diff options
| author | Alec Berryman <alec@thened.net> | 2006-05-22 20:47:05 +0000 |
|---|---|---|
| committer | Alec Berryman <alec@thened.net> | 2006-05-22 20:47:05 +0000 |
| commit | 6b57371d4b01374b4326232286887e67b0c9c43e (patch) | |
| tree | 311dc39523930f8cac9ee1113870e4284f51715f /data/CVE/2000.list | |
| parent | fa5e8a9066a5f8d2e81fde0ce0c460a028170680 (diff) | |
NOT-FOR-US
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4049 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/CVE/2000.list')
| -rw-r--r-- | data/CVE/2000.list | 200 |
1 files changed, 100 insertions, 100 deletions
diff --git a/data/CVE/2000.list b/data/CVE/2000.list index 688a45bd22..8e5e4a2d67 100644 --- a/data/CVE/2000.list +++ b/data/CVE/2000.list @@ -59,7 +59,7 @@ CVE-2000-1210 (Directory traversal vulnerability in source.jsp of Apache Tomcat CVE-2000-1203 (Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to ...) TODO: check CVE-2000-1200 (Windows NT allows remote attackers to list all users in a domain by ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1196 (PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows ...) TODO: check CVE-2000-1195 (telnet daemon (telnetd) from the Linux netkit package before ...) @@ -105,7 +105,7 @@ CVE-2000-1163 (ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmenta CVE-2000-1162 (ghostscript before 5.10-16 allows local users to overwrite files of ...) TODO: check CVE-2000-1149 (Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1148 (The installation of VolanoChatPro chat server sets world-readable ...) TODO: check CVE-2000-1146 (Recourse ManTrap 1.6 allows attackers to cause a denial of service via ...) @@ -123,7 +123,7 @@ CVE-2000-1141 (Recourse ManTrap 1.6 modifies the kernel so that ".." d CVE-2000-1140 (Recourse ManTrap 1.6 does not properly hide processes from attackers, ...) TODO: check CVE-2000-1139 (The installation of Microsoft Exchange 2000 before Rev. A creates a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1137 (GNU ed before 0.2-18.1 allows local users to overwrite the files of ...) TODO: check CVE-2000-1136 (elvis-tiny before 1.4-10 in Debian Linux, and possibly other Linux ...) @@ -149,11 +149,11 @@ CVE-2000-1119 (Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier a CVE-2000-1115 (Buffer overflow in remote web administration component (webprox.dll) ...) TODO: check CVE-2000-1113 (Buffer overflow in Microsoft Windows Media Player allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1112 (Microsoft Windows Media Player 7 executes scripts in custom skin ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1111 (Telnet Service for Windows 2000 Professional does not properly ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1109 (Midnight Commander (mc) 4.5.51 and earlier does not properly process ...) TODO: check CVE-2000-1108 (cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not ...) @@ -175,7 +175,7 @@ CVE-2000-1095 (modprobe in the modutils 2.3.x package on Linux systems allows a CVE-2000-1094 (Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows ...) TODO: check CVE-2000-1089 (Buffer overflow in Microsoft Phone Book Service allows local users to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1080 (Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers ...) TODO: check CVE-2000-1077 (Buffer overflow in the SHTML logging functionality of iPlanet Web ...) @@ -197,7 +197,7 @@ CVE-2000-1069 (pollit.cgi in Poll It 2.01 and earlier allows remote attackers to CVE-2000-1068 (pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary ...) TODO: check CVE-2000-1061 (Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1060 (The default configuration of XFCE 3.5.1 bypasses the Xauthority access ...) TODO: check CVE-2000-1059 (The default configuration of the Xsession file in Mandrake Linux 7.1 ...) @@ -237,7 +237,7 @@ CVE-2000-1038 (The web administration interface for IBM AS/400 Firewall allows r CVE-2000-1036 (Directory traversal vulnerability in Extent RBS ISP web server allows ...) TODO: check CVE-2000-1034 (Buffer overflow in the System Monitor ActiveX control in Windows 2000 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1032 (The client authentication interface for Check Point Firewall-1 4.0 and ...) TODO: check CVE-2000-1031 (Buffer overflow in dtterm in HP-UX 11.0 allows a local user to gain ...) @@ -265,13 +265,13 @@ CVE-2000-1010 (Format string vulnerability in talkd in OpenBSD and possibly othe CVE-2000-1007 (I-gear 3.5.7 and earlier does not properly process log entries in ...) TODO: check CVE-2000-1006 (Microsoft Exchange Server 