move CAN/list to CVE/list, merge in all CVEs and rename all CANs to CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2461 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 1125 insertions, 0 deletions

diff --git a/data/CVE/2001.list b/data/CVE/2001.list
new file mode 100644
index 0000000000..fef216b38f
--- /dev/null
+++ b/data/CVE/2001.list
@@ -0,0 +1,1125 @@
+CVE-2001-XXXX [crypt++ passes passwords through the command line]
+	- crypt++el <unfixed> (bug #105562; low)
+CVE-2001-XXXX [gnupg: inproper flagging of signatures as being local]
+	- gnupg 1.0.7-1 (bug #107374)
+CVE-2001-1580 (Directory traversal vulnerability in ScriptEase viewcode.jse for ...)
+	NOT-FOR-US: ScriptEase
+CVE-2001-1579 (The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not ...)
+	NOT-FOR-US: UnixWare/OpenUnix
+CVE-2001-1578 (Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local ...)
+	NOT-FOR-US: SCO
+CVE-2001-1577 (Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 ...)
+	NOT-FOR-US: CDE
+CVE-2001-1576 (Buffer overflow in cron in Caldera UnixWare 7 allows local users to ...)
+	NOTE: insufficient info to check, but not same code base
+CVE-2001-1575 (Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing ...)
+	NOT-FOR-US: Apple
+CVE-2001-1574 (Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in ...)
+	NOT-FOR-US: Trend Micro InterScan VirusWall
+CVE-2001-1573 (Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall ...)
+	NOT-FOR-US: Trend Micro InterScan VirusWall
+CVE-2001-1572 (The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when ...)
+	NOTE: presumably fixed in linux 2.4.12
+CVE-2001-1571 (The Remote Desktop client in Windows XP sends the most recent user ...)
+	NOT-FOR-US: Microsoft
+CVE-2001-1570 (Windows XP with fast user switching and account lockout enabled allows ...)
+	NOT-FOR-US: Microsoft
+CVE-2001-1569 (Openwave WAP gateway does not verify the fully qualified domain name ...)
+	NOT-FOR-US: Openwave WAP gateway
+CVE-2001-1568 (CMG WAP gateway does not verify the fully qualified domain name URL ...)
+	NOT-FOR-US: CMG WAP gateway
+CVE-2001-1567 (Lotus Domino server 5.0.9a and earlier allows remote attackers to ...)
+	NOT-FOR-US: Lotus Domino
+CVE-2001-1566 (Format string vulnerability in libvanessa_logger 0.0.1 in Perdition ...)
+	- vanessa-logger 0.0.2
+CVE-2001-1565 (Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through ...)
+	NOT-FOR-US: MacOS
+CVE-2001-1564 (setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 ...)
+	NOT-FOR-US: HP-UX
+CVE-2001-1563 (Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for ...)
+	NOT-FOR-US: Tomcat 3.2.1 running on HP Secure OS
+CVE-2001-1562 (Format string vulnerability in nvi before 1.79 allows local users to ...)
+	- nvi 1.79-16a.1
+	NOTE: was DSA 085
+CVE-2001-1561 (Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to ...)
+	NOTE: DSA 082
+	- xvt 2.1-13
+CVE-2001-1560 (Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and ...)
+	NOT-FOR-US: Microsoft
+CVE-2001-1559 (The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide ...)
+	NOT-FOR-US: OpenBSD
+CVE-2001-1558 (Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 ...)
+	- snort 1.8.3
+CVE-2001-1557 (Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to ...)
+	NOT-FOR-US: AIX
+CVE-2001-1556 (The log files in Apache web server contain information directly ...)
+	NOTE: documented issue in apache, unlikely to be changed
+	NOTE: see http://httpd.apache.org/docs/logs.html
+CVE-2001-1555 (pt_chmod in Solaris 8 does not call fdetach to reset terminal ...)
+	NOT-FOR-US: Solaris
+CVE-2001-1554 (IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote ...)
