diff options
author | Joey Hess <joeyh@debian.org> | 2005-10-19 23:08:35 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2005-10-19 23:08:35 +0000 |
commit | 2d535a1fc9cdf90cc4953981f30e4b7ae1822ad4 (patch) | |
tree | 8833102ec6bf3cae639cf56a11cad51d013c72f0 /data/CVE/2001.list | |
parent | b39b612faab41db807690ebd7c0b306cdbb13cb9 (diff) |
move CAN/list to CVE/list, merge in all CVEs and rename all CANs to CVEs
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2461 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/CVE/2001.list')
-rw-r--r-- | data/CVE/2001.list | 1125 |
1 files changed, 1125 insertions, 0 deletions
diff --git a/data/CVE/2001.list b/data/CVE/2001.list new file mode 100644 index 0000000000..fef216b38f --- /dev/null +++ b/data/CVE/2001.list @@ -0,0 +1,1125 @@ +CVE-2001-XXXX [crypt++ passes passwords through the command line] + - crypt++el <unfixed> (bug #105562; low) +CVE-2001-XXXX [gnupg: inproper flagging of signatures as being local] + - gnupg 1.0.7-1 (bug #107374) +CVE-2001-1580 (Directory traversal vulnerability in ScriptEase viewcode.jse for ...) + NOT-FOR-US: ScriptEase +CVE-2001-1579 (The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not ...) + NOT-FOR-US: UnixWare/OpenUnix +CVE-2001-1578 (Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local ...) + NOT-FOR-US: SCO +CVE-2001-1577 (Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 ...) + NOT-FOR-US: CDE +CVE-2001-1576 (Buffer overflow in cron in Caldera UnixWare 7 allows local users to ...) + NOTE: insufficient info to check, but not same code base +CVE-2001-1575 (Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing ...) + NOT-FOR-US: Apple +CVE-2001-1574 (Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in ...) + NOT-FOR-US: Trend Micro InterScan VirusWall +CVE-2001-1573 (Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall ...) + NOT-FOR-US: Trend Micro InterScan VirusWall +CVE-2001-1572 (The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when ...) + NOTE: presumably fixed in linux 2.4.12 +CVE-2001-1571 (The Remote Desktop client in Windows XP sends the most recent user ...) + NOT-FOR-US: Microsoft +CVE-2001-1570 (Windows XP with fast user switching and account lockout enabled allows ...) + NOT-FOR-US: Microsoft +CVE-2001-1569 (Openwave WAP gateway does not verify the fully qualified domain name ...) + NOT-FOR-US: Openwave WAP gateway +CVE-2001-1568 (CMG WAP gateway does not verify the fully qualified domain name URL ...) + NOT-FOR-US: CMG WAP gateway +CVE-2001-1567 (Lotus Domino server 5.0.9a and earlier allows remote attackers to ...) + NOT-FOR-US: Lotus Domino +CVE-2001-1566 (Format string vulnerability in libvanessa_logger 0.0.1 in Perdition ...) + - vanessa-logger 0.0.2 +CVE-2001-1565 (Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through ...) + NOT-FOR-US: MacOS +CVE-2001-1564 (setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 ...) + NOT-FOR-US: HP-UX +CVE-2001-1563 (Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for ...) + NOT-FOR-US: Tomcat 3.2.1 running on HP Secure OS +CVE-2001-1562 (Format string vulnerability in nvi before 1.79 allows local users to ...) + - nvi 1.79-16a.1 + NOTE: was DSA 085 +CVE-2001-1561 (Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to ...) + NOTE: DSA 082 + - xvt 2.1-13 +CVE-2001-1560 (Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and ...) + NOT-FOR-US: Microsoft +CVE-2001-1559 (The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide ...) + NOT-FOR-US: OpenBSD +CVE-2001-1558 (Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 ...) + - snort 1.8.3 +CVE-2001-1557 (Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to ...) + NOT-FOR-US: AIX +CVE-2001-1556 (The log files in Apache web server contain information directly ...) + NOTE: documented issue in apache, unlikely to be changed + NOTE: see http://httpd.apache.org/docs/logs.html +CVE-2001-1555 (pt_chmod in Solaris 8 does not call fdetach to reset terminal ...) + NOT-FOR-US: Solaris +CVE-2001-1554 (IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote ...) + NOT-FOR-US: AIX +CVE-2001-1553 (Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, ...) + - setiathome <not-affected> (not suid in debian) +CVE-2001-1552 (ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of ...) + NOT-FOR-US: Microsoft +CVE-2001-1551 (Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, ...) + NOTE: no info in CVE db about fix + TODO: check with current kernel on a system with quotas +CVE-2001-1550 (CentraOne 5.2 and Centra ASP with basic authentication enabled creates ...) + NOT-FOR-US: Centra +CVE-2001-1549 (Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass ...) + NOT-FOR-US: Tiny Personal Firewall +CVE-2001-1548 (ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local ...) + NOT-FOR-US: Tiny Personal Firewall +CVE-2001-1547 (Outlook Express 6.0, with "Do not allow attachments to be saved or ...) + NOT-FOR-US: Outlook +CVE-2001-1546 (Pathways Homecare 6.5 uses weak encryption for user names and ...) + NOT-FOR-US: Pathways Homecare +CVE-2001-1545 (Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests ...) + NOT-FOR-US: Macromedia JRun +CVE-2001-1544 (Directory traversal vulnerability in Macromedia JRun Web Server (JWS) ...) + NOT-FOR-US: Macromedia JRun +CVE-2001-1543 (Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default ...) + NOT-FOR-US: Axis network camera +CVE-2001-1542 (NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter ...) + NOT-FOR-US: NAI WebShield SMTP +CVE-2001-1541 (Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS ...) + NOT-FOR-US: BSDI UUCP +CVE-2001-1540 (IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a ...) + NOT-FOR-US: IPRoute router software + NOTE: This is not for iproute/iproute2. + NOTE: From Chris Gragsone's message on BUGTRAQ: + NOTE: "IPRoute, by David F. Mischler, is PC-based router software + NOTE: "for networks running the Internet Protocol (IP)." +CVE-2001-1539 (The JavaScript settimeout function in Internet Explorer allows remote ...) + NOT-FOR-US: MSIE +CVE-2001-1538 (SpeedXess HA-120 DSL router has a default administrative password of ...) + NOT-FOR-US: SpeedXess HA-120 DSL router +CVE-2001-1537 (The default "basic" security setting' in config.php for TWIG webmail ...) + NOTE: current twig package seems to have secure cookies enabled + NOTE: still uses "basic" security setting. +CVE-2001-1536 (Autogalaxy stores usernames and passwords in cleartext in cookies, ...) + NOT-FOR-US: Autogalaxy +CVE-2001-1535 (Slashcode 2.0 creates new accounts with an 8-character random ...) + - slash <unfixed> (bug #328927; low) +CVE-2001-1534 (mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's ...) + - apache (bug #328919; unimportant) + - apache2 <unfixed> (unimportant) + NOTE: Cookies are only used for invading user privacy, + NOTE: not for authentication, so apache and apache2 should be fine. +CVE-2001-1533 (** DISPUTED * ...) + NOT-FOR-US: Microsoft +CVE-2001-1532 (WebX stores authentication information in the HTTP_REFERER variable, ...) + NOT-FOR-US: WebX +CVE-2001-1531 (Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to ...) + NOT-FOR-US: Claris Emailer +CVE-2001-1530 (run.cgi in Webmin 0.80 and 0.88 creates temporary files with ...) + NOTE: verified current webmin is ok +CVE-2001-1529 (Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows ...) + NOT-FOR-US: AIX +CVE-2001-1528 (AmTote International homebet program returns different error messages ...) + NOT-FOR-US: AmTote International homebet +CVE-2001-1527 (easyNews 1.5 and earlier stores adminstration passwords in cleartext ...) + NOT-FOR-US: easynews +CVE-2001-1526 (Cross-site scripting (XSS) vulnerability in the comments action in ...) + NOT-FOR-US: easynews +CVE-2001-1525 (Directory traversal vulnerability in the comments action in easyNews ...) + NOT-FOR-US: easynews +CVE-2001-1524 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier ...) + NOT-FOR-US: PHP-Nuke +CVE-2001-1523 (Cross-site scripting (XSS) vulnerability in the DMOZGateway module for ...) + NOT-FOR-US: PHP-Nuke +CVE-2001-1522 (Cross-site scripting (XSS) vulnerability in im.php in IMessenger for ...) + NOT-FOR-US: PHP-Nuke +CVE-2001-1521 (Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 ...) + NOT-FOR-US: PHP-Nuke +CVE-2001-1520 (Xircom REX 6000 allows local users to obtain the 10 digit PIN by ...) + NOT-FOR-US: Xircom REX +CVE-2001-1519 (** DISPUTED ** ...) + NOT-FOR-US: RunAs +CVE-2001-1518 (RunAs (runas.exe) in Windows 2000 only creates one session instance at ...) + NOT-FOR-US: RunAs +CVE-2001-1517 (** DISPUTED ** ...) + NOT-FOR-US: RunAs +CVE-2001-1516 (Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and ...) + NOT-FOR-US: phpReview +CVE-2001-1515 (Macintosh clients, when using NT file system volumes on Windows 2000 ...) + NOT-FOR-US: Macintosh clients, when using NT file system volumes on Windows +CVE-2001-1514 (ColdFusion 4.5 and 5, when running on Windows with the advanced ...) + NOT-FOR-US: ColdFusion +CVE-2001-1513 (Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain ...) + NOT-FOR-US: JRun +CVE-2001-1512 (Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to ...) + NOT-FOR-US: JRun +CVE-2001-1511 (JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows ...) + NOT-FOR-US: JRun +CVE-2001-1510 (Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, ...) + NOT-FOR-US: JRun +CVE-2001-1509 (geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not ...) + NOT-FOR-US: HP-UX +CVE-2001-1508 (Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows ...) + - lprng <not-affected> (Not suid in Debian) + - cupsys <not-affected> (Not suid in Debian) +CVE-2001-1507 (OpenSSH before 3.0.1 with Kerberos V enabled does not properly ...) + - openssh 1:3.0.1 +CVE-2001-1506 (Unknown vulnerability in the file system protection subsystem in HP ...) + NOT-FOR-US: HP Secure OS layer +CVE-2001-1505 (tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into ...) + - tinc 