5.5 does not properly handle a MIME header ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1005 (Directory traversal vulnerability in html_web_store.cgi and ...) TODO: check CVE-2000-1004 (Format string vulnerability in OpenBSD photurisd allows local users to ...) TODO: check CVE-2000-1003 (NETBIOS client in Windows 95 and Windows 98 allows a remote attacker ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1002 (POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error ...) TODO: check CVE-2000-1001 (add_2_basket.asp in Element InstantShop allows remote attackers to ...) @@ -291,7 +291,7 @@ CVE-2000-0992 (Directory traversal vulnerability in scp in sshd 1.2.xx allows a - openssh <unfixed> (low; bug #270770) NOTE: Rediscoved as CVE-2004-0175, see there. CVE-2000-0991 (Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0990 (cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial ...) TODO: check CVE-2000-0989 (Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service ...) @@ -299,15 +299,15 @@ CVE-2000-0989 (Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP ser CVE-2000-0984 (The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to ...) TODO: check CVE-2000-0983 (Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0982 (Internet Explorer before 5.5 forwards cached user credentials for a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0981 (MySQL Database Engine uses a weak authentication method which leaks ...) TODO: check CVE-2000-0980 (NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0979 (File and Print Sharing service in Windows 95, Windows 98, and Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0978 (bbd server in Big Brother System and Network Monitor before 1.5c2 ...) TODO: check CVE-2000-0977 (mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to ...) @@ -371,7 +371,7 @@ CVE-2000-0944 (CGI Script Center News Update 1.1 does not properly validate the CVE-2000-0943 (Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers ...) TODO: check CVE-2000-0942 (The CiWebHitsFile component in Microsoft Indexing Services for Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0941 (Kootenay Web KW Whois 1.0 CGI program allows remote attackers to ...) TODO: check CVE-2000-0938 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a ...) @@ -391,7 +391,7 @@ CVE-2000-0932 (MAILsweeper for SMTP 3.x does not properly handle corrupt CDA ... CVE-2000-0930 (Pegasus Mail 3.12 allows remote attackers to read arbitrary files via ...) TODO: check CVE-2000-0929 (Microsoft Windows Media Player 7 allows attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0928 (WQuinn QuotaAdvisor 4.1 allows users to list directories and files by ...) TODO: check CVE-2000-0927 (WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they ...) @@ -495,21 +495,21 @@ CVE-2000-0860 (The file upload capability in PHP versions 3 and 4 allows remote CVE-2000-0859 (The web configuration server for NTMail V5 and V6 allows remote ...) TODO: check CVE-2000-0858 (Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0856 (Buffer overflow in SunFTP build 9(1) allows remote attackers to cause ...) TODO: check CVE-2000-0854 (When a Microsoft Office 2000 document is launched, the directory of ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0853 (YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary ...) TODO: check CVE-2000-0852 (Multiple buffer overflows in eject on FreeBSD and possibly other OSes ...) TODO: check CVE-2000-0851 (Buffer overflow in the Still Image Service in Windows 2000 allows local ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0850 (Netegrity SiteMinder before 4.11 allows remote attackers to bypass ...) TODO: check CVE-2000-0849 (Race condition in Microsoft Windows Media server allows remote attackers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0848 (Buffer overflow in IBM WebSphere web application server (WAS) allows ...) TODO: check CVE-2000-0847 (Buffer overflow in University of Washington c-client library (used by ...) @@ -525,9 +525,9 @@ CVE-2000-0838 (Fastream FUR HTTP server 1.0b allows remote attackers to cause a CVE-2000-0837 (FTP Serv-U 2.5e allows remote attackers to cause a denial of service ...) TODO: check CVE-2000-0834 (The Windows 2000 telnet client attempts to perform NTLM authentication ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0830 (annclist.exe in webTV for Windows allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0829 (The tmpwatch utility in Red Hat Linux forks a new process for each ...) TODO: check CVE-2000-0825 (Ipswitch Imail 6.0 allows remote attackers