Bugtraq: Re: Multiple Remote Issues in Applied Watch IDS Suite (advisory attached)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Multiple Remote Issues in Applied Watch IDS Suite (advisory attached)

From: "Steven M. Christey" <coley () mitre org>
Date: Mon, 1 Dec 2003 15:13:58 -0500 (EST)


bugtraq () bugtraq org said:

CVE Candidate: CAN-2003-0970 - Authentication Bypass to Add IDS Rules
              CAN-2003-0971 - Authentication Bypass to Add Users


These numbers are incorrect.

 CAN-2003-0960 - Logical error in Applied Watch Console allowing user-adds
 CAN-2003-0961 - Logical error in Applied Watch Nodes allowing rule-adds


These numbers are different from the first two.  They are also
incorrect.

The proper CVE candidate number for the Applied Watch issue is
CAN-2003-0974, which can be confirmed at:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0974

(If you are curious as to why a single identifier was used, see
http://cve.mitre.org/cve/contentdecisions.html for some background
information on CVE content decisions.)


The IDs as referenced in the original advisory are actually related to
the following issues:

  CAN-2003-0960 - OpenCA certificate chain error
  CAN-2003-0961 - Linux kernel do_brk() "bounds checking" flaw
  CAN-2003-0970 - Sun Fire ARP packet DoS
  CAN-2003-0971 - GnuPG ElGamal breakable sign+encrypt keys


These other IDs can also be confirmed on the CVE web site.



Steve Christey
CVE Editor

By Date By Thread

Current thread:

Re: Multiple Remote Issues in Applied Watch IDS Suite (advisory attached) Steven M. Christey (Dec 01)