008.html毕马威参考:BUGTRAQ: 20020708 - 2002029: Bea Weblogic性能包拒绝服务引用:网址:http://online.securityfocus.com/archive/1/281046参考:确认:http://dev2dev.bea.com/resourcelibrary/advisoriesdetail.jsp?highlight=advisoriesnotifications&path=components%2fdev2dev%2fresourcelibrary%2fadvisoriesnotifications%2fadvisory_bea02 - 19. htm参考:报价:5159参考:网址:http://www.securityfocus.com/bid/5159参考:XF: weblogic-race-condition-dos(9486)参考:网址:http://www.iss.net/security_center/static/9486.php竞态条件的性能在BEA WebLogic Server 5.1和表达。6.0 x。6.1 x。x和7.0允许远程攻击者造成拒绝服务(崩溃)通过大量的数据和连接。分析- - - - - - - - - -供应商确认:是的咨询确认:毕马威咨询学分(大参考)发现的问题。推断行动:- 2002 - 1030能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1031网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1031最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020707 KF Web服务器版本1.0.2中显示文件和目录内容参考:网址:http://online.securityfocus.com/archive/1/281102参考:VULNWATCH: 20020707 [VULNWATCH] KF Web服务器版本1.0.2中显示文件和目录内容参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0007.html参考:确认:http://www.keyfocus.net/kfws/support/参考:报价:5177参考:网址:http://www.securityfocus.com/bid/5177参考:XF: kfwebserver-null-view-dir(9500)参考:网址:http://www.iss.net/security_center/static/9500.php1.0.2 KeyFocus (KF) web服务器允许远程攻击者列出目录和读取限制文件通过一个HTTP请求包含一个% 00 (null)字符。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商的更改日志1.0.3,日期为2002年7月4日状态:“安全漏洞——% 00。如果请求的URL包含一个目录名称% 00后,然后服务器用于生成一个索引文件的目录。”INFERRED ACTION: CAN-2002-1031 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Frech, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-1035 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1035最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:BUGTRAQ: 20020701 BufferOverflow OmniHTTPd 2.09参考:网址:http://online.securityfocus.com/archive/1/280132参考:XF: omnihttpd-http-version-bo(9457)参考:网址:http://www.iss.net/security_center/static/9457.php参考:报价:5136参考:网址:http://www.securityfocus.com/bid/5136Omnicron OmniHTTPd 2.09允许远程攻击者造成拒绝服务(崩溃)通过一个HTTP请求长,畸形的HTTP 1版本号。分析- - - - - - - - - -供应商确认:是的领域相符确认:被送到support@omnicron电子邮件的调查。ca 2002年8月22日,供应商说8月24日,脆弱性是固定在2.10版本中。推断行动:- 2002 - 1035能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,抑郁症,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1039网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1039最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020827类别:科幻参考:VULNWATCH: 20020714 (VULNWATCH)双乔科省拿铁多个漏洞参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.html参考:BUGTRAQ: 20020714双乔科省拿铁多个漏洞参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102668783632589&w=2参考:确认:http://dcl.sourceforge.net/index.php参考:XF: dcl-dotdot-directory-traversal(9743)参考:网址:http://www.iss.net/security_center/static/9743.php目录遍历脆弱性在双乔科省拿铁咖啡(DCL)前20020706允许远程攻击者读取任意文件通过. .(点点)序列从项目:当下载文件附件功能。分析- - - - - - - - - -供应商确认:是的更新日志确认:供应商的变更,2002年7月6日状态:“修复,防止文件下载欺骗。”INFERRED ACTION: CAN-2002-1039 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Frech, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-1046 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1046最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020827类别:科幻参考:VULNWATCH:毕马威20020709 - 2002030:沃奇卫士燃烧室动态VPN配置协议DoS参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0012.html参考:报价:5186参考:网址:http://www.securityfocus.com/bid/5186参考:XF: firebox-dvcp-dos(9509)参考:网址:http://www.iss.net/security_center/static/9509.php动态VPN配置协议服务(DVCP)沃奇卫士燃烧室固件5. x。x允许远程攻击者造成拒绝服务(崩溃)通过一个畸形数据包包含制表符TCP端口4110。