to cause a denial of ...) @@ -569,9 +569,9 @@ CVE-2000-0795 (Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users CVE-2000-0792 (Gnome Lokkit firewall package before 0.41 does not properly restrict ...) TODO: check CVE-2000-0790 (The web-based folder display capability in Microsoft Internet Explorer ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0788 (The Mail Merge tool in Microsoft Word does not prompt the user before ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0787 (IRC Xchat client versions 1.4.2 and earlier allows remote attackers to ...) TODO: check CVE-2000-0786 (GNU userv 1.0.0 and earlier does not properly perform file descriptor ...) @@ -589,23 +589,23 @@ CVE-2000-0779 (Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows r CVE-2000-0778 (IIS 5.0 allows remote attackers to obtain source code for .ASP files ...) TODO: check CVE-2000-0777 (The password protection feature of Microsoft Money can store the ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0776 (Mediahouse Statistics Server 5.02x allows remote attackers to execute ...) TODO: check CVE-2000-0773 (Bajie HTTP web server 0.30a allows remote attackers to read arbitrary ...) TODO: check CVE-2000-0771 (Microsoft Windows 2000 allows local users to cause a denial of service ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0770 (IIS 4.0 and 5.0 does not properly restrict access to certain types of ...) TODO: check CVE-2000-0768 (A function in Internet Explorer 4.x and 5.x does not properly verify ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0767 (The ActiveX control for invoking a scriptlet in Internet Explorer 4.x ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0766 (Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to ...) TODO: check CVE-2000-0765 (Buffer overflow in the HTML interpreter in Microsoft Office 2000 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0764 (Intel Express 500 series switches allow a remote attacker to cause a ...) TODO: check CVE-2000-0763 (xlockmore and xlockf do not properly cleanse user-injected format ...) @@ -619,7 +619,7 @@ CVE-2000-0758 (The web interface for Lyris List Manager 3 and 4 allows list ...) CVE-2000-0754 (Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 ...) TODO: check CVE-2000-0753 (The Microsoft Outlook mail client identifies the physical path of the ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0751 (mopd (Maintenance Operations Protocol loader daemon) does not properly ...) TODO: check CVE-2000-0750 (Buffer overflow in mopd (Maintenance Operations Protocol loader ...) @@ -635,7 +635,7 @@ CVE-2000-0744 (DEPRECATED. This entry has been deprecated. It is a duplicate o CVE-2000-0743 (Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows ...) TODO: check CVE-2000-0742 (The IPX protocol implementation in Microsoft Windows 95 and 98 allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0741 (Format string vulnerability in strong.exe program in NAI Net Tools PKI ...) TODO: check CVE-2000-0740 (Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 ...) @@ -645,7 +645,7 @@ CVE-2000-0739 (Directory traversal vulnerability in strong.exe program in NAI Ne CVE-2000-0738 (WebShield SMTP 4.5 allows remote attackers to cause a denial of ...) TODO: check CVE-2000-0737 (The Service Control Manager (SCM) in Windows 2000 creates predictable ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0733 (Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans ...) TODO: check CVE-2000-0732 (Worm HTTP server allows remote attackers to cause a denial of service ...) @@ -739,9 +739,9 @@ CVE-2000-0665 (GAMSoft TelSrv telnet server 1.5 and earlier allows remote attack CVE-2000-0664 (AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read ...) TODO: check CVE-2000-0663 (The registry entry for the Windows Shell executable (Explorer.exe) in ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0662 (Internet Explorer 5.x and Microsoft Outlook allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0661 (WircSrv IRC Server 5.07s allows remote attackers to cause a denial of ...) TODO: check CVE-2000-0660 (The WDaemon web server for WorldClient 2.1 allows remote attackers to ...) @@ -749,7 +749,7 @@ CVE-2000-0660 (The WDaemon web server for WorldClient 2.1 allows remote attacker CVE-2000-0655 (Netscape Communicator 4.73 and earlier allows remote attackers to ...) TODO: check CVE-2000-0654 (Microsoft Enterprise Manager allows local users to obtain database ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0652 (IBM WebSphere allows remote attackers to read source code for ...) TODO: check CVE-2000-0651 (The ClientTrust program in Novell BorderManager does not properly ...) @@ -771,7 +771,7 @@ CVE-2000-0639 (The default configuration of Big Brother 1.4h2 and earlier does n CVE-2000-0638 (Big Brother 1.4h1 and earlier allows remote attackers to read ...) TODO: check CVE-2000-0637 (Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0636 (HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow ...) TODO: check CVE-2000-0635 (The view_page.html sample page in the MiniVend shopping cart program ...) @@ -795,7 +795,7 @@ CVE-2000-0624 (Buffer overflow in Winamp 2.64 and earlier allows remote attacker CVE-2000-0622 (Buffer overflow in Webfind CGI program in O'Reilly WebSite ...) TODO: check CVE-2000-0621 (Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0620 (libX11 X library allows remote attackers to cause a denial of service ...) TODO: check CVE-2000-0619 (Top Layer AppSwitch 2500 allows remote attackers to cause a denial of ...) @@ -813,7 +813,7 @@ CVE-2000-0610 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote attacke CVE-2000-0604 (gkermit in Red Hat Linux is improperly installed with setgid uucp, ...) TODO: check CVE-2000-0603 (Microsoft SQL Server 7.0 allows a local user to bypass permissions for ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0602 (Secure Locate (slocate) in Red Hat Linux allows local users to gain ...) TODO: check CVE-2000-0601 (LeafChat 1.7 IRC client allows a remote IRC server to cause a denial ...) @@ -825,9 +825,9 @@ CVE-2000-0599 (Buffer overflow in iMesh 1.02 allows remote attackers to execute CVE-2000-0598 (Fortech Proxy+ allows remote attackers to bypass access restrictions ...) TODO: check CVE-2000-0597 (Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0596 (Internet Explorer 5.x does not warn a user before opening a Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0595 (libedit searches for the .editrc file in the current directory instead ...) TODO: check CVE-2000-0594 (BitchX IRC client does not properly cleanse an untrusted format ...) @@ -853,7 +853,7 @@ CVE-2000-0583 (vchkpw program in vpopmail before version 4.8 does not properly c CVE-2000-0582 (Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a ...) TODO: check CVE-2000-0581 (Windows 2000 Telnet Server allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0579 (IRIX crontab creates temporary files with predictable file names and ...) TODO: check CVE-2000-0577 (Netscape Professional Services FTP Server 1.3.6 allows remote ...) @@ -873,7 +873,7 @@ CVE-2000-0569 (Sybergen Sygate allows remote attackers to cause a denial of serv CVE-2000-0568 (Sybergen Secure Desktop 2.1 does not properly protect against false ...) TODO: check CVE-2000-0567 (Buffer overflow in Microsoft Outlook and Outlook Express allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0566 (makewhatis in Linux man package allows local users to overwrite files ...) TODO: check CVE-2000-0565 (SmartFTP Daemon 0.2 allows a local user to access arbitrary files by ...) @@ -935,9 +935,9 @@ CVE-2000-0522 (RSA ACE/Server allows remote attackers to cause a denial of servi CVE-2000-0521 (Savant web server allows remote attackers to read source code of CGI ...) TODO: check CVE-2000-0519 (Internet Explorer 4.x and 5.x does not properly re-validate an SSL ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0518 (Internet Explorer 4.x and 5.x does not properly verify all contents of ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0517 (Netscape 4.73 and earlier does not properly warn users about a ...) TODO: check CVE-2000-0516 (When configured to store configuration information in an LDAP ...) @@ -977,7 +977,7 @@ CVE-2000-0498 (Unify eWave ServletExec allows a remote attacker to view source c CVE-2000-0497 (IBM WebSphere server 3.0.2 allows a remote attacker to view source ...) TODO: check CVE-2000-0495 (Microsoft Windows Media Encoder allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0494 (Veritas Volume Manager creates a world writable .server_pids file, ...) TODO: check CVE-2000-0493 (Buffer overflow in Simple Network Time Sync (SMTS) daemon allows ...) @@ -991,7 +991,7 @@ CVE-2000-0488 (Buffer overflow in ITHouse mail server 1.04 allows remote attacke CVE-2000-0486 (Buffer overflow in Cisco TACACS+ tac_plus server allows remote ...) TODO: check CVE-2000-0485 (Microsoft SQL Server allows local users to obtain database passwords ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0484 (Buffer overflow in Small HTTP Server allows remote attackers to cause ...) TODO: check CVE-2000-0483 (The DocumentTemplate package