1.0pre5-1 +CVE-2001-1504 (Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary ...) + NOT-FOR-US: Lotus Notes +CVE-2001-1503 (The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS ...) + NOT-FOR-US: Sun +CVE-2001-1502 (webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote ...) + NOT-FOR-US: WebCart +CVE-2001-1501 (The glob functionality in ProFTPD 1.2.1, and possibly other versions ...) + NOTE: Fix went into proftpd CVS on 2002-12-12 + - proftpd 1.2.8-1 +CVE-2001-1500 (ProFTPD 1.2.2rc2, and possibly other versions, does not properly ...) + - proftpd 1.2.4-1 +CVE-2001-1499 (Check Point VPN-1 4.1SP4 using SecuRemote returns different error ...) + NOT-FOR-US: Check Point +CVE-2001-1498 (Buffer overflow in mod_bf 0.2 allows local users execute arbitrary ...) + NOT-FOR-US: mod_bf +CVE-2001-1497 (Microsoft Internet Explorer 4.0 through 6.0 could allow local users to ...) + NOT-FOR-US: Microsoft +CVE-2001-1496 (Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd ...) + - thttpd 2.21 +CVE-2001-1495 (network_query.php in Network Query Tool 1.0 allows remote attackers ...) + NOT-FOR-US: Network Query Tool +CVE-2001-1494 (script command in the util-linux package before 2.11n allows local ...) + - util-linux 2.11n-1 +CVE-2001-1492 + REJECTED +CVE-2001-1491 (Opera 5.11 allows remote attackers to cause a denial of service (CPU ...) + NOT-FOR-US: Opera +CVE-2001-1490 (Mozilla 0.9.6 allows remote attackers to cause a denial of service ...) + NOTE: mozilla is quite easily DOSable with all sorts of large html + NOTE: files, probably not worth following up on. +CVE-2001-1489 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...) + NOT-FOR-US: Microsoft +CVE-2001-1488 (Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 ...) + NOT-FOR-US: Open Projects ircd +CVE-2001-1487 (popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users ...) + NOTE: verified not present in 4.0.5-4sarge1 +CVE-2001-1484 (Alcatel ADSL modems allow remote attackers to access the Trivial File ...) + NOT-FOR-US: Alcatel hardware issue +CVE-2001-1483 (One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows ...) + - libpam-opie <unfixed> (bug #112279; low) +CVE-2001-1482 (SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 ...) + NOTE: phpbb was initially uploaded as version 2 or phpbb has been removed now +CVE-2001-1481 (Xitami 2.4 through 2.5 b4 stores the Administrator password in ...) + NOT-FOR-US: Xitami +CVE-2001-1480 (Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows ...) + NOT-FOR-US: Sun Java +CVE-2001-1479 (smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows ...) + NOT-FOR-US: Sun +CVE-2001-1478 (Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix ...) + NOT-FOR-US: UnixWare +CVE-2001-1477 (The Domain gateway in BEA Tuxedo 7.1 does not perform authorization ...) + NOT-FOR-US: BEA Tuxedo +CVE-2001-1476 (SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" ...) + NOT-FOR-US: Commercial SSH +CVE-2001-1475 (SSH before 2.0, when using RC4 and password authentication, allows ...) + NOT-FOR-US: Commercial SSH +CVE-2001-1474 (SSH before 2.0 disables host key checking when connecting to the ...) + NOT-FOR-US: Commercial SSH +CVE-2001-1473 (The SSH-1 protocol allows remote servers conduct man-in-the-middle ...) + NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol +CVE-2001-1472 (SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 ...) + - phpbb2 2.0.6c-1 +CVE-2001-1471 (prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users ...) + - phpbb2 2.0.6c-1 +CVE-2001-1470 (The IDEA cipher as implemented by SSH1 does not protect the final ...) + NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol +CVE-2001-1469 (The RC4 stream cipher as used by SSH1 allows remote attackers to ...) + NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol +CVE-2001-1468 (PHP remote code injection vulnerability in checklogin.php in ...) + NOT-FOR-US: phpSecurePages +CVE-2001-1467 (mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, ...) + NOTE: in expect 5.42.1, mkpasswd does not seed by pid; doesn't seem + NOTE: to seed at all; my tests indicate it generates no dups in + NOTE: some 100000 passwords. +CVE-2001-1466 (Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the ...) + NOT-FOR-US: VanDyke SecureCRT +CVE-2001-1465 (SurfControl SuperScout only filters packets containing both an HTTP ...) + NOT-FOR-US: SurfControl SuperScout +CVE-2001-1464 (Crystal Reports, when displaying data for a password protected ...) + NOT-FOR-US: Crystal Reports +CVE-2001-1463 (The remote admimnistration client for RhinoSoft Serv-U 3.0 sends the ...) + NOT-FOR-US: RhinoSoft Serv-U +CVE-2001-1462 (WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, ...) + NOT-FOR-US: RSA Security SecurID +CVE-2001-1461 (Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 ...) + NOT-FOR-US: RSA Security SecurID +CVE-2001-1460 (SQL injection vulnerability in article.php in PostNuke 0.62 through ...) + NOT-FOR-US: PostNuke +CVE-2001-1459 (OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication ...) + - openssh 1:3.0.1p1-1 +CVE-2001-1458 (Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 ...) + NOT-FOR-US: Novell Groupwise +CVE-2001-1457 (Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote ...) + NOT-FOR-US: CrazyWWWBoard +CVE-2001-1456 (Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for ...) + NOT-FOR-US: Gauntlet Firewall +CVE-2001-1455 (Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to ...) + NOT-FOR-US: Netegrity SiteMinder +CVE-2001-1454 (Buffer overflow in MySQL before 3.23.33 allows remote attackers to ...) + - mysql-dfsg 3.23.33-1 +CVE-2001-1453 (Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier ...) + - mysql-dfsg 3.23.33-1 +CVE-2001-1452 (By default, DNS servers on Windows NT 4.0 and Windows 2000 Server ...) + NOT-FOR-US: Windows +CVE-2001-1451 (Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for ...) + NOT-FOR-US: Windows +CVE-2001-1450 (Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause ...) + NOT-FOR-US: Windows +CVE-2001-1449 (The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 ...) + NOT-FOR-US: Mandrake specific packaging flaw +CVE-2001-1448 (Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local ...) + NOT-FOR-US: Magic eDeveloper +CVE-2001-1447 (NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to ...) + NOT-FOR-US: Windows +CVE-2001-1446 (Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable ...) + NOT-FOR-US: MacOS X +CVE-2001-1445 (Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through ...) + NOT-FOR-US: Lotus Domino +CVE-2001-1444 (The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and ...) + NOTE: Generic protocol flaw +CVE-2001-1443 (KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not ...) + NOTE: Generic protocol flaw +CVE-2001-1442 (Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 ...) + - inn2 2.3.3+20020922-1 + - innfeed 0.10.1.7-7 +CVE-2001-1441 (Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 ...) + NOT-FOR-US: VisualAge for Java +CVE-2001-1440 (Unknown vulnerability in login for AIX 5.1L, when using loadable ...) + NOT-FOR-US: AIX +CVE-2001-1439 (Buffer overflow in the text editor functionality in HP-UX 10.01 ...) + NOT-FOR-US: HP-UX +CVE-2001-1438 (Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module ...) + NOT-FOR-US: Handspring Visor +CVE-2001-1437 (easyScripts easyNews 1.5 allows remote attackers to obtain the full ...) + NOT-FOR-US: easyScripts easyNews +CVE-2001-1436 (Dallas Semiconductor iButton DS1991 returns predictable values when ...) + NOT-FOR-US: Dallas Semiconductor iButton DS1991 +CVE-2001-1435 (inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of ...) + NOT-FOR-US: Tru64 UNIX +CVE-2001-1434 (Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read ...) + NOT-FOR-US: IOS +CVE-2001-1433 (Cherokee web server before 0.2.7 does not properly drop root ...) + NOT-FOR-US: Cherokee +CVE-2001-1432 (Directory traversal vulnerability in Cherokee Web Server allows remote ...) + NOT-FOR-US: Cherokee +CVE-2001-1431 (Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 ...) + NOT-FOR-US: Nokia Firewall appliances +CVE-2001-1430 (Cayman 3220-H DSL Router 1.0 ship without a password set, which allows ...) + NOT-FOR-US: Cayman DSL router +CVE-2001-1429 (Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local ...) + NOTE: I could track this down to this posting + NOTE: http://cert.uni-stuttgart.de/archive/vuln-dev/2001/11/msg00104.html + NOTE: This looks very obscure an does not contain useful information on how this + NOTE: was triggered and even then it's not a problem, as mcedit usage does not + NOTE: have a remote impact and is not suid +CVE-2001-1428 (The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped ...) + NOT-FOR-US: IPC@CHIP Embedded web server +CVE-2001-1427 (Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 ...) + NOT-FOR-US: ColdFusion +CVE-2001-1426 (Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through ...) + NOT-FOR-US: Alcatel Speed Touch +CVE-2001-1425 (The challenge-response authentication of the EXPERT user for Alcatel ...) + NOT-FOR-US: Alcatel Speed Touch +CVE-2001-1424 (Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, ...) + NOT-FOR-US: Alcatel Speed Touch +CVE-2001-1423 (Advanced Poll before 1.61, when using a flat file database, allows ...) + NOT-FOR-US: Advanced Poll +CVE-2001-1422 (WinVNC 3.3.3 and earlier generates the same challenge string for ...) + NOT-FOR-US: WinVNC +CVE-2001-1421 (AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to ...) + NOT-FOR-US: AOL Instant Messenger +CVE-2001-1420 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a ...) + NOT-FOR-US: AOL Instant Messenger +CVE-2001-1419 (AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote ...) + NOT-FOR-US: AOL Instant Messenger +CVE-2001-1418 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a ...) + NOT-FOR-US: AOL Instant Messenger +CVE-2001-1417 