+	NOT-FOR-US: AIX
+CVE-2001-1553 (Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, ...)
+	- setiathome <not-affected> (not suid in debian)
+CVE-2001-1552 (ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of ...)
+	NOT-FOR-US: Microsoft
+CVE-2001-1551 (Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, ...)
+	NOTE: no info in CVE db about fix
+	TODO: check with current kernel on a system with quotas
+CVE-2001-1550 (CentraOne 5.2 and Centra ASP with basic authentication enabled creates ...)
+	NOT-FOR-US: Centra
+CVE-2001-1549 (Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass ...)
+	NOT-FOR-US: Tiny Personal Firewall
+CVE-2001-1548 (ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local ...)
+	NOT-FOR-US: Tiny Personal Firewall
+CVE-2001-1547 (Outlook Express 6.0, with &quot;Do not allow attachments to be saved or ...)
+	NOT-FOR-US: Outlook
+CVE-2001-1546 (Pathways Homecare 6.5 uses weak encryption for user names and ...)
+	NOT-FOR-US: Pathways Homecare
+CVE-2001-1545 (Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests ...)
+	NOT-FOR-US: Macromedia JRun
+CVE-2001-1544 (Directory traversal vulnerability in Macromedia JRun Web Server (JWS) ...)
+	NOT-FOR-US: Macromedia JRun
+CVE-2001-1543 (Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default ...)
+	NOT-FOR-US: Axis network camera
+CVE-2001-1542 (NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter ...)
+	NOT-FOR-US: NAI WebShield SMTP
+CVE-2001-1541 (Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS ...)
+	NOT-FOR-US: BSDI UUCP
+CVE-2001-1540 (IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a ...)
+	NOT-FOR-US: IPRoute router software
+	NOTE: This is not for iproute/iproute2.
+	NOTE: From Chris Gragsone's message on BUGTRAQ:
+	NOTE: "IPRoute, by David F. Mischler, is PC-based router software
+	NOTE: "for networks running the Internet Protocol (IP)."
+CVE-2001-1539 (The JavaScript settimeout function in Internet Explorer allows remote ...)
+	NOT-FOR-US: MSIE
+CVE-2001-1538 (SpeedXess HA-120 DSL router has a default administrative password of ...)
+	NOT-FOR-US: SpeedXess HA-120 DSL router
+CVE-2001-1537 (The default &quot;basic&quot; security setting' in config.php for TWIG webmail ...)
+	NOTE: current twig package seems to have secure cookies enabled
+	NOTE: still uses "basic" security setting.
+CVE-2001-1536 (Autogalaxy stores usernames and passwords in cleartext in cookies, ...)
+	NOT-FOR-US: Autogalaxy
+CVE-2001-1535 (Slashcode 2.0 creates new accounts with an 8-character random ...)
+	- slash <unfixed> (bug #328927; low)
+CVE-2001-1534 (mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's ...)
+	- apache (bug #328919; unimportant)
+	- apache2 <unfixed> (unimportant)
+	NOTE: Cookies are only used for invading user privacy,
+	NOTE: not for authentication, so apache and apache2 should be fine.
+CVE-2001-1533 (** DISPUTED * ...)
+	NOT-FOR-US: Microsoft
+CVE-2001-1532 (WebX stores authentication information in the HTTP_REFERER variable, ...)
+	NOT-FOR-US: WebX
+CVE-2001-1531 (Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to ...)
+	NOT-FOR-US: Claris Emailer
+CVE-2001-1530 (run.cgi in Webmin 0.80 and 0.88 creates temporary files with ...)
+	NOTE: verified current webmin is ok
+CVE-2001-1529 (Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows ...)
+	NOT-FOR-US: AIX
+CVE-2001-1528 (AmTote International homebet program returns different error messages ...)
+	NOT-FOR-US: AmTote International homebet
+CVE-2001-1527 (easyNews 1.5 and earlier stores adminstration passwords in cleartext ...)
