NOT-FOR-US

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4052 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 29 insertions, 29 deletions

diff --git a/data/CVE/1999.list b/data/CVE/1999.list
index 6f3bd2727c..bfe67e0d48 100644
--- a/data/CVE/1999.list
+++ b/data/CVE/1999.list
@@ -44,7 +44,7 @@ CVE-1999-1550 (bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attacke
 CVE-1999-1542 (RPMMail before 1.4 allows remote attackers to execute commands via an ...)
 	TODO: check
 CVE-1999-1537 (IIS 3.x and 4.x does not distinguish between pages requiring ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-1535 (Buffer overflow in AspUpload.dll in Persits Software AspUpload before ...)
 	TODO: check
 CVE-1999-1531 (Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a ...)
@@ -104,7 +104,7 @@ CVE-1999-1407 (ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allow
 CVE-1999-1402 (The access permissions for a UNIX domain socket are ignored in Solaris ...)
 	TODO: check
 CVE-1999-1397 (Index Server 2.0 on IIS 4.0 stores physical path information in the ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-1386 (Perl 5.004_04 and earlier follows symbolic links when running with the ...)
 	TODO: check
 CVE-1999-1385 (Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local ...)
@@ -209,11 +209,11 @@ CVE-1999-1246 (Direct Mailer feature in Microsoft Site Server 3.0 saves user dom
 CVE-1999-1243 (SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local ...)
 	TODO: check
 CVE-1999-1233 (IIS 4.0 does not properly restrict access for the initial session ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-1226 (Netscape Communicator 4.7 and earlier allows remote attackers to cause ...)
 	TODO: check
 CVE-1999-1223 (IIS 3.0 allows remote attackers to cause a denial of service via a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-1222 (Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to ...)
 	TODO: check
 CVE-1999-1217 (The PATH in Windows NT includes the current working directory (.), ...)
@@ -275,7 +275,7 @@ CVE-1999-1157 (Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to
 CVE-1999-1156 (BisonWare FTP Server 4.1 and earlier allows remote attackers to cause ...)
 	TODO: check
 CVE-1999-1148 (FTP service in IIS 4.0 and earlier allows remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-1147 (Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows ...)
 	TODO: check
 CVE-1999-1146 (Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x ...)
@@ -371,7 +371,7 @@ CVE-1999-1044 (Vulnerability in Advanced File System Utility (advfs) in Digital
 CVE-1999-1037 (rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary ...)
 	TODO: check
 CVE-1999-1035 (IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-1034 (Vulnerability in login in AT&T System V Release 4 allows local users ...)
 	TODO: check
 CVE-1999-1032 (Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 ...)
@@ -610,7 +610,7 @@ CVE-1999-0876 (Buffer overflow in Internet Explorer 4.0 via EMBED tag. ...)
 CVE-1999-0875 (DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow ...)
 	TODO: check
 CVE-1999-0874 (Buffer overflow in IIS 4.0 allows remote attackers to cause a denial ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0873 (Buffer overflow in Skyfull mail server via MAIL FROM command. ...)
 	TODO: check
 CVE-1999-0871 (Internet Explorer 4.0 and 4.01 allow a remote attacker to read files ...)
@@ -622,7 +622,7 @@ CVE-1999-0869 (Internet Explorer 3.x to 4.01 allows a remote attacker to insert
 CVE-1999-0868 (ucbmail allows remote attackers to execute commands via shell ...)
 	TODO: check
 CVE-1999-0867 (Denial of service in IIS 4.0 via a flood of HTTP requests with ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0866 (Buffer overflow in UnixWare xauto program allows local users to gain ...)
 	TODO: check
 CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP ...)
@@ -630,7 +630,7 @@ CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP .
 CVE-1999-0864 (UnixWare programs that dump core allow a local user to ...)
 	TODO: check
 CVE-1999-0861 (Race condition in the SSL ISAPI filter in IIS and other servers may ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0859 (Solaris arp allows local users to read files via the -f parameter, ...)