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a ...) + NOT-FOR-US: AOL Instant Messenger +CVE-2001-1416 (Multiple cross-site scripting (XSS) vulnerabilities in the log ...) + NOT-FOR-US: AOL Instant Messenger +CVE-2001-1415 (vi.recover in OpenBSD before 3.1 allows local users to remove ...) + NOT-FOR-US: no_package + NOTE: Debian's nvi recover script is very different +CVE-2001-1414 (The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does ...) + NOT-FOR-US: Solaris +CVE-2002-0013 (Vulnerabilities in the SNMPv1 request handling of a large number of ...) +CVE-2002-0012 (Vulnerabilities in a large number of SNMP implementations allow ...) +CVE-2002-0010 (Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL ...) +CVE-2002-0008 (Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user ...) +CVE-2002-0001 (Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt ...) +CVE-2001-1413 (Stack-based buffer overflow in the comprexx function for ncompress ...) + NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge + NOTE: discussion at: + NOTE: http://archives.neohapsis.com/archives/linux/lsap/2001-q2/0081.html + NOTE: listed sarge version contains a fix like the patch from Gentoo + - ncompress 4.2.4-15 +CVE-2001-1412 (nidump on MacOS X before 10.3 allows local users to read the encrypted ...) +CVE-2001-1411 (Format string vulnerability in gm4 (aka m4) on Mac OS X may allow ...) +CVE-2001-1410 (Internet Explorer 6 and earlier allows remote attackers to create ...) +CVE-2001-1409 (dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with ...) +CVE-2001-1408 (Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in ...) +CVE-2001-1405 (Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, ...) +CVE-2001-1404 (Bugzilla before 2.14 stores user passwords in plaintext and sends ...) +CVE-2001-1403 (Bugzilla before 2.14 includes the username and password in URLs, which ...) +CVE-2001-1402 (Bugzilla before 2.14 does not properly escape untrusted parameters, ...) +CVE-2001-1401 (Bugzilla before 2.14 does not properly restrict access to confidential ...) +CVE-2001-1400 (Unknown vulnerabilities in the UDP port allocation for Linux kernel ...) +CVE-2001-1399 (Certain operations in Linux kernel before 2.2.19 on the x86 ...) +CVE-2001-1398 (Masquerading code for Linux kernel before 2.2.19 does not fully check ...) +CVE-2001-1397 (The System V (SYS5) shared memory implementation for Linux kernel ...) +CVE-2001-1396 (Unknown vulnerabilities in strnlen_user for Linux kernel before ...) +CVE-2001-1395 (Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 ...) +CVE-2001-1394 (Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel ...) +CVE-2001-1393 (Unknown vulnerability in classifier code for Linux kernel before ...) +CVE-2001-1392 (The Linux kernel before 2.2.19 does not have unregister calls for (1) ...) +CVE-2001-1390 (Unknown vulnerability in binfmt_misc in the Linux kernel before ...) +CVE-2001-1389 (Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional ...) +CVE-2001-1388 (iptables before 1.2.4 does not accurately convert rate limits that are ...) +CVE-2001-1387 (iptables-save in iptables before 1.2.4 records the "--reject-with ...) +CVE-2001-1384 (ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows ...) +CVE-2001-1379 (The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and ...) +CVE-2001-1377 (Multiple RADIUS implementations do not properly validate the ...) +CVE-2001-1376 (Buffer overflow in digest calculation function of multiple RADIUS ...) +CVE-2001-1368 (Vulnerability in iPlanet Web Server 4 included in Virtualvault ...) +CVE-2001-1366 (netscript before 1.6.3 parses dynamic variables, which could allow ...) +CVE-2001-1365 (Vulnerability in IntraGnat before 1.4. ...) +CVE-2001-1364 (Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain ...) +CVE-2001-1363 (Vulnerability in phpWebSite before 0.7.9 related to running multiple ...) +CVE-2001-1362 (Vulnerability in the server for nPULSE before 0.53p4. ...) +CVE-2001-1361 (Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly ...) +CVE-2001-1360 (Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related ...) +CVE-2001-1358 (Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly ...) +CVE-2001-1357 (Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) ...) +CVE-2001-1356 (NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak ...) +CVE-2001-1355 (Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and ...) +CVE-2001-1354 (NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in ...) +CVE-2001-1353 (ghostscript before 6.51 allows local users to read and write arbitrary ...) +CVE-2001-1348 (TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized ...) +CVE-2001-1346 (Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) ...) +CVE-2001-1344 (WSSecurity.pl in WebStore allows remote attackers to bypass ...) +CVE-2001-1343 (ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated ...) +CVE-2001-1341 (The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi ...) +CVE-2001-1340 (Beck GmbH IPC@Chip TelnetD service supports only one connection and ...) +CVE-2001-1339 (Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect ...) +CVE-2001-1338 (Beck IPC GmbH IPC@CHIP TelnetD server generates different responses ...) +CVE-2001-1337 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to ...) +CVE-2001-1336 (CesarFTP 0.98b and earlier stores usernames and passwords in plaintext ...) +CVE-2001-1335 (Directory traversal vulnerability in CesarFTP 0.98b and earlier allows ...) +CVE-2001-1333 (Linux CUPS before 1.1.6 does not securely handle temporary files, ...) +CVE-2001-1332 (Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers ...) +CVE-2001-1331 (mandb in the man-db package before 2.3.16-3 allows local users to ...) +CVE-2001-1330 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...) +CVE-2001-1329 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...) +CVE-2001-1326 (Eudora 5.1 allows remote attackers to execute arbitrary code when the ...) +CVE-2001-1325 (Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow ...) +CVE-2001-1324 (cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not ...) +CVE-2001-1323 (Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows ...) +CVE-2001-1321 (Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote ...) +CVE-2001-1320 (Network Associates PGP Keyserver 7.0 allows remote attackers to cause ...) +CVE-2001-1319 (Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial ...) +CVE-2001-1318 (Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote ...) +CVE-2001-1317 (Teamware Office Enterprise Directory allows remote attackers to cause ...) +CVE-2001-1316 (Buffer overflows in Teamware Office Enterprise Directory allows remote ...) +CVE-2001-1315 (Critical Path (1) InJoin Directory Server or (2) LiveContent Directory ...) +CVE-2001-1314 (Buffer overflows in Critical Path (1) InJoin Directory Server or (2) ...) +CVE-2001-1313 (Lotus Domino R5 before R5.0.7a allows remote attackers to cause a ...) +CVE-2001-1312 (Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow ...) +CVE-2001-1311 (Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote ...) +CVE-2001-1310 (IBM SecureWay 3.2.1 allow remote attackers to cause a denial of ...) +CVE-2001-1309 (Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to ...) +CVE-2001-1308 (Format string vulnerabilities in iPlanet Directory Server 4.1.4 and ...) +CVE-2001-1307 (Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) ...) +CVE-2001-1306 (iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote ...) +CVE-2001-1305 (ICQ 2001a Alpha and earlier allows remote attackers to automatically ...) +CVE-2001-1304 (Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to ...) +CVE-2001-1300 (Directory traversal vulnerability in Dynu FTP server 1.05 and earlier ...) +CVE-2001-1298 (Webodex PHP script 1.0 and earlier allows remote attackers to include ...) +CVE-2001-1294 (Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows ...) +CVE-2001-1293 (Buffer overflow in web server of 3com HomeConnect Cable Modem External ...) +CVE-2001-1292 (Sambar Telnet Proxy/Server allows remote attackers to cause a denial ...) +CVE-2001-1290 (admin.cgi in Active Classifieds Free Edition 1.0, and possibly ...) +CVE-2001-1289 (Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a ...) +CVE-2001-1288 (Windows 2000 and Windows NT allows local users to cause a denial of ...) +CVE-2001-1287 (Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier ...) +CVE-2001-1286 (Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, ...) +CVE-2001-1285 (Directory traversal vulnerability in readmail.cgi for Ipswitch IMail ...) +CVE-2001-1284 (Ipswitch IMail 7.04 and earlier uses predictable session IDs for ...) +CVE-2001-1283 (The webmail interface for Ipswitch IMail 7.04 and earlier allows ...) +CVE-2001-1282 (Ipswitch IMail 7.04 and earlier records the physical path of ...) +CVE-2001-1281 (Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote ...) +CVE-2001-1280 (POP3 Server for Ipswitch IMail 7.04 and earlier generates different ...) +CVE-2001-1278 (Zope before 2.2.4 allows partially trusted users to bypass security ...) +CVE-2001-1275 (MySQL before 3.23.31 allows users with a MySQL account to use the SHOW ...) +CVE-2001-1274 (Buffer overflow in MySQL before 3.23.31 allows attackers to cause a ...) +CVE-2001-1273 (The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, ...) +CVE-2001-1272 (wmtv 0.6.5 and earlier does not properly drop privileges, which allows ...) +CVE-2001-1271 (Directory traversal vulnerability in rar 2.02 and earlier allows ...) +CVE-2001-1270 (Directory traversal vulnerability in the console version of PKZip ...) +CVE-2001-1269 (Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite ...) +CVE-2001-1268 (Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier ...) +CVE-2001-1265 (Directory traversal vulnerability in IBM alphaWorks Java TFTP server ...) +CVE-2001-1264 (Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating ...) +CVE-2001-1263 (telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers ...) +CVE-2001-1262 (Avaya Argent Office 2.1 compares a user-provided SNMP community string ...) +CVE-2001-1261 (Avaya Argent Office 2.1 may allow remote attackers to change hold ...) +CVE-2001-1260 (Avaya Argent Office uses weak encryption (trivial encoding) for ...) +CVE-2001-1259 (Avaya Argent Office allows remote attackers to cause a denial of ...) +CVE-2001-1258 (Horde Internet Messaging Program (IMP) before 2.2.6 allows local users ...) +CVE-2001-1257 (Cross-site scripting vulnerability in Horde Internet Messaging Program ...) +CVE-2001-1256 (kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create ...) +CVE-2001-1255 (WinMySQLadmin 1.1 stores the MySQL password in plain text in the ...) +CVE-2001-1254 (Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX ...) +CVE-2001-1253 (Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords ...) +CVE-2001-1250 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...) +CVE-2001-1249 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...) +CVE-2001-1248 (vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts ...) +CVE-2001-1245 (Opera 5.0 for Linux does not properly handle malformed HTTP headers, ...) +CVE-2001-1244 (Multiple TCP implementations could allow remote attackers to cause a ...) +CVE-2001-1243 (Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 ...) +CVE-2001-1242 (Directory traversal vulnerability in Un-CGI 1.9 and earlier allows ...) +CVE-2001-1241 (Un-CGI 1.9 and earlier does not verify that a CGI script has the ...) +CVE-2001-1239 (PowerNet IX allows remote attackers to cause a denial of service via a ...) +CVE-2001-1238 (Task Manager in Windows 2000 does not allow local users to end ...) +CVE-2001-1233 (Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with ...) +CVE-2001-1232 (GroupWise WebAccess 5.5 with directory indexing enabled allows a ...) +CVE-2001-1230 (Buffer overflows in Icecast before 1.3.10 allow remote attackers to ...) +CVE-2001-1229 (Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before ...) +CVE-2001-1228 (Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow ...) +CVE-2001-1226 (AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, ...) +CVE-2001-1225 (Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to ...) +CVE-2001-1224 (get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows ...) +CVE-2001-1223 (The web administration server for ELSA Lancom 1100 Office does not ...) +CVE-2001-1222 (Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain ...) +CVE-2001-1221 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses ...) +CVE-2001-1220 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point ...) +CVE-2001-1219 (Microsoft Internet Explorer 6.0 and earlier allows malicious website ...) +CVE-2001-1218 (Microsoft Internet Explorer for Unix 5.0SP1 allows local users to ...) +CVE-2001-1217 (Directory traversal vulnerability in PL/SQL Apache module in Oracle ...) +CVE-2001-1216 (Buffer overflow in PL/SQL Apache module in Oracle 9i Application ...) +CVE-2001-1214 (manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote ...) +CVE-2001-1213 (The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a ...) +CVE-2001-1212 (Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 ...) +CVE-2001-1211 (Ipswitch IMail 7.0.4 and earlier allows attackers with administrator ...) +CVE-2001-1210 (Cisco ubr900 series routers that conform to the Data-over-Cable ...) +CVE-2001-1209 (Directory traversal vulnerability in zml.cgi allows remote attackers ...) +CVE-2001-1208 (Format string vulnerability in DayDream BBS allows remote attackers to ...) +CVE-2001-1207 (Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote ...) +CVE-2001-1206 (Matrix CGI vault Last Lines 2.0 allows remote attackers to execute ...) +CVE-2001-1205 (Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 ...) +CVE-2001-1204 (Directory traversal vulnerability in phprocketaddin in Total PC ...) +CVE-2001-1202 (Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does ...) +CVE-2001-1198 (RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite ...) +CVE-2001-1197 (klprfax_filter in KDE2 KDEUtils allows local users to overwrite ...) +CVE-2001-1196 (Directory traversal vulnerability in edit_action.cgi of Webmin ...) +CVE-2001-1195 (Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a ...) +CVE-2001-1194 (Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to ...) +CVE-2001-1192 (Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 ...) +CVE-2001-1191 (WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote ...) +CVE-2001-1190 (The default PAM files included with passwd in Mandrake Linux 8.1 do ...) +CVE-2001-1189 (IBM Websphere Application Server 3.5.3 and earlier stores a password ...) +CVE-2001-1188 (mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote ...) +CVE-2001-1187 (csvform.pl 0.1 allows remote attackers to execute arbitrary commands ...) +CVE-2001-1184 (wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows ...) +CVE-2001-1182 (Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows ...) +CVE-2001-1181 (Dynamically Loadable Kernel Module (dlkm) static kernel symbol table ...) +CVE-2001-1179 (xman allows local users to gain privileges by modifying the MANPATH to ...) +CVE-2001-1178 (Buffer overflow in xman allows local users to gain privileges via a ...) +CVE-2001-1173 (Vulnerability in MasqMail before 0.1.15 allows local users to gain ...) +CVE-2001-1171 (Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and ...) +CVE-2001-1170 (AmTote International homebet program stores the homebet.log file in ...) +CVE-2001-1169 (keyinit in S/Key does not require authentication to initialize a ...) +CVE-2001-1168 (Directory traversal vulnerability in index.php in PhpMyExplorer before ...) +CVE-2001-1167 + REJECTED +CVE-2001-1165 (Intego FileGuard 4.0 uses weak encryption to store user information ...) +CVE-2001-1164 (Buffer overflow in uucp utilities in UnixWare 7 allows local users to ...) +CVE-2001-1163 (Buffer overflow in Munica Corporation NetSQL 1.0 allows remote ...) +CVE-2001-1159 (load_prefs.php and supporting include files in SquirrelMail 1.0.4 and ...) +CVE-2001-1157 (Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly ...) +CVE-2001-1156 (TYPSoft FTP 0.95 allows remote attackers to cause a denial of service ...) +CVE-2001-1154 (Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, ...) +CVE-2001-1152 (Baltimore Technologies WEBsweeper 4.02, when used to manage URL ...) +CVE-2001-1151 (Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 ...) +CVE-2001-1150 (Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate ...) +CVE-2001-1148 (Multiple buffer overflows in programs used by scoadmin and sysadmsh in ...) +CVE-2001-1143 (IBM DB2 7.0 allows a remote attacker to cause a denial of service ...) +CVE-2001-1142 (ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, ...) +CVE-2001-1140 (BadBlue Personal Edition v1.02 beta allows remote attackers to read ...) +CVE-2001-1139 (Directory traversal vulnerability in ASCII NT WinWrapper Professional ...) +CVE-2001-1138 (Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker ...) +CVE-2001-1137 (D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows ...) +CVE-2001-1136 (The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to ...) +CVE-2001-1135 (ZyXEL Prestige 642R and 642R-I routers do not filter the routers' ...) +CVE-2001-1134 (Xerox DocuPrint N40 Printers allow remote attackers to cause a denial ...) +CVE-2001-1133 (Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users ...) +CVE-2001-1131 (Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 ...) +CVE-2001-1129 (Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) ...) +CVE-2001-1128 (Buffer overflow in Progress database 8.3D and 9.1C allows local users ...) +CVE-2001-1127 (Buffer overflow in Progress database 8.3D and 9.1C could allow a local ...) +CVE-2001-1126 (Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, ...) +CVE-2001-1125 (Symantec LiveUpdate before 1.6 does not use cryptography to ensure the ...) +CVE-2001-1124 (rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to ...) +CVE-2001-1123 (Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP ...) +CVE-2001-1122 (Windows NT 4.0 SP 6a allows a local user with write access to ...) +CVE-2001-1120 (Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote ...) +CVE-2001-1115 (generate.cgi in SIX-webboard 2.01 and before allows remote attackers ...) +CVE-2001-1114 (book.cgi in NetCode NC Book 0.2b allows remote attackers to execute ...) +CVE-2001-1112 (Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute ...) +CVE-2001-1111 (EFTP 2.0.7.337 stores user passwords in plaintext in the ...) +CVE-2001-1110 (EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials ...) +CVE-2001-1109 (Directory traversal vulnerability in EFTP 2.0.7.337 allows remote ...) +CVE-2001-1107 (SnapStream PVS 1.2a stores its passwords in plaintext in the file ...) +CVE-2001-1105 (RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches ...) +CVE-2001-1104 (SonicWALL SOHO uses easily predictable TCP sequence numbers, which ...) +CVE-2001-1102 (Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users ...) +CVE-2001-1101 (The Log Viewer function in the Check Point FireWall-1 GUI for Solaris ...) +CVE-2001-1097 (Cisco routers and switches running IOS 12.0 through 12.2.1 allows a ...) +CVE-2001-1094 (NetOp School 1.5 allows local users to bypass access restrictions on ...) +CVE-2001-1093 (Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows ...) +CVE-2001-1092 (msgchk in Digital UNIX 4.0G and earlier allows a local user to read ...) +CVE-2001-1091 (The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 ...) +CVE-2001-1090 (nss_postgresql 0.6.1 and before allows a remote attacker to execute ...) +CVE-2001-1087 (The default