[32631] in bugtraq
Re: Multiple Remote Issues in Applied Watch IDS Suite (advisory attached)
daemon@ATHENA.MIT.EDU (Steven M. Christey)
Mon Dec 1 16:09:30 2003
Date: Mon, 1 Dec 2003 15:13:58 -0500 (EST)
Message-Id: <200312012013.hB1KDwqA025094@linus.mitre.org>
From: "Steven M. Christey" <coley@mitre.org>
To: bugtraq@securityfocus.com, vuln-dev@securityfocus.com,
submissions@packetstormsecurity.org, vulnwatch@vulnwatch.org,
vulndiscuss@vulnwatch.org
bugtraq@bugtraq.org said:
>CVE Candidate: CAN-2003-0970 - Authentication Bypass to Add IDS Rules
> CAN-2003-0971 - Authentication Bypass to Add Users
These numbers are incorrect.
> CAN-2003-0960 - Logical error in Applied Watch Console allowing user-adds
> CAN-2003-0961 - Logical error in Applied Watch Nodes allowing rule-adds
These numbers are different from the first two. They are also
incorrect.
The proper CVE candidate number for the Applied Watch issue is
CAN-2003-0974, which can be confirmed at:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0974
(If you are curious as to why a single identifier was used, see
http://cve.mitre.org/cve/contentdecisions.html for some background
information on CVE content decisions.)
The IDs as referenced in the original advisory are actually related to
the following issues:
CAN-2003-0960 - OpenCA certificate chain error
CAN-2003-0961 - Linux kernel do_brk() "bounds checking" flaw
CAN-2003-0970 - Sun Fire ARP packet DoS
CAN-2003-0971 - GnuPG ElGamal breakable sign+encrypt keys
These other IDs can also be confirmed on the CVE web site.
Steve Christey
CVE Editor