修改:CHANGEREF VULNWATCH(规范化)分析- - - - - - - - - -供应商确认:未知discloser-claimed推断行动:- 2002 - 1046能接受(3接受0 ack, 0评论)目前投票:接受(3)贝克,抑郁症,Foat等待(3)考克斯,墙,科尔= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1049网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1049最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020729 HylaFAX -各种漏洞固定参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0358.html参考:DEBIAN: dsa - 148参考:网址:http://www.debian.org/security/2002/dsa - 148参考:曼德拉草:MDKSA-2002:055参考:网址:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:055参考:SUSE: SuSE-SA: 2002:035参考:网址:http://www.suse.de/de/security/2002_035_hylafax.html参考:确认:http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=300参考:报价:5348参考:网址:http://www.securityfocus.com/bid/5348参考:XF: hylafax-faxgetty-tsi-dos(9728)参考:网址:http://www.iss.net/security_center/static/9728.php格式字符串漏洞在HylaFAX faxgetty 4.1.3之前允许远程攻击者造成拒绝服务(崩溃)通过TSI数据元素。修改:ADDREF曼德拉草:MDKSA-2002:055 ADDREF SUSE: SuSE-SA: 2002:035分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 1049 ACCEPT_ACK (2, 3 ack, 0评论)目前投票:接受(2)贝克,科尔等待(4)Christey,考克斯墙,Foat选民的评论:Christey >曼德拉草:MDKSA-2002:055 Christey > SUSE: SuSE-SA: 2002:035 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1050网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1050最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020729 HylaFAX -各种漏洞固定参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0358.html参考:DEBIAN: dsa - 148参考:网址:http://www.debian.org/security/2002/dsa - 148参考:确认:http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=312参考:曼德拉草:MDKSA-2002:055参考:网址:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:055参考:SUSE: SuSE-SA: 2002:035参考:网址:http://www.suse.de/de/security/2002_035_hylafax.html参考:报价:5349参考:网址:http://www.securityfocus.com/bid/5349参考:XF: hylafax-faxgetty-image-bo(9729)参考:网址:http://www.iss.net/security_center/static/9729.php缓冲区溢出在HylaFAX faxgetty 4.1.3之前允许远程攻击者引起拒绝服务,并可能执行任意代码,通过一长串图像数据。修改:ADDREF曼德拉草:MDKSA-2002:055 ADDREF SUSE: SuSE-SA: 2002:035 DESC修复错误分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 1050 ACCEPT_ACK (2, 3 ack, 0评论)目前投票:接受(2)贝克,科尔等待(4)Christey,考克斯墙,Foat选民的评论:Christey >曼德拉草:MDKSA-2002:055 Christey > SUSE: SuSE-SA: 2002:035关闭括号DESC。Christey >修复错误(额外的括号)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1051网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1051最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020606格式字符串错误TrACESroute 6.0黄金参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-06/0040.html参考:BUGTRAQ: 20020721 Nanog traceroute格式字符串利用。参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102737546927749&w=2参考:BUGTRAQ: 20020723 Re: Nanog traceroute格式字符串利用。参考网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0254.html参考:BUGTRAQ: 20020724 Re: Nanog traceroute格式字符串利用。参考网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102753136231920&w=2参考:SUSE: SuSE-SA: 2000:041参考:网址:http://www.suse.de/de/security/2000_041_traceroute_txt.html参考:报价:4956参考:网址:http://www.securityfocus.com/bid/4956参考:XF: tracesroute-t-format-string(9291)参考:网址:http://www.iss.net/security_center/static/9291.php格式字符串漏洞TrACESroute 6.0黄金(又名NANOG traceroute)允许本地用户执行任意代码通过- t(终结者)命令行参数。分析- - - - - - - - - -供应商确认:是的后续注意:Debian通过电子邮件确认不脆弱。推断行动:- 2002 - 1051能接受(4接受,1 ack, 0评论)目前投票:接受(4)贝克,抑郁症,Foat,科尔等待墙(1)= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1053网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1053最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020817 W3C拼图代理服务器:跨站点脚本漏洞(转帖)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-08/0190.html参考:确认:http://www.w3.org/Jigsaw/RelNotes.html 2.2.1参考:报价:5506参考:网址:http://www.securityfocus.com/bid/5506参考:XF: jigsaw-http-proxy-xss(9914)参考:网址:http://www.iss.net/security_center/static/9914.php跨站点脚本(XSS)脆弱性在W3C拼图代理服务器2.2.1允许远程攻击者通过一个URL执行任意脚本包含一个引用不存在的主机之后,脚本,这是包括在生成的错误消息。