configuration of the config.http.tunnel.allow_ports option ...) +CVE-2001-1086 (XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using ...) +CVE-2001-1082 (Directory traversal vulnerability in Livingston/Lucent RADIUS before ...) +CVE-2001-1078 (Format string vulnerability in flog function of eXtremail 1.1.9 and ...) +CVE-2001-1077 (Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users ...) +CVE-2001-1076 (Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows ...) +CVE-2001-1073 (Webridge PX Application Suite allows remote attackers to obtain ...) +CVE-2001-1070 (Sage Software MAS 200 allows remote attackers to cause a denial of ...) +CVE-2001-1068 (qpopper 4.01 with PAM based authentication on Red Hat systems ...) +CVE-2001-1065 (Web-based configuration utility in Cisco 600 series routers running ...) +CVE-2001-1064 (Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows ...) +CVE-2001-1061 (Vulnerability in lsmcode in unknown versions of AIX, possibly related ...) +CVE-2001-1060 (phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute ...) +CVE-2001-1058 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...) +CVE-2001-1057 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...) +CVE-2001-1052 (Empris PHP script allows remote attackers to include arbitrary files ...) +CVE-2001-1051 (Dark Hart Portal (darkportal) PHP script allows remote attackers to ...) +CVE-2001-1050 (CCCSoftware CCC PHP script allows remote attackers to include ...) +CVE-2001-1047 (Race condition in OpenBSD VFS allows local users to cause a denial of ...) +CVE-2001-1045 (Directory traversal vulnerability in basilix.php3 in Basilix Webmail ...) +CVE-2001-1044 (Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class ...) +CVE-2001-1042 (Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary ...) +CVE-2001-1041 (oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to ...) +CVE-2001-1040 (HP LaserJet, and possibly other JetDirect devices, resets the admin ...) +CVE-2001-1039 (The JetAdmin web interface for HP JetDirect does not set a password ...) +CVE-2001-1034 (Format string vulnerability in Hylafax on FreeBSD allows local users ...) + {DSA-148} +CVE-2001-1033 (Compaq TruCluster 1.5 allows remote attackers to cause a denial of ...) +CVE-2001-1031 (Directory traversal vulnerability in Meteor FTP 1.0 allows remote ...) +CVE-2001-1026 (Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs ...) +CVE-2001-1025 (PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL ...) +CVE-2001-1024 (login.gas.bat and other CGI scripts in Entrust getAccess allow remote ...) +CVE-2001-1023 (Xcache 2.1 allows remote attackers to determine the absolute path of ...) +CVE-2001-1021 (Buffer overflows in WS_FTP 2.02 allow remote attackers to execute ...) +CVE-2001-1019 (Directory traversal vulnerability in view_item CGI program in ...) +CVE-2001-1018 (Lotus Domino web server 5.08 allows remote attackers to determine the ...) +CVE-2001-1015 (Buffer overflow in Snes9x 1.37, when installed setuid root, allows ...) +CVE-2001-1014 (eshop.pl in WebDiscount(e)shop allows remote attackers to execute ...) +CVE-2001-1013 (Apache on Red Hat Linux with with the UserDir directive enabled ...) +CVE-2001-1012 (Vulnerability in screen before 3.9.10, related to a multi-attach error, ...) +CVE-2001-1009 (Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious ...) +CVE-2001-1007 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a ...) +CVE-2001-1006 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not ...) +CVE-2001-1005 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak ...) +CVE-2001-1004 (Cross-site scripting (CSS) vulnerability in gnut Gnutella client ...) +CVE-2001-1003 (Respondus 1.1.2 for WebCT uses weak encryption to remember usernames ...) +CVE-2001-1000 (rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and ...) +CVE-2001-0999 (Outlook Express 6.00 allows remote attackers to execute arbitrary ...) +CVE-2001-0997 (Textor Webmasters Ltd listrec.pl CGI program allows remote attackers ...) +CVE-2001-0996 (POP3Lite before 0.2.4 does not properly quote a . (dot) in an email ...) +CVE-2001-0994 (Marconi ForeThought 7.1 allows remote attackers to cause a denial of ...) +CVE-2001-0992 (shopplus.cgi in ShopPlus shopping cart allows remote attackers to ...) +CVE-2001-0991 (Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and ...) +CVE-2001-0990 (Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, ...) +CVE-2001-0989 (Buffer overflows in Pileup before 1.2 allows local users to gain root ...) +CVE-2001-0988 (Arkeia backup server 4.2.8-2 and earlier creates its database files ...) +CVE-2001-0986 (SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote ...) +CVE-2001-0985 (shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote ...) +CVE-2001-0984 (Password Safe 1.7(1) leaves cleartext passwords in memory when a user ...) +CVE-2001-0983 (UltraEdit uses weak encryption to record FTP passwords in the ...) +CVE-2001-0979 (Buffer overflow in swverify in HP-UX 11.0, and possibly other ...) +CVE-2001-0976 (Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and ...) +CVE-2001-0975 (Buffer overflow vulnerabilities in Oracle Internet Directory Server ...) +CVE-2001-0974 (Format string vulnerabilities in Oracle Internet Directory Server ...) +CVE-2001-0972 (Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on ...) +CVE-2001-0971 (Directory traversal vulnerability in ACI 4d webserver allows remote ...) +CVE-2001-0970 (Cross-site scripting vulnerability in TDForum 1.2 CGI script ...) +CVE-2001-0968 (Knox Arkeia server 4.2, and possibly other versions, installs its root ...) +CVE-2001-0967 (Knox Arkeia server 4.2, and possibly other versions, uses a constant ...) +CVE-2001-0966 (Directory traversal vulnerability in Nudester 1.10 and earlier allows ...) +CVE-2001-0964 (Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows ...) +CVE-2001-0958 (Buffer overflows in eManager plugin for Trend Micro InterScan ...) +CVE-2001-0956 (speechd 0.54 and earlier, with the Festival or rsynth speech synthesis ...) +CVE-2001-0955 (Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph ...) +CVE-2001-0953 (Kebi WebMail allows remote attackers to access the administrator menu ...) +CVE-2001-0952 (THQ Volition Red Faction Game allows remote attackers to cause a ...) +CVE-2001-0950 (ValiCert Enterprise Validation Authority (EVA) Administration Server ...) +CVE-2001-0949 (Buffer overflows in forms.exe CGI program in ValiCert Enterprise ...) +CVE-2001-0948 (Cross-site scripting (CSS) vulnerability in ValiCert Enterprise ...) +CVE-2001-0947 (Forms.exe CGI program in ValiCert Enterprise Validation Authority ...) +CVE-2001-0945 (Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh ...) +CVE-2001-0944 (DDE in mIRC allows local users to launch applications under another ...) +CVE-2001-0943 (dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the ...) +CVE-2001-0942 (dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment ...) +CVE-2001-0941 (Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local ...) +CVE-2001-0938 (Directory traversal vulnerability in AspUpload 2.1, in certain ...) +CVE-2001-0937 (PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands ...) +CVE-2001-0935 (Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which ...) +CVE-2001-0934 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the ...) +CVE-2001-0933 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the ...) +CVE-2001-0932 (Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote ...) +CVE-2001-0931 (Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 ...) +CVE-2001-0930 (Sendpage.pl allows remote attackers to execute arbitrary commands via ...) +CVE-2001-0928 (Buffer overflow in the permitted function of GNOME gtop daemon ...) + {DSA-301} +CVE-2001-0927 (Format string vulnerability in the permitted function of GNOME ...) +CVE-2001-0926 (SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers ...) +CVE-2001-0925 (The default installation of Apache before 1.3.19 allows remote ...) +CVE-2001-0924 (Directory traversal vulnerability in ifx CGI program in Informix Web ...) +CVE-2001-0923 (RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to ...) +CVE-2001-0922 (ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier ...) +CVE-2001-0919 (Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow ...) +CVE-2001-0916 (Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier ...) +CVE-2001-0915 (Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 ...) +CVE-2001-0913 (Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and ...) +CVE-2001-0911 (PHP-Nuke 5.1 stores user and administrator passwords in a base-64 ...) +CVE-2001-0910 (Legato Networker before 6.1 allows remote attackers to bypass access ...) +CVE-2001-0908 (CITRIX Metaframe 1.8 logs the Client Address (IP address) that is ...) +CVE-2001-0904 (Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies ...) +CVE-2001-0903 (Linear key exchange process in High-bandwidth Digital Content ...) +CVE-2001-0898 (Opera 6.0 and earlier allows remote attackers to access sensitive ...) +CVE-2001-0897 (Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board ...) +CVE-2001-0893 (Acme mini_httpd before 1.16 allows remote attackers to view sensitive ...) +CVE-2001-0892 (Acme Thttpd Secure Webserver before 2.22, with the chroot option ...) +CVE-2001-0890 (Certain backend drivers in the SANE library 1.0.3 and earlier, as used ...) +CVE-2001-0885 + RESERVED +CVE-2001-0883 + RESERVED +CVE-2001-0882 + RESERVED +CVE-2001-0881 + RESERVED +CVE-2001-0880 + RESERVED +CVE-2001-0878 + RESERVED +CVE-2001-0871 (Directory traversal vulnerability in HTTP server for Alchemy Eye and ...) +CVE-2001-0870 (HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through ...) +CVE-2001-0868 (Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve ...) +CVE-2001-0858 (Buffer overflow in pppattach and other linked PPP utilities in Caldera ...) +CVE-2001-0856 (Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker ...) +CVE-2001-0855 (Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local ...) +CVE-2001-0854 (PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary ...) +CVE-2001-0853 (Directory traversal vulnerability in Entrust GetAccess allows remote ...) +CVE-2001-0849 (viralator CGI script in Viralator 0.9pre1 and earlier allows remote ...) +CVE-2001-0848 (join.cfm in e-Zone Media Fuse Talk allows a local user to execute ...) +CVE-2001-0847 (Lotus Domino Web Server 5.x allows remote attackers to gain sensitive ...) +CVE-2001-0845 (Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 ...) +CVE-2001-0844 (Vulnerability in (1) Book of guests and (2) Post it! allows remote ...) +CVE-2001-0842 (Directory traversal vulnerability in Search.cgi in Leoboard LB5000 ...) +CVE-2001-0841 (Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and ...) +CVE-2001-0840 (Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows ...) +CVE-2001-0839 (ibillpm.pl in iBill password management system generates weak ...) +CVE-2001-0838 (Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows ...) +CVE-2001-0835 (Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly ...) +CVE-2001-0832 (Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users ...) +CVE-2001-0831 (Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and ...) +CVE-2001-0829 (A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a ...) +CVE-2001-0827 (Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a ...) +CVE-2001-0826 (Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute ...) +CVE-2001-0824 (Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 ...) +CVE-2001-0821 (The default configuration of DCShop 1.002 beta places sensitive files ...) +CVE-2001-0820 (Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to ...) +CVE-2001-0818 (A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier ...) +CVE-2001-0817 (Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 ...) +CVE-2001-0814 + RESERVED +CVE-2001-0813 + RESERVED +CVE-2001-0812 + RESERVED +CVE-2001-0811 + RESERVED +CVE-2001-0810 + RESERVED +CVE-2001-0809 (Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX ...) +CVE-2001-0808 (gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers ...) +CVE-2001-0807 (Internet Explorer 5.0, and possibly other versions, may allow remote ...) +CVE-2001-0802 + RESERVED +CVE-2001-0800 (lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute ...) +CVE-2001-0799 (Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote ...) +CVE-2001-0798 + RESERVED +CVE-2001-0795 (Perception LiteServe 1.25 allows remote attackers to obtain source ...) +CVE-2001-0794 (Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers ...) +CVE-2001-0791 (Trend Micro InterScan VirusWall for Windows NT allows remote attackers ...) +CVE-2001-0790 (Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a ...) +CVE-2001-0789 (Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 ...) +CVE-2001-0788 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...) +CVE-2001-0786 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...) +CVE-2001-0785 (Directory traversal in Webpaging interface in Internet Software ...) +CVE-2001-0783 (Cisco TFTP server 1.1 allows remote attackers to read arbitrary files ...) +CVE-2001-0782 (KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root ...) +CVE-2001-0781 (Buffer overflow in SpoonFTP 1.0.0.12 allows remote attacker to execute ...) +CVE-2001-0780 (Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl ...) +CVE-2001-0778 (OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source ...) +CVE-2001-0777 (Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of ...) +CVE-2001-0776 (Buffer overflow in DynFX MailServer version 2.10 allows remote ...) +CVE-2001-0775 (Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux ...) + {DSA-695-1} + - xli 1.17.0-17 +CVE-2001-0772 (Buffer overflows and other vulnerabilities in multiple Common Desktop ...) +CVE-2001-0771 (Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator ...) +CVE-2001-0768 (GuildFTPd 0.9.7 stores user names and passwords in plaintext in the ...) +CVE-2001-0767 (Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers ...) +CVE-2001-0766 (Apache on MacOS X Client 10.0.3 with the HFS+ file system allows ...) +CVE-2001-0762 (Buffer overflow in su-wrapper 1.1.1 allows local users to execute ...) +CVE-2001-0761 (Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager ...) +CVE-2001-0759 (Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows ...) +CVE-2001-0758 (Directory traversal vulnerability in Shambala 4.5 allows remote ...) +CVE-2001-0756 (CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in ...) +CVE-2001-0755 (Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows ...) +CVE-2001-0753 (Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) ...) +CVE-2001-0747 (Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, ...) +CVE-2001-0746 (Buffer overflow in Web Publisher in iPlanet Web Server Enterprise ...) +CVE-2001-0744 (Horde IMP 2.2.4 and earlier allows local users to overwrite files via ...) +CVE-2001-0743 (Paging function in O'Reilly WebBoard Pager 4.10 allows remote ...) +CVE-2001-0742 (Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows ...) +CVE-2001-0737 (A long 'synch' delay in Logitech wireless mice and keyboard receivers ...) +CVE-2001-0736 (Vulnerability in (1) pine before 4.33 and (2) the pico editor, ...) +CVE-2001-0735 (Buffer overflow in cfingerd 1.4.3 and earlier with the ...) + - cfingerd 1.4.3-1.1 (bug #104394) + NOTE: 1.4.3-1.2 is not in the PTS, but 1.4.3-1.2 incorporates + NOTE: its changes. +CVE-2001-0734 (Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local ...) +CVE-2001-0729 (Apache 1.3.20 on Windows servers allows remote attackers to bypass the ...) +CVE-2001-0725 + RESERVED +CVE-2001-0721 (Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows ...) +CVE-2001-0715 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, ...) +CVE-2001-0714 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, ...) +CVE-2001-0713 (Sendmail before 8.12.1 does not properly drop privileges when the -C ...) +CVE-2001-0712 (The rendering engine in Internet Explorer determines the MIME type ...) +CVE-2001-0711 (Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a ...) +CVE-2001-0709 (Microsoft IIS 4.0 and before, when installed on a FAT partition, ...) +CVE-2001-0708 (Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a ...) +CVE-2001-0707 (Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a ...) +CVE-2001-0705 (Directory traversal vulnerability in tradecli.dll in Arcadia Internet ...) +CVE-2001-0704 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...) +CVE-2001-0703 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...) +CVE-2001-0702 (Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial ...) +CVE-2001-0695 (WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by ...) +CVE-2001-0694 (Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote ...) +CVE-2001-0693 (WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view ...) +CVE-2001-0691 (Buffer overflows in Washington University imapd 2000a through 2000c ...) +CVE-2001-0689 (Vulnerability in TrendMicro Virus Control System 1.8 allows a remote ...) +CVE-2001-0688 (Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial ...) +CVE-2001-0687 (Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker ...) +CVE-2001-0684 (Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to ...) +CVE-2001-0683 (Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a ...) +CVE-2001-0681 (Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a ...) +CVE-2001-0679 (A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote ...) +CVE-2001-0678 (A buffer overflow in reggo.dll file used by Trend Micro InterScan ...) +CVE-2001-0674 (Directory traversal vulnerability in RobTex Viking Web server before ...) +CVE-2001-0673 + RESERVED +CVE-2001-0672 + RESERVED +CVE-2001-0671 (Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost ...) +CVE-2001-0669 (Various Intrusion Detection Systems (IDS) including (1) Cisco Secure ...) +CVE-2001-0661 + RESERVED +CVE-2001-0657 + RESERVED +CVE-2001-0656 + RESERVED +CVE-2001-0655 + RESERVED +CVE-2001-0654 + RESERVED +CVE-2001-0649 (Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial ...) +CVE-2001-0647 (Orange Web Server 2.1, based on GoAhead, allows a remote attacker to ...) +CVE-2001-0645 (Symantec/AXENT NetProwler 3.5.x contains several default passwords, ...) +CVE-2001-0642 (Directory traversal vulnerability in IncrediMail version 1400185 and ...) +CVE-2001-0636 (Buffer overflows in Raytheon SilentRunner allow remote attackers to ...) +CVE-2001-0633 (Directory traversal vulnerability in Sun Chili!Soft ASP on multiple ...) +CVE-2001-0632 (Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin ...) +CVE-2001-0624 (QNX 2.4 allows a local user to read arbitrary files by directly ...) +CVE-2001-0623 (sendfiled, as included with Simple Asynchronous File Transfer (SAFT), ...) +CVE-2001-0620 (iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to ...) +CVE-2001-0619 (The Lucent Closed Network protocol can allow remote attackers to join ...) +CVE-2001-0618 (Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of ...) +CVE-2001-0617 (Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the ...) +CVE-2001-0614 (Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain ...) +CVE-2001-0610 (kfm as included with KDE 1.x can allow a local attacker to gain ...) +CVE-2001-0609 (Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier ...) +CVE-2001-0608 (HP architected interface facility (AIF) as includes with MPE/iX 5.5 ...) +CVE-2001-0607 (asecure as included with HP-UX 10.01 through 11.00 can allow a local ...) +CVE-2001-0606 (Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with ...) +CVE-2001-0605 (Headlight