in Zope 2.2 and earlier allows a remote ...) @@ -1023,9 +1023,9 @@ CVE-2000-0467 (Buffer overflow in Linux splitvt 1.6.3 and earlier allows local u CVE-2000-0466 (AIX cdmount allows local users to gain root privileges via shell ...) TODO: check CVE-2000-0465 (Internet Explorer 4.x and 5.x does properly verify the domain of a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0464 (Internet Explorer 4.x and 5.x allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0463 (BeOS 5.0 allows remote attackers to cause a denial of service via ...) TODO: check CVE-2000-0462 (ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot ...) @@ -1069,7 +1069,7 @@ CVE-2000-0441 (Vulnerability in AIX 3.2.x and 4.x allows local users to gain wri CVE-2000-0440 (NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of ...) TODO: check CVE-2000-0439 (Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0438 (Buffer overflow in fdmount on Linux systems allows local users in the ...) TODO: check CVE-2000-0437 (Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in ...) @@ -1125,7 +1125,7 @@ CVE-2000-0404 (The CIFS Computer Browser service allows remote attackers to caus CVE-2000-0403 (The CIFS Computer Browser service on Windows NT 4.0 allows a remote ...) TODO: check CVE-2000-0402 (The Mixed Mode authentication capability in Microsoft SQL Server 7.0 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0399 (Buffer overflow in MDaemon POP server allows remote attackers to cause ...) TODO: check CVE-2000-0398 (Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent ...) @@ -1239,19 +1239,19 @@ CVE-2000-0334 (The Allaire Spectra container editor preview tool does not proper CVE-2000-0332 (UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows ...) TODO: check CVE-2000-0331 (Buffer overflow in Microsoft command processor (CMD.EXE) for Windows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0330 (The networking software in Windows 95 and Windows 98 allows remote ...) TODO: check CVE-2000-0329 (A Microsoft ActiveX control allows a remote attacker to execute a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0328 (Windows NT 4.0 generates predictable random TCP initial sequence ...) TODO: check CVE-2000-0327 (Microsoft Virtual Machine (VM) allows remote attackers to escape the ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0324 (pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of ...) TODO: check CVE-2000-0323 (The Microsoft Jet database engine allows an attacker to modify text ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0322 (The passwd.php3 CGI script in the Red Hat Piranha Virtual Server ...) TODO: check CVE-2000-0320 (Qpopper 2.53 and 3.0 does not properly identify the \n string which ...) @@ -1283,11 +1283,11 @@ CVE-2000-0306 (Buffer overflow in calserver in SCO OpenServer allows remote atta CVE-2000-0305 (Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal ...) TODO: check CVE-2000-0304 (Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0303 (Quake3 Arena allows malicious server operators to read or modify ...) TODO: check CVE-2000-0302 (Microsoft Index Server allows remote attackers to view the source code ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0301 (Ipswitch IMAIL server 6.02 and earlier allows remote attackers to ...) TODO: check CVE-2000-0298 (The unattended installation of Windows 2000 with the OEMPreinstall ...) @@ -1317,7 +1317,7 @@ CVE-2000-0279 (BeOS allows remote attackers to cause a denial of service via ... CVE-2000-0278 (The SalesLogix Eviewer allows remote attackers to cause a denial of ...) TODO: check CVE-2000-0277 (Microsoft Excel 97 and 2000 does not warn the user when executing ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0276 (BeOS 4.5 and 5.0 allow local users to cause a denial of service via ...) TODO: check CVE-2000-0274 (The Linux trustees kernel patch allows attackers to cause a denial of ...) @@ -1341,7 +1341,7 @@ CVE-2000-0262 (The AVM KEN! ISDN Proxy server allows remote attackers to cause a CVE-2000-0261 (The AVM KEN! web server allows remote attackers to read arbitrary ...) TODO: check CVE-2000-0260 (Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0258 (IIS 4.0 and 5.0 allows remote attackers to cause a denial of service ...) TODO: check CVE-2000-0257 (Buffer overflow in the NetWare remote web administration utility ...) @@ -1381,7 +1381,7 @@ CVE-2000-0234 (The default configuration of Cobalt RaQ2 and RaQ3 as specified in CVE-2000-0233 (SuSE Linux IMAP server allows remote attackers to bypass IMAP ...) TODO: check CVE-2000-0232 (Microsoft TCP/IP Printing