+	NOT-FOR-US: easynews
+CVE-2001-1526 (Cross-site scripting (XSS) vulnerability in the comments action in ...)
+	NOT-FOR-US: easynews
+CVE-2001-1525 (Directory traversal vulnerability in the comments action in easyNews ...)
+	NOT-FOR-US: easynews
+CVE-2001-1524 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier ...)
+	NOT-FOR-US: PHP-Nuke
+CVE-2001-1523 (Cross-site scripting (XSS) vulnerability in the DMOZGateway module for ...)
+	NOT-FOR-US: PHP-Nuke
+CVE-2001-1522 (Cross-site scripting (XSS) vulnerability in im.php in IMessenger for ...)
+	NOT-FOR-US: PHP-Nuke
+CVE-2001-1521 (Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 ...)
+	NOT-FOR-US: PHP-Nuke
+CVE-2001-1520 (Xircom REX 6000 allows local users to obtain the 10 digit PIN by ...)
+	NOT-FOR-US: Xircom REX
+CVE-2001-1519 (** DISPUTED ** ...)
+	NOT-FOR-US: RunAs
+CVE-2001-1518 (RunAs (runas.exe) in Windows 2000 only creates one session instance at ...)
+	NOT-FOR-US: RunAs
+CVE-2001-1517 (** DISPUTED ** ...)
+	NOT-FOR-US: RunAs
+CVE-2001-1516 (Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and ...)
+	NOT-FOR-US: phpReview
+CVE-2001-1515 (Macintosh clients, when using NT file system volumes on Windows 2000 ...)
+	NOT-FOR-US: Macintosh clients, when using NT file system volumes on Windows
+CVE-2001-1514 (ColdFusion 4.5 and 5, when running on Windows with the advanced ...)
+	NOT-FOR-US: ColdFusion
+CVE-2001-1513 (Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain ...)
+	NOT-FOR-US: JRun
+CVE-2001-1512 (Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to ...)
+	NOT-FOR-US: JRun
+CVE-2001-1511 (JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows ...)
+	NOT-FOR-US: JRun
+CVE-2001-1510 (Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, ...)
+	NOT-FOR-US: JRun
+CVE-2001-1509 (geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not ...)
+	NOT-FOR-US: HP-UX
+CVE-2001-1508 (Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows ...)
+	- lprng <not-affected> (Not suid in Debian)
+	- cupsys <not-affected> (Not suid in Debian)
+CVE-2001-1507 (OpenSSH before 3.0.1 with Kerberos V enabled does not properly ...)
+	- openssh 1:3.0.1
+CVE-2001-1506 (Unknown vulnerability in the file system protection subsystem in HP ...)
+	NOT-FOR-US: HP Secure OS layer
+CVE-2001-1505 (tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into ...)
+	- tinc 1.0pre5-1
+CVE-2001-1504 (Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary ...)
+	NOT-FOR-US: Lotus Notes
+CVE-2001-1503 (The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS ...)
+	NOT-FOR-US: Sun
+CVE-2001-1502 (webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote ...)
+	NOT-FOR-US: WebCart
+CVE-2001-1501 (The glob functionality in ProFTPD 1.2.1, and possibly other versions ...)
+	NOTE: Fix went into proftpd CVS on 2002-12-12
+	- proftpd 1.2.8-1
+CVE-2001-1500 (ProFTPD 1.2.2rc2, and possibly other versions, does not properly ...)
+	- proftpd 1.2.4-1
+CVE-2001-1499 (Check Point VPN-1 4.1SP4 using SecuRemote returns different error ...)
+	NOT-FOR-US: Check Point
+CVE-2001-1498 (Buffer overflow in mod_bf 0.2 allows local users execute arbitrary ...)
+	NOT-FOR-US: mod_bf
+CVE-2001-1497 (Microsoft Internet Explorer 4.0 through 6.0 could allow local users to ...)
