NOT-FOR-US

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4043 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 44 insertions, 44 deletions

diff --git a/data/CVE/1999.list b/data/CVE/1999.list
index 57ee4e7646..1291738da9 100644
--- a/data/CVE/1999.list
+++ b/data/CVE/1999.list
@@ -2900,7 +2900,7 @@ CVE-1999-0477 (The Expression Evaluator in the ColdFusion Application Server all
 CVE-1999-0476 (A weak encryption algorithm is used for passwords in SCO TermVision, ...)
 	TODO: check
 CVE-1999-0469 (Internet Explorer 5.0 allows window spoofing, allowing a remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0467 (The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a ...)
 	TODO: check
 CVE-1999-0465 (Remote attackers can crash Lynx and Internet Explorer using an IMG tag ...)
@@ -2918,41 +2918,41 @@ CVE-1999-0455 (The Expression Evaluator sample application in ColdFusion allows
 CVE-1999-0454 (A remote attacker can sometimes identify the operating system of a ...)
 	TODO: check
 CVE-1999-0453 (An attacker can identify a CISCO device by sending a SYN packet to ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-1999-0452 (A service or application has a backdoor password that was placed there ...)
 	TODO: check
 CVE-1999-0451 (Denial of service in Linux 2.0.36 allows local users to prevent ...)
 	TODO: check
 CVE-1999-0450 (In IIS, an attacker could determine a real path using a request for a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0444 (Remote attackers can perform a denial of service in Windows machines ...)
 	TODO: check
 CVE-1999-0443 (Patrol management software allows a remote attacker to conduct a ...)
 	TODO: check
 CVE-1999-0435 (MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: HP-UX
 CVE-1999-0434 (XFree86 xfs command is vulnerable to a symlink attack, allowing ...)
 	TODO: check
 CVE-1999-0431 (Linux 2.2.3 and earlier allow a remote attacker to perform an IP ...)
 	TODO: check
 CVE-1999-0427 (Eudora 4.1 allows remote attackers to perform a denial of service by ...)
-	TODO: check
+	NOT-FOR-US: Eudora
 CVE-1999-0426 (The default permissions of /dev/kmem in Linux versions before 2.0.36 ...)
 	TODO: check
 CVE-1999-0419 (When the Microsoft SMTP service attempts to send a message to a server ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0418 (Denial of service in SMTP applications such as Sendmail, when a ...)
 	TODO: check
 CVE-1999-0411 (Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, ...)
-	TODO: check
+	NOT-FOR-US: SCO
 CVE-1999-0406 (Digital Unix Networker program nsralist has a buffer overflow which ...)
-	TODO: check
+	NOT-FOR-US: DEC UNIX
 CVE-1999-0401 (A race condition in Linux 2.2.1 allows local users to read arbitrary ...)
 	TODO: check
 CVE-1999-0400 (Denial of service in Linux 2.2.0 running the ldd command on a core ...)
 	TODO: check
 CVE-1999-0399 (The DCC server command in the Mirc 5.5 client doesn't filter ...)
-	TODO: check
+	NOT-FOR-US: Mirc
 CVE-1999-0398 (In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will ...)
 	TODO: check
 CVE-1999-0397 (The demo version of the Quakenbush NT Password Appraiser sends ...)
@@ -2964,31 +2964,31 @@ CVE-1999-0389 (Buffer overflow in the bootp server in the Debian Linux netstd ..
 CVE-1999-0381 (super 3.11.6 and other versions have a buffer overflow in the syslog ...)
 	TODO: check
 CVE-1999-0370 (In Sun Solaris and SunOS, man and catman contain vulnerabilities ...)
-	TODO: check
+	NOT-FOR-US: Sun
 CVE-1999-0364 (Microsoft Access 97 stores a database password as plaintext in a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-1999-0361 (NetWare version of LaserFiche stores usernames and passwords ...)
-	TODO: check
+	NOT-FOR-US: NetWare
 CVE-1999-0360 (MS Site Server 2.0 with IIS 4 can allow users to upload content, ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0359 (ptylogin in Unix systems allows users to perform a denial of service ...)
 	TODO: check
 CVE-1999-0356 (ControlIT v4.5 and earlier uses weak encryption to store ...)
 	TODO: check
 CVE-1999-0354 (Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0352 (ControlIT 4.5 and earlier (aka Remotely Possible) has weak password ...)
 	TODO: check
 CVE-1999-0347 (Internet Explorer 4.01 allows remote attackers to read local files and ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0345 (Jolt ICMP attack causes a denial of service in Windows 95 and Windows ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0336 (Buffer overflow in mstm in HP-UX allows local users to gain root ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-1999-0333 (HP OpenView Omniback allows remote execution of commands as root via ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-1999-0331 (Buffer overflow in Internet Explorer 4.0(1). ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0330 (Linux bdash game has a buffer overflow that allows local users to ...)
 	TODO: check
 CVE-1999-0319 (Buffer overflow in xmcd 2.1 allows local users to gain access ...)
@@ -2996,19 +2996,19 @@ CVE-1999-0319 (Buffer overflow in xmcd 2.1 allows local users to gain access ...
 CVE-1999-0317 (Buffer overflow in Linux su command gives root access to local ...)
 	TODO: check
 CVE-1999-0307 (Buffer overflow in HP-UX cstm program allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-1999-0306 (buffer overflow in HP xlock program. ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-1999-0298 (ypbind with -ypset and -ypsetme options activated in Linux Slackware ...)
 	TODO: check
 CVE-1999-0287 (Vulnerability in the Wguest CGI program. ...)
