NOT-FOR-US

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4052 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 24 insertions, 24 deletions

diff --git a/data/CVE/2000.list b/data/CVE/2000.list
index 21649b53d6..8da916da2e 100644
--- a/data/CVE/2000.list
+++ b/data/CVE/2000.list
@@ -323,7 +323,7 @@ CVE-2000-0973 (Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlie
 CVE-2000-0972 (HP-UX 11.00 crontab allows local users to read arbitrary files via the ...)
 	TODO: check
 CVE-2000-0970 (IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0969 (Format string vulnerability in Half Life dedicated server build 3104 ...)
 	TODO: check
 CVE-2000-0968 (Buffer overflow in Half Life dedicated server before build 3104 allows ...)
@@ -355,7 +355,7 @@ CVE-2000-0953 (Shambala Server 4.5 allows remote attackers to cause a denial of
 CVE-2000-0952 (global.cgi CGI program in Global 3.55 and earlier on NetBSD allows ...)
 	TODO: check
 CVE-2000-0951 (A misconfiguration in IIS 5.0 with Index Server enabled and the Index ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0949 (Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier ...)
 	TODO: check
 CVE-2000-0948 (GnoRPM before 0.95 allows local users to modify arbitrary files via a ...)
@@ -453,9 +453,9 @@ CVE-2000-0888 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cau
 CVE-2000-0887 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a ...)
 	TODO: check
 CVE-2000-0886 (IIS 5.0 allows remote attackers to execute arbitrary commands via a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0884 (IIS 4.0 and 5.0 allows remote attackers to read documents outside of ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0883 (The default configuration of mod_perl for Apache as installed on ...)
 	TODO: check
 CVE-2000-0878 (The mailto CGI script allows remote attacker to execute arbitrary ...)
@@ -587,7 +587,7 @@ CVE-2000-0780 (The web server in IPSWITCH IMail 6.04 and earlier allows remote .
 CVE-2000-0779 (Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote ...)
 	TODO: check
 CVE-2000-0778 (IIS 5.0 allows remote attackers to obtain source code for .ASP files ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0777 (The password protection feature of Microsoft Money can store the ...)
 	NOT-FOR-US: Microsoft
 CVE-2000-0776 (Mediahouse Statistics Server 5.02x allows remote attackers to execute ...)
@@ -597,7 +597,7 @@ CVE-2000-0773 (Bajie HTTP web server 0.30a allows remote attackers to read arbit
 CVE-2000-0771 (Microsoft Windows 2000 allows local users to cause a denial of service ...)
 	NOT-FOR-US: Microsoft
 CVE-2000-0770 (IIS 4.0 and 5.0 does not properly restrict access to certain types of ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0768 (A function in Internet Explorer 4.x and 5.x does not properly verify ...)
 	NOT-FOR-US: Microsoft
 CVE-2000-0767 (The ActiveX control for invoking a scriptlet in Internet Explorer 4.x ...)
@@ -783,9 +783,9 @@ CVE-2000-0633 (Vulnerability in Mandrake Linux usermode package allows local use
 CVE-2000-0632 (Buffer overflow in the web archive component of L-Soft Listserv 1.8d ...)
 	TODO: check
 CVE-2000-0631 (An administrative script from IIS 3.0, later included in IIS 4.0 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0630 (IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0628 (The source.asp example script in the Apache ASP module Apache::ASP ...)
 	TODO: check
 CVE-2000-0627 (BlackBoard CourseInfo 4.0 does not properly authenticate users, which ...)
@@ -1039,7 +1039,7 @@ CVE-2000-0459 (IMP does not remove files properly if the MSWordView application
 CVE-2000-0458 (The MSWordView application in IMP creates world-readable files in the ...)
 	TODO: check
 CVE-2000-0457 (ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0456 (NetBSD 1.4.2 and earlier allows local users to cause a denial of ...)
 	TODO: check
 CVE-2000-0455 (Buffer overflow in xlockmore xlock program version 4.16 and earlier ...)
@@ -1113,7 +1113,7 @@ CVE-2000-0410 (ColdFusion Server 4.5.1 allows remote attackers to cause a denial
 CVE-2000-0409 (Netscape 4.73 and earlier follows symlinks when it imports a new ...)
 	TODO: check
 CVE-2000-0408 (IIS 4.05 and 5.0 allow remote attackers to cause a denial of service ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0407 (Buffer overflow in Solaris netpr program allows local users to execute ...)
 	TODO: check
 CVE-2000-0406 (Netscape Communicator before version 4.73 and Navigator 4.07 do not ...)
@@ -1343,7 +1343,7 @@ CVE-2000-0261 (The AVM KEN! web server allows remote attackers to read arbitrary
 CVE-2000-0260 (Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 ...)
 	NOT-FOR-US: Microsoft
 CVE-2000-0258 (IIS 4.0 and 5.0 allows remote attackers to cause a denial of service ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0257 (Buffer overflow in the NetWare remote web administration utility ...)
 	TODO: check
 CVE-2000-0255 (The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a ...)
@@ -1361,7 +1361,7 @@ CVE-2000-0249 (The AIX Fast Response Cache Accelerator (FRCA) allows local users
 CVE-2000-0247 (Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain ...)
 	TODO: check
 CVE-2000-0246 (IIS 4.0 and 5.0 does not properly perform ISAPI extension processing ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0245 (Vulnerability in SGI IRIX objectserver daemon allows remote attackers ...)
 	TODO: check
 CVE-2000-0243 (AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to ...)