+	NOT-FOR-US: Microsoft
+CVE-2001-1496 (Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd ...)
+	- thttpd 2.21
+CVE-2001-1495 (network_query.php in Network Query Tool 1.0 allows remote attackers ...)
+	NOT-FOR-US: Network Query Tool
+CVE-2001-1494 (script command in the util-linux package before 2.11n allows local ...)
+	- util-linux 2.11n-1
+CVE-2001-1492
+	REJECTED
+CVE-2001-1491 (Opera 5.11 allows remote attackers to cause a denial of service (CPU ...)
+	NOT-FOR-US: Opera
+CVE-2001-1490 (Mozilla 0.9.6 allows remote attackers to cause a denial of service ...)
+	NOTE: mozilla is quite easily DOSable with all sorts of large html
+	NOTE: files, probably not worth following up on.
+CVE-2001-1489 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...)
+	NOT-FOR-US: Microsoft
+CVE-2001-1488 (Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 ...)
+	NOT-FOR-US: Open Projects ircd
+CVE-2001-1487 (popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users ...)
+	NOTE: verified not present in 4.0.5-4sarge1
+CVE-2001-1484 (Alcatel ADSL modems allow remote attackers to access the Trivial File ...)
+	NOT-FOR-US: Alcatel hardware issue
+CVE-2001-1483 (One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows ...)
+	- libpam-opie <unfixed> (bug #112279; low)
+CVE-2001-1482 (SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 ...)
+	NOTE: phpbb was initially uploaded as version 2 or phpbb has been removed now
+CVE-2001-1481 (Xitami 2.4 through 2.5 b4 stores the Administrator password in ...)
+	NOT-FOR-US: Xitami
+CVE-2001-1480 (Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows ...)
+	NOT-FOR-US: Sun Java
+CVE-2001-1479 (smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows ...)
+	NOT-FOR-US: Sun
+CVE-2001-1478 (Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix ...)
+	NOT-FOR-US: UnixWare
+CVE-2001-1477 (The Domain gateway in BEA Tuxedo 7.1 does not perform authorization ...)
+	NOT-FOR-US: BEA Tuxedo
+CVE-2001-1476 (SSH before 2.0, with RC4 encryption and the &quot;disallow NULL passwords&quot; ...)
+	NOT-FOR-US: Commercial SSH
+CVE-2001-1475 (SSH before 2.0, when using RC4 and password authentication, allows ...)
+	NOT-FOR-US: Commercial SSH
+CVE-2001-1474 (SSH before 2.0 disables host key checking when connecting to the ...)
+	NOT-FOR-US: Commercial SSH
+CVE-2001-1473 (The SSH-1 protocol allows remote servers conduct man-in-the-middle ...)
+	NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
+CVE-2001-1472 (SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 ...)
+	- phpbb2 2.0.6c-1
+CVE-2001-1471 (prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users ...)
+	- phpbb2 2.0.6c-1
+CVE-2001-1470 (The IDEA cipher as implemented by SSH1 does not protect the final ...)
+	NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
+CVE-2001-1469 (The RC4 stream cipher as used by SSH1 allows remote attackers to ...)
+	NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
+CVE-2001-1468 (PHP remote code injection vulnerability in checklogin.php in ...)
+	NOT-FOR-US: phpSecurePages
+CVE-2001-1467 (mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, ...)
+	NOTE: in expect 5.42.1, mkpasswd does not seed by pid; doesn't seem
+	NOTE: to seed at all; my tests indicate it generates no dups in
+	NOTE: some 100000 passwords.
+CVE-2001-1466 (Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the ...)
+	NOT-FOR-US: VanDyke SecureCRT
+CVE-2001-1465 (SurfControl SuperScout only filters packets containing both an HTTP ...)
+	NOT-FOR-US: SurfControl SuperScout
+CVE-2001-1464 (Crystal Reports, when displaying data for a password protected ...)