 	TODO: check
 CVE-1999-0858 (Internet Explorer 5 allows a remote attacker to modify the IE client's ...)
@@ -746,7 +746,7 @@ CVE-1999-0779 (Denial of service in HP-UX SharedX recserv program. ...)
 CVE-1999-0778 (Buffer overflow in Xi Graphics Accelerated-X server allows local ...)
 	TODO: check
 CVE-1999-0777 (IIS FTP servers may allow a remote attacker to read or delete files on ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0775 (Cisco Gigabit Switch routers running IOS allow remote attackers to ...)
 	NOT-FOR-US: Cisco
 CVE-1999-0774 (Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via ...)
@@ -830,7 +830,7 @@ CVE-1999-0727 (A kernel leak in the OpenBSD kernel allows IPsec packets to be se
 CVE-1999-0726 (An attacker can conduct a denial of service in Windows NT by executing ...)
 	TODO: check
 CVE-1999-0725 (When IIS is run with a default language of Chinese, Korean, or ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0724 (Buffer overflow in OpenBSD procfs and fdescfs file systems via ...)
 	TODO: check
 CVE-1999-0723 (The Windows NT Client Server Runtime Subsystem (CSRSS) can be ...)
@@ -999,9 +999,9 @@ CVE-1999-0458 (L0phtcrack 2.5 used temporary files in the system TEMP directory
 CVE-1999-0457 (Linux ftpwatch program allows local users to gain root privileges. ...)
 	TODO: check
 CVE-1999-0449 (Denial of service in IIS 4 with scripts from the ExAir sample site. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0448 (IIS 4.0 and Apache log HTTP request methods, regardless of how long ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0447 (Local users can gain privileges using the debug utility in the MPE/iX ...)
 	TODO: check
 CVE-1999-0446 (Local users can perform a denial of service in NetBSD 1.3.3 and ...)
@@ -1055,7 +1055,7 @@ CVE-1999-0414 (In Linux before version 2.0.36, remote attackers can spoof a TCP
 CVE-1999-0413 (A buffer overflow in the SGI X server allows local users to gain root ...)
 	TODO: check
 CVE-1999-0412 (In IIS and other web servers, an attacker can attack commands as ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0410 (The cancel command in Solaris 2.6 (i386) has a buffer overflow that ...)
 	TODO: check
 CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local users to ...)
@@ -1063,7 +1063,7 @@ CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local user
 CVE-1999-0408 (Files created from interactive shell sessions in Cobalt RaQ ...)
 	TODO: check
 CVE-1999-0407 (By default, IIS 4.0 has a virtual directory /IISADMPWD which contains ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0405 (A buffer overflow in lsof allows local users to obtain root ...)
 	TODO: check
 CVE-1999-0404 (Buffer overflow in the Mail-Max SMTP server for Windows systems allows ...)
@@ -1145,9 +1145,9 @@ CVE-1999-0351 (FTP PASV "Pizza Thief" denial of service and unauthoriz
 CVE-1999-0350 (Race condition in the db_loader program in ClearCase gives local ...)
 	TODO: check
 CVE-1999-0349 (A buffer overflow in the FTP list (ls) command in IIS allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0348 (IIS ASP caching problem releases sensitive information when two ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0346 (CGI PHP mlog script allows an attacker to read any file on the target ...)
 	TODO: check
 CVE-1999-0344 (NT users can gain debug-level access on a system process using the ...)
@@ -1247,13 +1247,13 @@ CVE-1999-0289 (The Apache web server for Win32 may provide access to restricted
 CVE-1999-0288 (Denial of service in WINS with malformed data to port 137 (NETBIOS ...)
 	TODO: check
 CVE-1999-0281 (Denial of service in IIS using long URLs. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0280 (Remote command execution in Microsoft Internet Explorer using .lnk and ...)
 	NOT-FOR-US: Microsoft
 CVE-1999-0279 (Excite for Web Servers (EWS) allows remote command execution via ...)