Services, aka Print Services for Unix, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0231 (Linux kreatecd trusts a user-supplied path that is used to find the ...) TODO: check CVE-2000-0230 (Buffer overflow in imwheel allows local users to gain root privileges ...) @@ -1389,7 +1389,7 @@ CVE-2000-0230 (Buffer overflow in imwheel allows local users to gain root privil CVE-2000-0229 (gpm-root in the gpm package does not properly drop privileges, which ...) TODO: check CVE-2000-0228 (Microsoft Windows Media License Manager allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0226 (IIS 4.0 allows attackers to cause a denial of service by requesting a ...) TODO: check CVE-2000-0225 (The Pocsag POC32 program does not properly prevent remote users from ...) @@ -1423,11 +1423,11 @@ CVE-2000-0207 (SGI InfoSearch CGI program infosrch.cgi allows remote attackers t CVE-2000-0206 (The installation of Oracle 8.1.5.x on Linux follows symlinks and ...) TODO: check CVE-2000-0202 (Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0201 (The window.showHelp() method in Internet Explorer 5.x does not ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0200 (Buffer overflow in Microsoft Clip Art Gallery allows remote attackers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0196 (Buffer overflow in mhshow in the Linux nmh package allows remote ...) TODO: check CVE-2000-0195 (setxconf in Corel Linux allows local users to gain root access via the ...) @@ -1473,7 +1473,7 @@ CVE-2000-0170 (Buffer overflow in the man program in Linux allows local users to CVE-2000-0169 (Batch files in the Oracle web listener ows-bin directory allow remote ...) TODO: check CVE-2000-0168 (Microsoft Windows 9x operating systems allow an attacker to cause a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0166 (Buffer overflow in the InterAccess telnet server TelnetD allows remote ...) TODO: check CVE-2000-0165 (The Delegate application proxy has several buffer overflows which ...) @@ -1481,15 +1481,15 @@ CVE-2000-0165 (The Delegate application proxy has several buffer overflows which CVE-2000-0164 (The installation of Sun Internet Mail Server (SIMS) creates a ...) TODO: check CVE-2000-0162 (The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0161 (Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0159 (HP Ignite-UX does not save /etc/passwd when it creates an image of a ...) TODO: check CVE-2000-0157 (NetBSD ptrace call on VAX allows local users to gain privileges by ...) TODO: check CVE-2000-0156 (Internet Explorer 4.x and 5.x allow a remote web server to access ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0152 (Remote attackers can cause a denial of service in Novell BorderManager ...) TODO: check CVE-2000-0150 (Firewall-1 allows remote attackers to bypass port access restrictions ...) @@ -1539,9 +1539,9 @@ CVE-2000-0100 (The SMS Remote Control program is installed with insecure permiss CVE-2000-0099 (Buffer overflow in UnixWare ppptalk command allows local users to gain ...) TODO: check CVE-2000-0098 (Microsoft Index Server allows remote attackers to determine the real ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0097 (The WebHits ISAPI filter in Microsoft Index Server allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0095 (The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for ...) TODO: check CVE-2000-0094 (procfs in BSD systems allows local users to gain root privileges by ...) @@ -1553,7 +1553,7 @@ CVE-2000-0091 (Buffer overflow in vchkpw/vpopmail POP authentication package all CVE-2000-0090 (VMWare 1.1.2 allows local users to cause a denial of service via a ...) TODO: check CVE-2000-0089 (The rdisk utility in Microsoft Terminal Server Edition and Windows NT ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0088 (Buffer overflow in the conversion utilities for Japanese, Korean and ...) TODO: check CVE-2000-0087 (Netscape Mail Notification (nsnotify) utility in Netscape Communicator ...) @@ -1567,7 +1567,7 @@ CVE-2000-0076 (nviboot boot script in the Debian nvi package allows local users CVE-2000-0075 (Super Mail Transfer Package (SMTP), later called MsgCore, has a memory ...) TODO: check CVE-2000-0073 (Buffer overflow in Microsoft Rich Text Format (RTF) reader allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0072 (Visual Casel (Vcasel) does not properly prevent users from executing ...) TODO: check CVE-2000-0070 (NtImpersonateClientOfPort local procedure call in Windows NT 4.0 ...) @@ -1587,7 +1587,7 @@ CVE-2000-0057 (Cold Fusion CFCACHE tag places temporary cache files within the w CVE-2000-0056 (IMail IMONITOR status.cgi CGI script allows remote attackers to cause ...) TODO: check CVE-2000-0053 (Microsoft Commercial Internet System (MCIS) IMAP server allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0052 (Red Hat userhelper program in the usermode package allows local users ...) TODO: check CVE-2000-0051 (The Allaire Spectra Configuration Wizard allows remote attackers to ...) @@ -1791,23 +1791,23 @@ CVE-2000-1093 (Buffer overflow in AOL Instant Messenger before 4.3.2229 allows r CVE-2000-1092 (loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote ...) TODO: check CVE-2000-1090 (Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1088 (The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1087 (The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1086 (The xp_printstatements function in Microsoft SQL Server 2000 and SQL ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1085 (The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1084 (The xp_updatecolvbm function in SQL Server and Microsoft SQL Server ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1083 (The xp_showcolv function in SQL Server and Microsoft SQL Server ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1082 (The xp_enumresultset function in SQL Server and Microsoft SQL Server ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1081 (The xp_displayparamstmt function in SQL Server and Microsoft SQL ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-1079 (Interactions between the CIFS Browser Protocol and NetBIOS as ...) TODO: check CVE-2000-1078 (ICQ Web Front HTTPd allows remote attackers to cause a denial of ...) @@ -1921,7 +1921,7 @@ CVE-2000-0893 (The presence of the Distributed GL Daemon (dgld) service on port CVE-2000-0889 (Two Sun security certificates have been compromised, which could allow ...) TODO: check CVE-2000-0885 (Buffer overflows in Microsoft Network Monitor (Netmon) allow remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0882 (Intel Express 500 series switches allow a remote attacker to cause a ...) TODO: check CVE-2000-0881 (The dccscan setuid program in LPPlus does not properly check if the ...) @@ -1965,7 +1965,7 @@ CVE-2000-0827 (Buffer overflow in the web authorization form of Mobius DocumentD CVE-2000-0826 (Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the ...) TODO: check CVE-2000-0817 (Buffer overflow in the HTTP protocol parser for Microsoft Network ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0812 (The administration module in Sun Java web server allows remote ...) TODO: check CVE-2000-0802 (The BAIR program does not properly restrict access to the Internet ...) @@ -2003,7 +2003,7 @@ CVE-2000-0759 (Jakarta Tomcat 3.1 under Apache reveals physical path information CVE-2000-0757 (The sysgen service in Aptis Totalbill does not perform authentication, ...) TODO: check CVE-2000-0756 (Microsoft Outlook 2000 does not properly process long or malformed ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0755 (Vulnerability in the newgrp command in HP-UX 11.00 allows local users ...) TODO: check CVE-2000-0752 (Buffer overflows in brouted in FreeBSD and possibly other OSes allows ...) @@ -2035,9 +2035,9 @@ CVE-2000-0714 (umb-scheme 3.2-11 for Red Hat Linux is installed with world-write CVE-2000-0713 (Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and ...) TODO: check CVE-2000-0710 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0709 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0704 (Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to ...) TODO: check CVE-2000-0701 (The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly ...) @@ -2075,7 +2075,7 @@ CVE-2000-0657 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows r CVE-2000-0656 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...) TODO: check CVE-2000-0653 (Microsoft Outlook Express allows remote attackers to monitor a user's ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0649 (IIS 4.0 allows remote attackers to obtain the internal IP address of ...) TODO: check CVE-2000-0648 (WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of ...) @@ -2153,13 +2153,13 @@ CVE-2000-0527 (userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows CVE-2000-0526 (mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows ...) TODO: check CVE-2000-0524 (Microsoft Outlook and Outlook Express allow remote attackers to cause ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0520 (Buffer overflow in restore program 0.4b17 and earlier in dump package ...) TODO: check CVE-2000-0509 (Buffer overflows in the finger