+	NOT-FOR-US: Crystal Reports
+CVE-2001-1463 (The remote admimnistration client for RhinoSoft Serv-U 3.0 sends the ...)
+	NOT-FOR-US: RhinoSoft Serv-U
+CVE-2001-1462 (WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, ...)
+	NOT-FOR-US: RSA Security SecurID
+CVE-2001-1461 (Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 ...)
+	NOT-FOR-US: RSA Security SecurID
+CVE-2001-1460 (SQL injection vulnerability in article.php in PostNuke 0.62 through ...)
+	NOT-FOR-US: PostNuke
+CVE-2001-1459 (OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication ...)
+	- openssh 1:3.0.1p1-1
+CVE-2001-1458 (Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 ...)
+	NOT-FOR-US: Novell Groupwise
+CVE-2001-1457 (Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote ...)
+	NOT-FOR-US: CrazyWWWBoard
+CVE-2001-1456 (Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for ...)
+	NOT-FOR-US: Gauntlet Firewall
+CVE-2001-1455 (Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to ...)
+	NOT-FOR-US: Netegrity SiteMinder
+CVE-2001-1454 (Buffer overflow in MySQL before 3.23.33 allows remote attackers to ...)
+	- mysql-dfsg 3.23.33-1
+CVE-2001-1453 (Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier ...)
+	- mysql-dfsg 3.23.33-1
+CVE-2001-1452 (By default, DNS servers on Windows NT 4.0 and Windows 2000 Server ...)
+	NOT-FOR-US: Windows
+CVE-2001-1451 (Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for ...)
+	NOT-FOR-US: Windows
+CVE-2001-1450 (Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause ...)
+	NOT-FOR-US: Windows
+CVE-2001-1449 (The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 ...)
+	NOT-FOR-US: Mandrake specific packaging flaw
+CVE-2001-1448 (Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local ...)
+	NOT-FOR-US: Magic eDeveloper
+CVE-2001-1447 (NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to ...)
+	NOT-FOR-US: Windows
+CVE-2001-1446 (Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable ...)
+	NOT-FOR-US: MacOS X
+CVE-2001-1445 (Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through ...)
+	NOT-FOR-US: Lotus Domino
+CVE-2001-1444 (The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and ...)
+	NOTE: Generic protocol flaw
+CVE-2001-1443 (KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not ...)
+	NOTE: Generic protocol flaw
+CVE-2001-1442 (Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 ...)
+	- inn2 2.3.3+20020922-1
+	- innfeed 0.10.1.7-7
+CVE-2001-1441 (Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 ...)
+	NOT-FOR-US: VisualAge for Java
+CVE-2001-1440 (Unknown vulnerability in login for AIX 5.1L, when using loadable ...)
+	NOT-FOR-US: AIX
+CVE-2001-1439 (Buffer overflow in the text editor functionality in HP-UX 10.01 ...)
+	NOT-FOR-US: HP-UX
+CVE-2001-1438 (Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module ...)
+	NOT-FOR-US: Handspring Visor
+CVE-2001-1437 (easyScripts easyNews 1.5 allows remote attackers to obtain the full ...)
+	NOT-FOR-US: easyScripts easyNews
+CVE-2001-1436 (Dallas Semiconductor iButton DS1991 returns predictable values when ...)
+	NOT-FOR-US: Dallas Semiconductor iButton DS1991
+CVE-2001-1435 (inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of ...)
+	NOT-FOR-US: Tru64 UNIX
+CVE-2001-1434 (Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read ...)
+	NOT-FOR-US: IOS
+CVE-2001-1433 (Cherokee web server before 0.2.7 does not properly drop root ...)
+	NOT-FOR-US: Cherokee 
+CVE-2001-1432 (Directory traversal vulnerability in Cherokee Web Server allows remote ...)
+	NOT-FOR-US: Cherokee 
+CVE-2001-1431 (Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 ...)
+	NOT-FOR-US: Nokia Firewall appliances
+CVE-2001-1430 (Cayman 3220-H DSL Router 1.0 ship without a password set, which allows ...)