 	TODO: check
 CVE-1999-0278 (In IIS, remote attackers can obtain source code for ASP files by appending ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0277 (The WorkMan program can be used to overwrite any file to get root access. ...)
 	TODO: check
 CVE-1999-0276 (mSQL v2.0.1 and below allows remote execution through a buffer overflow. ...)
@@ -1311,7 +1311,7 @@ CVE-1999-0236 (ScriptAlias directory in NCSA and Apache httpd allowed attackers
 CVE-1999-0234 (Bash treats any character with a value of 255 as a command separator. ...)
 	TODO: check
 CVE-1999-0233 (IIS allows users to execute arbitrary commands using .bat or .cmd ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0230 (Buffer overflow in Cisco 7xx routers through the telnet service. ...)
 	NOT-FOR-US: Cisco
 CVE-1999-0228 (Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. ...)
@@ -1365,7 +1365,7 @@ CVE-1999-0194 (Denial of service in in.comsat allows attackers to generate messa
 CVE-1999-0192 (Buffer overflow in telnet daemon tgetent routing allows remote ...)
 	TODO: check
 CVE-1999-0191 (IIS newdsn.exe CGI script allows remote users to overwrite files. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0190 (Solaris rpcbind can be exploited to overwrite arbitrary files and gain ...)
 	TODO: check
 CVE-1999-0189 (Solaris rpcbind listens on a high numbered UDP port, which may not be ...)
@@ -1738,7 +1738,7 @@ CVE-1999-1540 (shell-lock in Cactus Software Shell Lock uses weak encryption (tr
 CVE-1999-1539 (Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions ...)
 	TODO: check
 CVE-1999-1538 (When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-1536 (.sbstart startup script in AcuShop Salesbuilder is world writable, ...)
 	TODO: check
 CVE-1999-1534 (Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia ...)
@@ -1872,7 +1872,7 @@ CVE-1999-1454 (Macromedia "The Matrix" screen saver on Windows 95 with
 CVE-1999-1453 (Internet Explorer 4 allows remote attackers (malicious web site ...)
 	NOT-FOR-US: Microsoft
 CVE-1999-1451 (The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-1450 (Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX ...)
 	TODO: check
 CVE-1999-1449 (SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial ...)
@@ -1988,7 +1988,7 @@ CVE-1999-1378 (dbmlparser.exe CGI guestbook program does not perform a chroot ..
 CVE-1999-1377 (Matt Wright's download.cgi 1.0 allows remote attackers to read ...)
 	TODO: check
 CVE-1999-1376 (Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-1375 (FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) ...)
 	TODO: check
 CVE-1999-1374 (perlshop.cgi shopping cart program stores sensitive customer ...)
@@ -2572,13 +2572,13 @@ CVE-1999-0748 (Buffer overflows in Red Hat net-tools package. ...)
 CVE-1999-0741 (QMS CrownNet Unix Utilities for 2060 allows root to log on without a ...)
 	TODO: check
 CVE-1999-0739 (The codebrws.asp sample file in IIS and Site Server allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0738 (The code.asp sample file in IIS and Site Server allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0737 (The viewcode.asp sample file in IIS and Site Server allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0736 (The showcode.asp sample file in IIS and Site Server allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0712 (A vulnerability in Caldera Open Administration System (COAS) allows ...)
 	TODO: check
 CVE-1999-0698 (Denial of service in IP protocol logger (ippl) on Red Hat and Debian ...)
@@ -2784,7 +2784,7 @@ CVE-1999-0564 (An attacker can force a printer to print arbitrary documents (e.g
 CVE-1999-0562 (The registry in Windows NT can be accessed remotely by users who are ...)
 	TODO: check
 CVE-1999-0561 (IIS has the #exec function enabled for Server Side Include (SSI) files. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0560 (A system-critical Windows NT file or directory has inappropriate ...)
 	TODO: check
 CVE-1999-0559 (A system-critical Unix file or directory has inappropriate ...)