 	TODO: check
 CVE-1999-0286 (In some NT web servers, appending a space at the end of a URL may ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0285 (Denial of service in telnet from the Windows NT Resource Kit, by ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0284 (Denial of service to NT mail servers including Ipswitch, Mdaemon, and ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0283 (The Java Web Server would allow remote users to obtain the source ...)
 	TODO: check
 CVE-1999-0282
@@ -3024,15 +3024,15 @@ CVE-1999-0257 (Nestea variation of teardrop IP fragmentation denial of service.
 CVE-1999-0255 (Buffer overflow in ircd allows arbitrary command execution. ...)
 	TODO: check
 CVE-1999-0254 (A hidden SNMP community string in HP OpenView allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-1999-0253 (IIS 3.0 with the iis-fix hotfix installed allows remote intruders to ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0250 (Denial of service in Qmail through long SMTP commands. ...)
 	TODO: check
 CVE-1999-0249 (Windows NT RSHSVC program allows remote users to execute arbitrary ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0246 (HP Remote Watch allows a remote user to gain root access. ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-1999-0243 (Linux cfingerd could be exploited to gain root access. ...)
 	TODO: check
 CVE-1999-0242 (Remote attackers can access mail files via POP3 in some Linux systems ...)
@@ -3050,21 +3050,21 @@ CVE-1999-0232 (Buffer overflow in NCSA WebServer (version 1.5c) gives remote acc
 CVE-1999-0231 (Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 ...)
 	TODO: check
 CVE-1999-0229 (Denial of service in Windows NT IIS server using ..\.. ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0226 (Windows NT TCP/IP processes fragmented IP packets improperly, causing ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0222 (Denial of service in Cisco IOS web server allows attackers to reboot ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-1999-0220 (Attackers can do a denial of service of IRC by crashing the server. ...)
 	TODO: check
 CVE-1999-0216 (Denial of service of inetd on Linux through SYN and RST packets. ...)
 	TODO: check
 CVE-1999-0213 (libnsl in Solaris allowed an attacker to perform a denial of service ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-1999-0205 (Denial of service in Sendmail 8.6.11 and 8.6.12. ...)
 	TODO: check
 CVE-1999-0200 (Windows NT FTP server (WFTP) with the guest account enabled without a ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0198 (finger .@host on some systems may print information on some user accounts. ...)
 	TODO: check
 CVE-1999-0197 (finger 0@host on some systems may print information on some user accounts. ...)
@@ -3072,11 +3072,11 @@ CVE-1999-0197 (finger 0@host on some systems may print information on some user
 CVE-1999-0195 (Denial of service in RPC portmapper allows attackers to register or ...)
 	TODO: check
 CVE-1999-0193 (Denial of service in Ascend and 3com routers, which can be rebooted by ...)
-	TODO: check
+	NOT-FOR-US: Ascend/3com
 CVE-1999-0187
 	REJECTED
 CVE-1999-0186 (In Solaris, an SNMP subagent has a default community string that allows remote ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-1999-0171 (Denial of service in syslog by sending it a large number of ...)
 	TODO: check
 CVE-1999-0169 (NFS allows attackers to read and write any file on the system by ...)
@@ -3088,19 +3088,19 @@ CVE-1999-0163 (In older versions of Sendmail, an attacker could use a pipe chara
 CVE-1999-0156 (wu-ftpd FTP daemon allows any user and password combination. ...)
 	TODO: check
 CVE-1999-0154 (IIS 2.0 and 3.0 allows remote attackers to read the source code for ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0144 (Denial of service in Qmail by specifying a large number of recipients ...)
 	TODO: check
 CVE-1999-0140 (Denial of service in RAS/PPTP on NT systems. ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0127 (swinstall and swmodify commands in SD-UX package in HP-UX systems ...)
-	TODO: check
+	NOT-FOR-US: HP-UX
 CVE-1999-0123 (Race condition in Linux mailx command allows local users to ...)
 	TODO: check
 CVE-1999-0121 (Buffer overflow in dtaction command gives root access. ...)
 	TODO: check
 CVE-1999-0119 (Windows NT 4.0 beta allows users to read and delete shares. ...)
-	TODO: check
+	NOT-FOR-US: Windows
 CVE-1999-0114 (Local users can execute commands as other users, and read other users' ...)
 	TODO: check
 CVE-1999-0110
@@ -3116,13 +3116,13 @@ CVE-1999-0104 (A later variation on the Teardrop IP denial of service attack, ..
 CVE-1999-0098 (Buffer overflow in SMTP HELO command in Sendmail allows a remote ...)
 	TODO: check
 CVE-1999-0092 (Various vulnerabilities in the AIX portmir command allows ...)
-	TODO: check
+	NOT-FOR-US: AIX
 CVE-1999-0089 (Buffer overflow in AIX libDtSvc library can allow local users ...)
-	TODO: check
+	NOT-FOR-US: AIX
 CVE-1999-0088 (IRIX and AIX automountd services (autofsd) allow remote users to ...)
-	TODO: check
+	NOT-FOR-US: AIX
 CVE-1999-0086 (AIX routed allows remote users to modify sensitive files. ...)
-	TODO: check
+	NOT-FOR-US: AIX
 CVE-1999-0078 (pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, ...)
 	TODO: check
 CVE-1999-0076 (Buffer overflow in wu-ftp from PASV command causes a core dump. ...)
@@ -3132,7 +3132,7 @@ CVE-1999-0061 (File creation and deletion, and remote execution, in the BSD ...)
 CVE-1999-0033 (Command execution in Sun systems via buffer overflow in the at ...)
 	TODO: check
 CVE-1999-0030 (root privileges via buffer overflow in xlock command on SGI IRIX ...)
-	TODO: check
+	NOT-FOR-US: SGI
 CVE-1999-0020
 	REJECTED
 CVE-1999-0015 (Teardrop IP denial of service. ...)