CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 5033 | CVE-2002-0643 | Candidate | The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain privileges, aka "SQL Server Installation Process May Leave Passwords on System." | Modified (20050510) | ACCEPT(5) Armstrong, Baker, Cole, Foat, Wall | MODIFY(1) Frech | NOOP(2) Christey, Cox | Wall> There may be a 4th type - clear-text passwords, which may be found in | other setup.iss files. | Christey> XF:mssql-insecure-password-storage(9524) | URL:http://www.iss.net/security_center/static/9524.php | BID:5203 | URL:http://www.securityfocus.com/bid/5203 | Frech> XF:mssql-insecure-password-storage(9524) | View |
| 4018 | CVE-2001-1214 | Candidate | manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters. | Modified (20050510) | ACCEPT(1) Frech | NOOP(6) Christey, Cole, Foat, Green, Wall, Ziese | Christey> I can"t find anything about "Marcus S. Xenakis" on the web at | all, except for vulnerability reports. | CHANGE> [Green changed vote from ACCEPT to NOOP] | Green> The more I looked again today the more circular the references | were getting. And there"s no single pointer to a Marcus | Xenakis site. So, I"ll have to modify the vote to a NOOP. | Christey> A similar issue is in CVE-2002-0434, but CVE-2002-0434 is for | manual.php. | View |
| 4570 | CVE-2002-0177 | Candidate | Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client. | Modified (20050510) | ACCEPT(3) Cole, Cox, Green | MODIFY(1) Frech | NOOP(4) Armstrong, Christey, Foat, Wall | Christey> CALDERA:CSSA-2002-020.0 | Christey> Change "allows" to "allow," and add "as exploited through the | client_login function" (to facilitate matching). | REDHAT:RHSA-2002:063 | Frech> XF:icecast-clientlogin-bo(8741) | View |
| 4573 | CVE-2002-0180 | Candidate | Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname. | Modified (20050510) | ACCEPT(4) Baker, Cole, Cox, Green | MODIFY(2) Frech, Jones | NOOP(4) Armstrong, Christey, Foat, Wall | Cox> According to the author of Webalizer the issue is not remotely | exploitable, but this hasn"t been confirmed by us yet. Needs | investigation. | | http://www.mrunix.net/webalizer/news.html | CHANGE> [Cox changed vote from MODIFY to REVIEWING] | Cox> Author says this cannot be exploited to execute arbitrary code | Jones> Description of acknowledged vulnerability indicates remotely | exploitable (buffer overflow is in code which is processing | input from a remote system (a DNS server)); root or non-root | depends on privileges of resolver process (which is likely | same as privileges of Webalizer process). So, remotely | exploitable to run arbitrary code with privileges of the | Webalizer process. | Cox> I actually meant that the author doesn"t think this is an exploitable | overflow at all, see | | ---------- Forwarded message ---------- | Date: Wed, 17 Apr 2002 02:19:37 -0400 (EDT) | From: Bradford L. Barrett <brad@mrunix.net> | To: Franck Coppola <franck@hosting42.com> | Cc: Spybreak <spybreak@host.sk>, bugtraq@securityfocus.com, | vulnwatch@vulnwatch.org | Subject: Re: Remote buffer overflow in Webalizer | | | > Here is a patch to fix the vulnerability (tested against webalizer-2.01-06). | | Bad fix.. while it will prevent the buffer from overflowing (which I still | fail to see how can be used to execute a "root" exploit, even with a LOT | of imagination), but will cause the buffer to be filled with a non-null | terminated string which will do all sorts of nasty things to your output, | not to mention wreak havoc on the stats since you are cutting off the | domain portion, not the hostname part, and adding random garbage at the | end. | | Anyway, Version 2.01-10 has been released, which fixes this and a few | other buglets that have been discovered in the last month or so. Get it | at the usual place (web: www.mrunix.net/webalizer/ or www.webalizer.org | or ftp: ftp.mrunix.net/pub/webalizer/), and should be on the mirror sites | soon. | | -- | Bradford L. Barrett brad@mrunix.net | A free electron in a sea of neutrons DoD#1750 KD4NAW | | | Christey> XF:webalizer-reverse-dns-bo(8837) | URL:http://www.iss.net/security_center/static/8837.php | BID:4504 | URL:http://www.securityfocus.com/bid/4504 | VULNWATCH:20020415 [VulnWatch] Remote buffer overflow in Webalizer | URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0017.html | ENGARDE:ESA-20020423-009 | CONECTIVA:CLA-2002:476 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000476 | CHANGE> [Cox changed vote from REVIEWING to ACCEPT] | Cox> after reviewing I agree with the description given | Frech> XF: webalizer-reverse-dns-bo(8837) | Christey> REDHAT:RHSA-2002:254 | Christey> CALDERA:CSSA-2002-036.0 | (note: CVE-2002-1234 was accidentally assigned to that Caldera | advisory, but this is the correct CAN to use) | View |
| 5612 | CVE-2002-1228 | Candidate | Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon. | Modified (20050510) | ACCEPT(3) Baker, Cole, Green | NOOP(2) Christey, Cox | REVIEWING(1) Wall | Christey> BID:5986 | URL:http://www.securityfocus.com/bid/5986 | CERT-VN:VU#855635 | URL:http://www.kb.cert.org/vuls/id/855635 | View |
Page 20418 of 20943, showing 5 records out of 104715 total, starting on record 102086, ending on 102090