and whois demonstration scripts in ...) TODO: check CVE-2000-0503 (The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0492 (PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, ...) TODO: check CVE-2000-0491 (Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and ...) @@ -2201,7 +2201,7 @@ CVE-2000-0412 (The gnapster and knapster clients for Napster do not properly res CVE-2000-0401 (Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping ...) TODO: check CVE-2000-0400 (The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0386 (FileMaker Pro 5 Web Companion allows remote attackers to send ...) TODO: check CVE-2000-0385 (FileMaker Pro 5 Web Companion allows remote attackers to bypass ...) @@ -2229,7 +2229,7 @@ CVE-2000-0333 (tcpdump, Ethereal, and other sniffer packages allow remote attack CVE-2000-0326 (Meeting Maker uses weak encryption (a polyalphabetic substitution ...) TODO: check CVE-2000-0325 (The Microsoft Jet database engine allows an attacker to execute ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0321 (Buffer overflow in IC Radius package allows a remote attacker to cause ...) TODO: check CVE-2000-0317 (Buffer overflow in Solaris 7 lpset allows local users to gain root ...) @@ -2265,7 +2265,7 @@ CVE-2000-0270 (The make-temp-name Lisp function in Emacs 20 creates temporary fi CVE-2000-0269 (Emacs 20 does not properly set permissions for a slave PTY device when ...) TODO: check CVE-2000-0266 (Internet Explorer 5.01 allows remote attackers to bypass the cross ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0259 (The default permissions for the Cryptography\Offload registry key used ...) TODO: check CVE-2000-0256 (Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and ...) @@ -2289,7 +2289,7 @@ CVE-2000-0220 (ZoneAlarm sends sensitive system and network information in clear CVE-2000-0219 (Red Hat 6.0 allows local users to gain root access by booting single ...) TODO: check CVE-2000-0216 (Microsoft email clients in Outlook, Exchange, and Windows Messaging ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0214 (FTP Explorer uses weak encryption for storing the username, password, ...) TODO: check CVE-2000-0213 (The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the ...) @@ -2323,7 +2323,7 @@ CVE-2000-0167 (IIS Inetinfo.exe allows local users to cause a denial of service CVE-2000-0163 (asmon and ascpu in FreeBSD allow local users to gain root privileges ...) TODO: check CVE-2000-0160 (The Microsoft Active Setup ActiveX component in Internet Explorer 4.x ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0158 (Buffer overflow in MMDF server allows remote attackers to gain ...) TODO: check CVE-2000-0155 (Windows NT Autorun executes the autorun.inf file on non-removable ...) @@ -2353,7 +2353,7 @@ CVE-2000-0134 (The Check It Out shopping cart application allows remote users to CVE-2000-0133 (Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to ...) TODO: check CVE-2000-0132 (Microsoft Java Virtual Machine allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0129 (Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP ...) TODO: check CVE-2000-0126 (Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote ...) @@ -2383,7 +2383,7 @@ CVE-2000-0108 (The Intellivend shopping cart application allows remote users to CVE-2000-0106 (The EasyCart shopping cart application allows remote users to ...) TODO: check CVE-2000-0105 (Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0104 (The Shoptron shopping cart application allows remote users to ...) TODO: check CVE-2000-0103 (The SmartCart shopping cart application allows remote users to ...) @@ -2425,7 +2425,7 @@ CVE-2000-0067 (CyberCash Merchant Connection Kit (MCK) allows local users to mod CVE-2000-0066 (WebSite Pro allows remote attackers to determine the real pathname of ...) TODO: check CVE-2000-0061 (Internet Explorer 5 does not modify the security zone for a document ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0059 (PHP3 with safe_mode enabled does not properly filter shell ...) TODO: check CVE-2000-0058 (Network HotSync program in Handspring Visor does not have ...) @@ -2445,7 +2445,7 @@ CVE-2000-0038 (glFtpD includes a default glftpd user account with a default pass CVE-2000-0035 (resend command in Majordomo allows local users to gain privileges via ...) TODO: check CVE-2000-0028 (Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2000-0021 (Lotus Domino HTTP server allows remote attackers to determine the real ...) TODO: check CVE-2000-0019 (IMail POP3 daemon uses weak encryption, which allows local users to ...) |