+	NOT-FOR-US: Cayman DSL router
+CVE-2001-1429 (Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local ...)
+	NOTE: I could track this down to this posting
+	NOTE: http://cert.uni-stuttgart.de/archive/vuln-dev/2001/11/msg00104.html
+	NOTE: This looks very obscure an does not contain useful information on how this
+	NOTE: was triggered and even then it's not a problem, as mcedit usage does not
+	NOTE: have a remote impact and is not suid
+CVE-2001-1428 (The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped ...)
+	NOT-FOR-US: IPC@CHIP Embedded web server
+CVE-2001-1427 (Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 ...)
+	NOT-FOR-US: ColdFusion
+CVE-2001-1426 (Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through ...)
+	NOT-FOR-US: Alcatel Speed Touch
+CVE-2001-1425 (The challenge-response authentication of the EXPERT user for Alcatel ...)
+	NOT-FOR-US: Alcatel Speed Touch
+CVE-2001-1424 (Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, ...)
+	NOT-FOR-US: Alcatel Speed Touch
+CVE-2001-1423 (Advanced Poll before 1.61, when using a flat file database, allows ...)
+	NOT-FOR-US: Advanced Poll 
+CVE-2001-1422 (WinVNC 3.3.3 and earlier generates the same challenge string for ...)
+	NOT-FOR-US: WinVNC
+CVE-2001-1421 (AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to ...)
+	NOT-FOR-US: AOL Instant Messenger
+CVE-2001-1420 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a ...)
+	NOT-FOR-US: AOL Instant Messenger
+CVE-2001-1419 (AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote ...)
+	NOT-FOR-US: AOL Instant Messenger
+CVE-2001-1418 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a ...)
+	NOT-FOR-US: AOL Instant Messenger
+CVE-2001-1417 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a ...)
+	NOT-FOR-US: AOL Instant Messenger
+CVE-2001-1416 (Multiple cross-site scripting (XSS) vulnerabilities in the log ...)
+	NOT-FOR-US: AOL Instant Messenger
+CVE-2001-1415 (vi.recover in OpenBSD before 3.1 allows local users to remove ...)
+	NOT-FOR-US: no_package
+	NOTE: Debian's nvi recover script is very different
+CVE-2001-1414 (The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does ...)
+	NOT-FOR-US: Solaris
+CVE-2002-0013 (Vulnerabilities in the SNMPv1 request handling of a large number of ...)
+CVE-2002-0012 (Vulnerabilities in a large number of SNMP implementations allow ...)
+CVE-2002-0010 (Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL ...)
+CVE-2002-0008 (Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user ...)
+CVE-2002-0001 (Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt ...)
+CVE-2001-1413 (Stack-based buffer overflow in the comprexx function for ncompress ...)
+	NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
+	NOTE: discussion at:
+	NOTE: http://archives.neohapsis.com/archives/linux/lsap/2001-q2/0081.html
+	NOTE: listed sarge version contains a fix like the patch from Gentoo
+	- ncompress 4.2.4-15
+CVE-2001-1412 (nidump on MacOS X before 10.3 allows local users to read the encrypted ...)
+CVE-2001-1411 (Format string vulnerability in gm4 (aka m4) on Mac OS X may allow ...)
+CVE-2001-1410 (Internet Explorer 6 and earlier allows remote attackers to create ...)
+CVE-2001-1409 (dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with ...)
+CVE-2001-1408 (Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in ...)
+CVE-2001-1405 (Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, ...)
+CVE-2001-1404 (Bugzilla before 2.14 stores user passwords in plaintext and sends ...)
+CVE-2001-1403 (Bugzilla before 2.14 includes the username and password in URLs, which ...)
+CVE-2001-1402 (Bugzilla before 2.14 does not properly escape untrusted parameters, ...)
+CVE-2001-1401 (Bugzilla before 2.14 does not properly restrict access to confidential ...)