Software MyGetright prior to 1.0b allows a remote attacker ...) +CVE-2001-0604 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) +CVE-2001-0603 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) +CVE-2001-0602 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) +CVE-2001-0601 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) +CVE-2001-0600 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) +CVE-2001-0599 (Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier ...) +CVE-2001-0598 (Symantec Ghost 6.5 and earlier allows a remote attacker to create a ...) +CVE-2001-0597 (Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and ...) +CVE-2001-0592 (Watchguard Firebox II prior to 4.6 allows a remote attacker to create ...) +CVE-2001-0588 (sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO ...) +CVE-2001-0587 (deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a ...) +CVE-2001-0584 (IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to ...) +CVE-2001-0583 (Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a ...) +CVE-2001-0582 (Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local ...) +CVE-2001-0581 (Spytech Spynet Chat Server 6.5 allows a remote attacker to create a ...) +CVE-2001-0580 (Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote ...) +CVE-2001-0579 (lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain ...) +CVE-2001-0578 (Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a ...) +CVE-2001-0577 (recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker ...) +CVE-2001-0576 (lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a ...) +CVE-2001-0575 (Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local ...) +CVE-2001-0572 (The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and ...) +CVE-2001-0571 (Directory traversal vulnerability in the web server for (1) Elron ...) +CVE-2001-0570 (minicom 1.83.1 and earlier allows a local attacker to gain additional ...) +CVE-2001-0569 (Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the ...) +CVE-2001-0568 (Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker ...) +CVE-2001-0566 (Cisco Catalyst 2900XL switch allows a remote attacker to create a denial ...) +CVE-2001-0562 (a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a ...) +CVE-2001-0561 (Directory traversal vulnerability in Drummond Miles A1Stats prior to ...) +CVE-2001-0557 (T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to ...) +CVE-2001-0556 (The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker ...) +CVE-2001-0555 (ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote ...) +CVE-2001-0552 (ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli ...) +CVE-2001-0551 (Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users ...) +CVE-2001-0542 (Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers ...) +CVE-2001-0539 + RESERVED +CVE-2001-0535 (Example applications (Exampleapps) in ColdFusion Server 4.x do not ...) +CVE-2001-0534 (Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b ...) +CVE-2001-0532 + RESERVED +CVE-2001-0531 + RESERVED +CVE-2001-0524 (eEye SecureIIS versions 1.0.3 and earlier does not perform length ...) +CVE-2001-0523 (eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to ...) +CVE-2001-0521 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote ...) +CVE-2001-0520 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote ...) +CVE-2001-0519 (Aladdin eSafe Gateway versions 2.x allows a remote attacker to ...) +CVE-2001-0516 (Oracle listener between Oracle 9i and Oracle 8.0 allows remote ...) +CVE-2001-0515 (Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause ...) +CVE-2001-0509 (Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 ...) +CVE-2001-0505 (Multiple memory leaks in Microsoft Services for Unix 2.0 allow remote ...) +CVE-2001-0499 (Buffer overflow in Transparent Network Substrate (TNS) Listener in ...) +CVE-2001-0498 (Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i ...) +CVE-2001-0496 (kdesu in kdelibs package creates world readable temporary files ...) +CVE-2001-0492 (Netcruiser Web server version 0.1.2.8 and earlier allows remote ...) +CVE-2001-0491 (Directory traversal vulnerability in RaidenFTPD Server 2.1 before ...) +CVE-2001-0490 (Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute ...) +CVE-2001-0484 (Tektronix PhaserLink 850 does not require authentication for access to ...) +CVE-2001-0483 (Configuration error in Axent Raptor Firewall 6.5 allows remote ...) +CVE-2001-0480 (Directory traversal vulnerability in Alex's FTP Server 0.7 allows ...) +CVE-2001-0479 (Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier ...) +CVE-2001-0478 (Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier ...) +CVE-2001-0477 (Vulnerability in WebCalendar 0.9.26 allows remote command execution. ...) +CVE-2001-0476 (Multiple buffer overflows in s.cgi program in Aspseek search engine ...) +CVE-2001-0472 (Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) ...) +CVE-2001-0471 (SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not ...) +CVE-2001-0470 (Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local ...) +CVE-2001-0468 (Buffer overflow in FTPFS allows local users to gain root privileges ...) +CVE-2001-0466 (Directory traversal vulnerability in ustorekeeper 1.61 allows remote ...) +CVE-2001-0464 (Buffer overflow in websync.exe in Cyberscheduler allows remote ...) +CVE-2001-0460 (Websweeper 4.0 does not limit the length of certain HTTP headers, ...) +CVE-2001-0459 (Buffer overflows in ascdc Afterstep while running setuid allows local ...) +CVE-2001-0458 (Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and ...) +CVE-2001-0454 (Directory traversal vulnerability in SlimServe HTTPd 1.1a allows ...) +CVE-2001-0453 (Directory traversal vulnerability in BRS WebWeaver HTTP server ...) +CVE-2001-0452 (BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to ...) +CVE-2001-0451 (INDEXU 2.0 beta and earlier allows remote attackers to bypass ...) +CVE-2001-0450 (Directory traversal vulnerability in Transsoft FTP Broker before 5.5 ...) +CVE-2001-0448 (Web configuration server in 602Pro LAN SUITE allows remote attackers ...) +CVE-2001-0447 (Web configuration server in 602Pro LAN SUITE allows remote attackers ...) +CVE-2001-0446 (IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 ...) +CVE-2001-0443 (Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote ...) +CVE-2001-0441 (Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn ...) +CVE-2001-0438 (Preview version of Timbuktu for Mac OS X allows local users to modify ...) +CVE-2001-0437 (upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload ...) +CVE-2001-0436 (dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute ...) +CVE-2001-0435 (The split key mechanism used by PGP 7.0 allows a key share holder to ...) +CVE-2001-0433 (Buffer overflow in Savant 3.0 web server allows remote attackers to ...) +CVE-2001-0432 (Buffer overflows in various CGI programs in the remote administration ...) +CVE-2001-0431 (Vulnerability in iPlanet Web Server Enterprise Edition 4.x. ...) +CVE-2001-0426 (Buffer overflow in dtsession on Solaris, and possibly other operating ...) +CVE-2001-0425 (AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain ...) +CVE-2001-0424 (BubbleMon 1.31 does not properly drop group privileges before ...) +CVE-2001-0421 (FTP server in Solaris 8 and earlier allows local and remote attackers ...) +CVE-2001-0420 (Directory traversal vulnerability in talkback.cgi program allows ...) +CVE-2001-0419 (Buffer overflow in shared library ndwfn4.so for iPlanet Web Server ...) +CVE-2001-0418 (content.pl script in NCM Content Management System allows remote ...) +CVE-2001-0417 (Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files ...) +CVE-2001-0415 (REDIPlus program, REDI.exe, stores passwords and user names in ...) +CVE-2001-0411 (Reliant Unix 5.44 and earlier allows remote attackers to cause a ...) +CVE-2001-0410 (Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote ...) +CVE-2001-0406 (Samba before 2.2.0 allows local attackers to overwrite arbitrary files ...) +CVE-2001-0404 (Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) ...) +CVE-2001-0403 (/opt/JSparm/bin/perfmon program in Solaris allows local users to ...) +CVE-2001-0401 (Buffer overflow in tip in Solaris 8 and earlier allows local users to ...) +CVE-2001-0400 (nph-maillist.pl allows remote attackers to execute arbitrary commands ...) +CVE-2001-0399 (Caucho Resin 1.3b1 and earlier allows remote attackers to read source ...) +CVE-2001-0398 (The BAT! mail client allows remote attackers to bypass user warnings ...) +CVE-2001-0397 (Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote ...) +CVE-2001-0396 (The pre-login mode in the System Administrator interface of Lightwave ...) +CVE-2001-0395 (Lightwave ConsoleServer 3200 does not disconnect users after ...) +CVE-2001-0393 (Navision Financials Server 2.0 allows remote attackers to cause a ...) +CVE-2001-0392 (Navision Financials Server 2.60 and earlier allows remote attackers to ...) +CVE-2001-0391 (Xitami 2.5d4 and earlier allows remote attackers to crash the server ...) +CVE-2001-0390 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a ...) +CVE-2001-0389 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine ...) +CVE-2001-0385 (GoAhead webserver 2.1 allows remote attackers to cause a denial of ...) +CVE-2001-0384 (ppd in Reliant Sinix allows local users to corrupt arbitrary files via ...) +CVE-2001-0382 (Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak ...) +CVE-2001-0381 (The OpenPGP PGP standard allows an attacker to determine the private ...) +CVE-2001-0380 (Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 ...) +CVE-2001-0376 (SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC ...) +CVE-2001-0374 (The HTTP server in Compaq web-enabled management software for (1) ...) +CVE-2001-0372 (Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a ...) +CVE-2001-0370 (fcheck prior to 2.57.59 calls the file signature checking program ...) +CVE-2001-0369 (Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a ...) +CVE-2001-0367 (Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote ...) +CVE-2001-0360 (Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and ...) +CVE-2001-0359 (Format string vulnerability in Sierra Half-Life build 1573 and earlier ...) +CVE-2001-0358 (Buffer overflows in Sierra Half-Life build 1573 and earlier allow ...) +CVE-2001-0357 (FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to ...) +CVE-2001-0355 (Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access ...) +CVE-2001-0354 (TheNet CheckBO 1.56 allows remote attackers to cause a denial of ...) +CVE-2001-0352 (SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point ...) +CVE-2001-0350 (Microsoft Windows 2000 telnet service creates named pipes with ...) +CVE-2001-0349 (Microsoft Windows 2000 telnet service creates named pipes with ...) +CVE-2001-0343 + RESERVED +CVE-2001-0342 + RESERVED +CVE-2001-0337 (The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier ...) +CVE-2001-0332 (Internet Explorer 5.5 and earlier does not properly verify the domain ...) +CVE-2001-0329 (Bugzilla 2.10 allows remote attackers to execute arbitrary commands ...) +CVE-2001-0328 (TCP implementations that use random increments for initial sequence ...) +CVE-2001-0325 (Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a ...) +CVE-2001-0324 (Windows 98 and Windows 2000 Java clients allow remote attackers to ...) +CVE-2001-0323 (The ICMP path MTU (PMTU) discovery feature in various UNIX systems ...) +CVE-2001-0322 (MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, ...) +CVE-2001-0320 (bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote ...) +CVE-2001-0315 (The locking feature in mIRC 5.7 allows local users to bypass the ...) +CVE-2001-0314 (Buffer overflow in www.tol module in America Online (AOL) 5.0 may ...) +CVE-2001-0313 (Borderware Firewall Server 6.1.2 allows remote attackers to cause a ...) +CVE-2001-0312 (IBM WebSphere plugin for Netscape Enterprise server allows remote ...) +CVE-2001-0308 (UploadServlet in Bajie HTTP JServer 0.78 allows remote attackers to ...) +CVE-2001-0307 (Bajie HTTP JServer 0.78 allows remote attackers to execute arbitrary ...) +CVE-2001-0306 (Directory traversal vulnerability in ITAfrica WEBactive HTTP Server ...) +CVE-2001-0305 (Directory traversal vulnerability in store.cgi in Thinking Arts ES.One ...) +CVE-2001-0304 (Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote ...) +CVE-2001-0303 (tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to ...) +CVE-2001-0302 (Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows ...) +CVE-2001-0300 (oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory ...) +CVE-2001-0298 (Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to ...) +CVE-2001-0297 (Directory traversal vulnerability in Simple Server HTTPd 1.0 ...) +CVE-2001-0296 (Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute ...) +CVE-2001-0294 (Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows ...) +CVE-2001-0293 (Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows ...) +CVE-2001-0292 (PHP-Nuke 4.4.1a allows remote attackers to modify a user's email ...) +CVE-2001-0291 (Buffer overflow in post-query sample CGI program allows remote ...) +CVE-2001-0286 (Directory traversal vulnerability in A1 HTTP server 1.0a allows remote ...) +CVE-2001-0285 (Buffer overflow in A1 HTTP server 1.0a allows remote attackers to ...) +CVE-2001-0283 (Directory traversal vulnerability in SunFTP build 9 allows remote ...) +CVE-2001-0282 (SEDUM 2.1 HTTP server allows remote attackers to cause a denial of ...) +CVE-2001-0281 (Format string vulnerability in DbgPrint function, used in debug ...) +CVE-2001-0277 (Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows ...) +CVE-2001-0275 (Moby Netsuite Web Server 1.02 allows remote attackers to cause a ...) +CVE-2001-0273 (pgp4pine Pine/PGP interface version 1.75-6 does not properly check to ...) +CVE-2001-0272 (Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web ...) +CVE-2001-0271 (mailnews.cgi 1.3 and earlier allows remote attackers to execute ...) +CVE-2001-0270 (Marconi ASX-1000 ASX switches allow remote attackers to cause a denial ...) +CVE-2001-0264 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote ...) +CVE-2001-0263 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to ...) +CVE-2001-0262 (Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers ...) +CVE-2001-0261 (Microsoft Windows 2000 Encrypted File System does not properly destroy ...) +CVE-2001-0258 (The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server ...) +CVE-2001-0257 (Buffer overflow in Easycom/Safecom Print Server Web service, version ...) +CVE-2001-0256 (FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of ...) +CVE-2001-0255 (FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary ...) +CVE-2001-0254 (FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real ...) +CVE-2001-0253 (Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek ...) +CVE-2001-0251 (The Web Publishing feature in Netscape Enterprise Server 3.x allows ...) +CVE-2001-0250 (The Web Publishing feature in Netscape Enterprise Server 4.x and ...) +CVE-2001-0249 (Heap overflow in FTP daemon in Solaris 8 allows remote attackers to ...) +CVE-2001-0248 (Buffer overflow in FTP server in HPUX 11 allows remote attackers to ...) +CVE-2001-0247 (Buffer overflows in BSD-based FTP servers allows remote attackers to ...) +CVE-2001-0246 (Internet Explorer 5.5 and earlier does not properly verify the domain ...) +CVE-2001-0242 (Buffer overflows in Microsoft Windows Media Player 7 and earlier allow ...) +CVE-2001-0232 (newsdesk.cgi in News Desk 1.2 allows remote attackers to read ...) +CVE-2001-0231 (Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 allows ...) +CVE-2001-0229 (Chili!Soft ASP for Linux before 3.6 does not properly set group ...) +CVE-2001-0228 (Directory traversal vulnerability in GoAhead web server 2.1 and ...) +CVE-2001-0227 (Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to ...) +CVE-2001-0226 (Directory traversal vulnerability in BiblioWeb web server 2.0 allows ...) +CVE-2001-0225 (fortran math component in Infobot 0.44.5.3 and earlier allows remote ...) +CVE-2001-0224 (Muscat Empower CGI program allows remote attackers to obtain the ...) +CVE-2001-0223 (Buffer overflow in wwwwais allows remote attackers to execute ...) +CVE-2001-0220 (Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local ...) +CVE-2001-0217 (Directory traversal vulnerability in PALS Library System pals-cgi ...) +CVE-2001-0216 (PALS Library System pals-cgi program allows remote attackers to ...) +CVE-2001-0214 (Way-board CGI program allows remote attackers to read arbitrary files ...) +CVE-2001-0213 (Buffer overflow in pi program in PlanetIntra 2.5 allows remote ...) +CVE-2001-0212 (Directory traversal vulnerability in HIS Auktion 1.62 allows remote ...) +CVE-2001-0211 (Directory traversal vulnerability in WebSPIRS 3.1 allows remote ...) +CVE-2001-0210 (Directory traversal vulnerability in commerce.cgi CGI program allows ...) +CVE-2001-0209 (Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) ...) +CVE-2001-0208 (MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the ...) +CVE-2001-0206 (Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows ...) +CVE-2001-0205 (Directory traversal vulnerability in AOLserver 3.2 and earlier allows ...) +CVE-2001-0202 (Picserver web server allows remote attackers to read arbitrary files ...) +CVE-2001-0201 (The Postaci frontend for PostgreSQL does not properly filter ...) +CVE-2001-0200 (HSWeb 2.0 HTTP server allows remote attackers to obtain the physical ...) +CVE-2001-0199 (Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows ...) +CVE-2001-0198 (Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows ...) +CVE-2001-0192 (Buffer overflows in CTRLServer in XMail allows attackers to execute ...) +CVE-2001-0188 (GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to ...) +CVE-2001-0186 (Directory traversal vulnerability in Free Java Web Server 1.0 allows ...) +CVE-2001-0184 (eEye Iris 1.01 beta allows remote attackers to cause a denial of ...) +CVE-2001-0181 (Format string vulnerability in the error logging code of DHCP server ...) +CVE-2001-0180 (Lars Ellingsen guestserver.cgi allows remote attackers to execute ...) +CVE-2001-0177 (WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a ...) +CVE-2001-0173 (Buffer overflow in qDecoder library 5.08 and earlier, as used in ...) +CVE-2001-0172 (Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to ...) +CVE-2001-0171 (Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to ...) +CVE-2001-0168 (Buffer overflow in AT&T WinVNC (Virtual Network Computing) server ...) +CVE-2001-0167 (Buffer overflow in AT&T WinVNC (Virtual Network Computing) client ...) +CVE-2001-0163 (Cisco AP340 base station produces predictable TCP Initial Sequence ...) +CVE-2001-0162 (WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers ...) +CVE-2001-0161 (Cisco 340-series Aironet access point using firmware 11.01 does not ...) +CVE-2001-0160 (Lucent/ORiNOCO WaveLAN cards generate predictable Initialization ...) +CVE-2001-0159 + RESERVED +CVE-2001-0158 + RESERVED +CVE-2001-0146 (IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a ...) +CVE-2001-0145 (Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook ...) +CVE-2001-0135 (The default installation of Ultraboard 2000 2.11 creates the Skins, ...) +CVE-2001-0134 (Buffer overflow in cpqlogin.htm in web-enabled agents for various ...) +CVE-2001-0133 (The web administration interface for Interscan VirusWall 3.6.x and ...) +CVE-2001-0132 (Interscan VirusWall 3.6.x and earlier follows symbolic links when ...) +CVE-2001-0131 (htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local ...) + {DSA-195 DSA-188 DSA-187} |