修改:DESC添加“XSS”术语分析- - - - - - - - - -供应商确认:是的、确认:供应商的更新日志2.2.1说”添加了一个国旗从默认的错误页面删除URI以及代理模块(安全修复:避免交叉脚本攻击)。”INFERRED ACTION: CAN-2002-1053 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Cole, Armstrong NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-1054 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1054最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020722 Pablo FTP服务器软件解决方案目录遍历脆弱性参考:网址:http://online.securityfocus.com/archive/1/283665参考:VULNWATCH: 20020722 [VULNWATCH] Pablo FTP服务器软件解决方案目录遍历脆弱性参考:网址:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0035.html参考:确认:http://www.pablovandermeer.nl/ftpserversrc.zip参考:报价:5283参考:网址:http://www.securityfocus.com/bid/5283参考:XF: pablo-ftp-directory-traversal(9647)参考:网址:http://www.iss.net/security_center/static/9647.php目录遍历早些时候在Pablo FTP服务器1.0构建9和漏洞允许远程经过身份验证的用户通过“任意目录列表。\”(圆点反斜杠)怎么样在命令列表。分析- - - - - - - - - -供应商确认:是的更新日志确认:发布/ whatsnew。txt文件的源代码包含一个条目日期[07/21/2002],1.10版本,州“固定安全漏洞GetDirectoryList(列表\ . . \)(感谢:http://www.securiteinfo.com)(大参考)”推断行动:- 2002 - 1054 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1057网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1057最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020723 MailMax安全顾问/开发/补丁参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0245.html参考:报价:5285参考:网址:http://www.securityfocus.com/bid/5285参考:XF: mailmax-pop3max-user-bo(9651)参考:网址:http://www.iss.net/security_center/static/9651.php缓冲区溢出在SmartMax MailMax POP3守护进程(popmax) 4.8允许远程攻击者通过很长的用户命令执行任意代码。分析- - - - - - - - - -供应商确认:是的领域相符确认:电子邮件调查8月28日,2002年,通过接口https://supportcenteronline.com/ics/support/default.asp?deptID=468。供应商承认这个问题在8月29日:“这报告是准确的,我们有一个补丁修复问题供我们的客户。”INFERRED ACTION: CAN-2002-1057 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Baker, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-1059 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1059最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020723任意代码执行漏洞范戴克SecureCRT 3.4 & 4.0 beta参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102744150718462&w=2参考:BUGTRAQ: 20020723 Re:任意代码执行漏洞在氧化铁SecureCRT参考:网址:http://marc.theaimsgroup.com/?l=bugtraq&m=102746007908689&w=2参考:确认:http://www.vandyke.com/products/securecrt/security07 25 - 02. - html参考:XF: securecrt-ssh1-identifier-bo(9650)参考:网址:http://www.iss.net/security_center/static/9650.php参考:报价:5287参考:网址:http://www.securityfocus.com/bid/5287在范戴克SecureCRT的SSH客户端缓冲区溢出3.4.6之前,和4。x 4.0 beta 3之前,允许SSH服务器执行任意代码通过一个长SSH1协议版本字符串。分析- - - - - - - - - -供应商确认:是的咨询推断行动:- 2002 - 1059 ACCEPT_ACK(2接受,1 ack, 0评论)目前投票:接受(2)贝克,科尔等待(3)考克斯,墙,Foat = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1060网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1060最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020724 CacheFlow CacheOS跨站点脚本漏洞参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0283.html参考:确认:http://download.cacheflow.com/release/CA/4.1.00-docs/CACacheOS41fixes.htm参考:报价:5305参考:网址:http://www.securityfocus.com/bid/5305参考:XF: cacheos-unresolved-error-xss(9674)参考:网址:http://www.iss.net/security_center/static/9674.php跨站点脚本(XSS)脆弱性CacheFlow CacheOS 4.1.06早些时候,允许远程攻击者插入任意的HTML,包括脚本,通过一个URL来一个不存在的主机名,包括HTML、插入生成的错误消息。修改:DESC添加XSS术语分析- - - - - - - - - -供应商确认:是的、确认:更新日志,07/15/2002约会,包括以下项V4.1.07(18110年建):“修改默认用户配置错误页面消除跨站点脚本攻击。”