+CVE-2001-1400 (Unknown vulnerabilities in the UDP port allocation for Linux kernel ...)
+CVE-2001-1399 (Certain operations in Linux kernel before 2.2.19 on the x86 ...)
+CVE-2001-1398 (Masquerading code for Linux kernel before 2.2.19 does not fully check ...)
+CVE-2001-1397 (The System V (SYS5) shared memory implementation for Linux kernel ...)
+CVE-2001-1396 (Unknown vulnerabilities in strnlen_user for Linux kernel before ...)
+CVE-2001-1395 (Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 ...)
+CVE-2001-1394 (Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel ...)
+CVE-2001-1393 (Unknown vulnerability in classifier code for Linux kernel before ...)
+CVE-2001-1392 (The Linux kernel before 2.2.19 does not have unregister calls for (1) ...)
+CVE-2001-1390 (Unknown vulnerability in binfmt_misc in the Linux kernel before ...)
+CVE-2001-1389 (Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional ...)
+CVE-2001-1388 (iptables before 1.2.4 does not accurately convert rate limits that are ...)
+CVE-2001-1387 (iptables-save in iptables before 1.2.4 records the &quot;--reject-with ...)
+CVE-2001-1384 (ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows ...)
+CVE-2001-1379 (The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and ...)
+CVE-2001-1377 (Multiple RADIUS implementations do not properly validate the ...)
+CVE-2001-1376 (Buffer overflow in digest calculation function of multiple RADIUS ...)
+CVE-2001-1368 (Vulnerability in iPlanet Web Server 4 included in Virtualvault ...)
+CVE-2001-1366 (netscript before 1.6.3 parses dynamic variables, which could allow ...)
+CVE-2001-1365 (Vulnerability in IntraGnat before 1.4. ...)
+CVE-2001-1364 (Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain ...)
+CVE-2001-1363 (Vulnerability in phpWebSite before 0.7.9 related to running multiple ...)
+CVE-2001-1362 (Vulnerability in the server for nPULSE before 0.53p4. ...)
+CVE-2001-1361 (Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly ...)
+CVE-2001-1360 (Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related ...)
+CVE-2001-1358 (Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly ...)
+CVE-2001-1357 (Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) ...)
+CVE-2001-1356 (NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak ...)
+CVE-2001-1355 (Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and ...)
+CVE-2001-1354 (NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in ...)
+CVE-2001-1353 (ghostscript before 6.51 allows local users to read and write arbitrary ...)
+CVE-2001-1348 (TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized ...)
+CVE-2001-1346 (Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) ...)
+CVE-2001-1344 (WSSecurity.pl in WebStore allows remote attackers to bypass ...)
+CVE-2001-1343 (ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated ...)
+CVE-2001-1341 (The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi ...)
+CVE-2001-1340 (Beck GmbH IPC@Chip TelnetD service supports only one connection and ...)
+CVE-2001-1339 (Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect ...)
+CVE-2001-1338 (Beck IPC GmbH IPC@CHIP TelnetD server generates different responses ...)
+CVE-2001-1337 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to ...)
+CVE-2001-1336 (CesarFTP 0.98b and earlier stores usernames and passwords in plaintext ...)
+CVE-2001-1335 (Directory traversal vulnerability in CesarFTP 0.98b and earlier allows ...)
+CVE-2001-1333 (Linux CUPS before 1.1.6 does not securely handle temporary files, ...)
+CVE-2001-1332 (Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers ...)
+CVE-2001-1331 (mandb in the man-db package before 2.3.16-3 allows local users to ...)
+CVE-2001-1330 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...)
+CVE-2001-1329 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...)
+CVE-2001-1326 (Eudora 5.1 allows remote attackers to execute arbitrary code when the ...)
+CVE-2001-1325 (Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow ...)
+CVE-2001-1324 (cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not ...)
+CVE-2001-1323 (Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows ...)