@@ -1391,7 +1391,7 @@ CVE-2000-0229 (gpm-root in the gpm package does not properly drop privileges, wh
 CVE-2000-0228 (Microsoft Windows Media License Manager allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
 CVE-2000-0226 (IIS 4.0 allows attackers to cause a denial of service by requesting a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0225 (The Pocsag POC32 program does not properly prevent remote users from ...)
 	TODO: check
 CVE-2000-0224 (ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root ...)
@@ -1631,9 +1631,9 @@ CVE-2000-0027 (IBM Network Station Manager NetStation allows local users to gain
 CVE-2000-0026 (Buffer overflow in UnixWare i2odialogd daemon allows remote attackers ...)
 	TODO: check
 CVE-2000-0025 (IIS 4.0 and Site Server 3.0 allow remote attackers to read source code ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0024 (IIS does not properly canonicalize URLs, potentially allowing remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0023 (Buffer overflow in Lotus Domino HTTP server allows remote attackers to ...)
 	TODO: check
 CVE-2000-0022 (Lotus Domino HTTP server does not properly disable anonymous access ...)
@@ -1745,7 +1745,7 @@ CVE-2000-1151 (Baxter IRC client in BeOS r5 pro and earlier allows remote attack
 CVE-2000-1150 (Felix IRC client in BeOS r5 pro and earlier allows remote attackers to ...)
 	TODO: check
 CVE-2000-1147 (Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-1138 (Lotus Notes R5 client R5.0.5 and earlier does not properly warn users ...)
 	TODO: check
 CVE-2000-1134 (Multiple shell programs on various Unix systems, including (1) tcsh, ...)
@@ -1777,7 +1777,7 @@ CVE-2000-1110 (document.d2w CGI program in the IBM Net.Data db2www package allow
 CVE-2000-1105 (The ixsso.query ActiveX Object is marked as safe for scripting, which ...)
 	TODO: check
 CVE-2000-1104 (Variant of the "IIS Cross-Site Scripting" vulnerability as originally ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-1103 (rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before ...)
 	TODO: check
 CVE-2000-1102 (PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to ...)
@@ -2011,7 +2011,7 @@ CVE-2000-0752 (Buffer overflows in brouted in FreeBSD and possibly other OSes al
 CVE-2000-0748 (OpenLDAP 1.2.11 and earlier improperly installs the ud binary with ...)
 	TODO: check
 CVE-2000-0746 (Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0736 (Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier ...)
 	TODO: check
 CVE-2000-0735 (Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier ...)
@@ -2077,7 +2077,7 @@ CVE-2000-0656 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows r
 CVE-2000-0653 (Microsoft Outlook Express allows remote attackers to monitor a user's ...)
 	NOT-FOR-US: Microsoft
 CVE-2000-0649 (IIS 4.0 allows remote attackers to obtain the internal IP address of ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0648 (WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of ...)
 	TODO: check
 CVE-2000-0647 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...)
@@ -2195,7 +2195,7 @@ CVE-2000-0420 (The default configuration of SYSKEY in Windows 2000 stores the st
 CVE-2000-0415 (Buffer overflow in Outlook Express 4.x allows attackers to cause a ...)
 	TODO: check
 CVE-2000-0413 (The shtml.exe program in the FrontPage extensions package of IIS 4.0 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0412 (The gnapster and knapster clients for Napster do not properly restrict ...)
 	TODO: check
 CVE-2000-0401 (Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping ...)
@@ -2319,7 +2319,7 @@ CVE-2000-0176 (The default configuration of Serv-U 2.5d and earlier allows remot
 CVE-2000-0173 (Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote ...)
 	TODO: check
 CVE-2000-0167 (IIS Inetinfo.exe allows local users to cause a denial of service by ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0163 (asmon and ascpu in FreeBSD allow local users to gain root privileges ...)
 	TODO: check
 CVE-2000-0160 (The Microsoft Active Setup ActiveX component in Internet Explorer 4.x ...)
@@ -2357,7 +2357,7 @@ CVE-2000-0132 (Microsoft Java Virtual Machine allows remote attackers to read ..
 CVE-2000-0129 (Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP ...)
 	TODO: check
 CVE-2000-0126 (Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0125 (wwwthreads does not properly cleanse numeric data or table names that ...)
 	TODO: check
 CVE-2000-0124 (surfCONTROL SuperScout does not properly asign a category to web sites ...)
@@ -2371,7 +2371,7 @@ CVE-2000-0119 (The default configurations for McAfee Virus Scan and Norton Anti-
 CVE-2000-0118 (The Red Hat Linux su program does not log failed password guesses if ...)
 	TODO: check
 CVE-2000-0115 (IIS allows local users to cause a denial of service via invalid ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0114 (Frontpage Server Extensions allows remote attackers to determine the ...)
 	TODO: check
 CVE-2000-0110 (The WebSiteTool shopping cart application allows remote users to ...)
@@ -2415,7 +2415,7 @@ CVE-2000-0077 (The October 1998 version of the HP-UX aserver program allows loca
 CVE-2000-0074 (PowerScripts PlusMail CGI program allows remote attackers to execute ...)
 	TODO: check
 CVE-2000-0071 (IIS 4.0 allows a remote attacker to obtain the real pathname of the ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2000-0069 (The recover program in Solstice Backup allows local users to restore ...)
 	TODO: check
 CVE-2000-0068 (daynad program in Intel InBusiness E-mail Station does not require ...)