INFERRED ACTION: CAN-2002-1060 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Baker, Cole NOOP(3) Cox, Wall, Foat ====================================================== Candidate: CAN-2002-1076 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1076最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020725 IPSwitch IMail咨询/开发/补丁参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0326.html参考:BUGTRAQ: 20020729骗局利用参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0363.html参考:BUGTRAQ: 20020729 Re:恶作剧利用(2 c79cbe14ac7d0b8472d3f129fa1df55返回)参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0368.html参考:确认:http://support.ipswitch.com/kb/im dm02.htm——20020731参考:确认:http://support.ipswitch.com/kb/im dm01.htm——20020729参考:报价:5323参考:网址:http://www.securityfocus.com/bid/5323参考:XF: imail-web-messaging-bo(9679)参考:网址:http://www.iss.net/security_center/static/9679.php缓冲区溢出的Web消息传递守护进程Ipswitch IMail之前7.12允许远程攻击者执行任意代码通过一个HTTP GET请求的HTTP / 1.0。分析- - - - - - - - - -供应商确认:是的更新日志确认:7.12版本的发布说明说“固定缓冲区延期导致漏洞(bugtraq id 5323)。”INFERRED ACTION: CAN-2002-1076 ACCEPT (3 accept, 1 ack, 0 review) Current Votes: ACCEPT(3) Baker, Wall, Cole NOOP(2) Cox, Foat ====================================================== Candidate: CAN-2002-1079 URL:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1079最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020822深渊1.0.3目录遍历和管理缺陷参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html参考:确认:http://www.aprelium.com/万博下载包news/patch1033.html参考:XF: abyss-get-directory-traversal(9941)参考:网址:http://www.iss.net/security_center/static/9941.php参考:XF: abyss-http-directory-traversal(9940)参考:网址:http://www.iss.net/security_center/static/9940.php参考:报价:5547参考:网址:http://www.securityfocus.com/bid/5547Web服务器目录遍历脆弱性深渊1.0.3允许远程攻击者读取任意文件通过. .圆点反斜杠(\)序列在一个HTTP GET请求。修改:ADDREF报价:5547分析- - - - - - - - - -供应商确认:是的确认:供应商包括8月19日的一份声明中,2002年的一个补丁1.03关于“两个相关的bug url解码(由于奥列马路易吉),“原来的揭露者。推断行动:- 2002 - 1079能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(4)Christey,考克斯墙,Foat选民的评论:Christey >报价:5547网址:http://www.securityfocus.com/bid/5547= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1081网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1081最终决定:阶段性裁决:20030326修改:20030325 - 01提议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020822深渊1.0.3目录遍历和管理缺陷参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html参考:确认:http://www.aprelium.com/万博下载包news/patch1033.html参考:XF: abyss-plus-file-disclosure(9956)参考:网址:http://www.iss.net/security_center/static/9956.php参考:报价:5549参考:网址:http://www.securityfocus.com/bid/5549Web服务器的管理控制台深渊1.0.3允许远程攻击者读取文件没有提供登录凭证通过一个HTTP请求到目标文件,以一个“+”的角色。修改:ADDREF报价:5549分析- - - - - - - - - -供应商确认:是的确认:供应商包括8月19日的一份声明中,2002年的一个补丁1.03关于“两个相关的bug url解码(由于奥列马路易吉),“原来的揭露者。推断行动:- 2002 - 1081能接受(3接受,1 ack, 0评论)目前投票:接受(3)贝克,科尔,阿姆斯特朗等待(4)Christey,考克斯墙,Foat选民的评论:Christey >报价:5549网址:http://www.securityfocus.com/bid/5549= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =候选人:- 2002 - 1088网址:http://cve.mitre.org/cgi - bin/cvename.cgi?name=can - 2002 - 1088最终决定:阶段性裁决:20030326修改:建议:20020830分配:20020830类别:科幻参考:BUGTRAQ: 20020725 Novell GroupWise 6.0.1中支持包1 Bufferoverflow参考:网址:http://archives.neohapsis.com/archives/bugtraq/2002-07/0296.html参考:确认:http://support.novell.com/servlet/tidfinder/2963273参考:报价:5313参考:网址:http://www.securityfocus.com/bid/5313参考:XF: groupwise-rcpt-bo(9671)参考:网址:http://www.iss.net/security_center/static/9671.php缓冲区溢出在Novell GroupWise 6.0.1中支持Pack 1允许远程攻击者通过长收件人命令执行任意代码。分析- - - - - - - - - -供应商确认:确认:虽然Novell TID本身不包含供应商确认,供应商的安全咨询页面链接的TID短语“缓冲区溢出在Novell GroupWise 6.0.1中支持Pack 1。”INFERRED ACTION: CAN-2002-1088 ACCEPT_ACK (2 accept, 1 ack, 0 review) Current Votes: ACCEPT(2) Baker, Cole NOOP(3) Cox, Wall, Foat
- 上一页的日期:(提案)集群unix - 2003 - 35的候选人
- Prev线程:(提案)集群unix - 2003 - 35的候选人
- 指数(es):