+CVE-2001-1321 (Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote ...)
+CVE-2001-1320 (Network Associates PGP Keyserver 7.0 allows remote attackers to cause ...)
+CVE-2001-1319 (Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial ...)
+CVE-2001-1318 (Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote ...)
+CVE-2001-1317 (Teamware Office Enterprise Directory allows remote attackers to cause ...)
+CVE-2001-1316 (Buffer overflows in Teamware Office Enterprise Directory allows remote ...)
+CVE-2001-1315 (Critical Path (1) InJoin Directory Server or (2) LiveContent Directory ...)
+CVE-2001-1314 (Buffer overflows in Critical Path (1) InJoin Directory Server or (2) ...)
+CVE-2001-1313 (Lotus Domino R5 before R5.0.7a allows remote attackers to cause a ...)
+CVE-2001-1312 (Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow ...)
+CVE-2001-1311 (Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote ...)
+CVE-2001-1310 (IBM SecureWay 3.2.1 allow remote attackers to cause a denial of ...)
+CVE-2001-1309 (Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to ...)
+CVE-2001-1308 (Format string vulnerabilities in iPlanet Directory Server 4.1.4 and ...)
+CVE-2001-1307 (Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) ...)
+CVE-2001-1306 (iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote ...)
+CVE-2001-1305 (ICQ 2001a Alpha and earlier allows remote attackers to automatically ...)
+CVE-2001-1304 (Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to ...)
+CVE-2001-1300 (Directory traversal vulnerability in Dynu FTP server 1.05 and earlier ...)
+CVE-2001-1298 (Webodex PHP script 1.0 and earlier allows remote attackers to include ...)
+CVE-2001-1294 (Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows ...)
+CVE-2001-1293 (Buffer overflow in web server of 3com HomeConnect Cable Modem External ...)
+CVE-2001-1292 (Sambar Telnet Proxy/Server allows remote attackers to cause a denial ...)
+CVE-2001-1290 (admin.cgi in Active Classifieds Free Edition 1.0, and possibly ...)
+CVE-2001-1289 (Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a ...)
+CVE-2001-1288 (Windows 2000 and Windows NT allows local users to cause a denial of ...)
+CVE-2001-1287 (Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier ...)
+CVE-2001-1286 (Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, ...)
+CVE-2001-1285 (Directory traversal vulnerability in readmail.cgi for Ipswitch IMail ...)
+CVE-2001-1284 (Ipswitch IMail 7.04 and earlier uses predictable session IDs for ...)
+CVE-2001-1283 (The webmail interface for Ipswitch IMail 7.04 and earlier allows ...)
+CVE-2001-1282 (Ipswitch IMail 7.04 and earlier records the physical path of ...)
+CVE-2001-1281 (Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote ...)
+CVE-2001-1280 (POP3 Server for Ipswitch IMail 7.04 and earlier generates different ...)
+CVE-2001-1278 (Zope before 2.2.4 allows partially trusted users to bypass security ...)
+CVE-2001-1275 (MySQL before 3.23.31 allows users with a MySQL account to use the SHOW ...)
+CVE-2001-1274 (Buffer overflow in MySQL before 3.23.31 allows attackers to cause a ...)
+CVE-2001-1273 (The &quot;mxcsr P4&quot; vulnerability in the Linux kernel before 2.2.17-14, ...)
+CVE-2001-1272 (wmtv 0.6.5 and earlier does not properly drop privileges, which allows ...)
+CVE-2001-1271 (Directory traversal vulnerability in rar 2.02 and earlier allows ...)
+CVE-2001-1270 (Directory traversal vulnerability in the console version of PKZip ...)
+CVE-2001-1269 (Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite ...)
+CVE-2001-1268 (Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier ...)
+CVE-2001-1265 (Directory traversal vulnerability in IBM alphaWorks Java TFTP server ...)
+CVE-2001-1264 (Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating ...)
+CVE-2001-1263 (telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers ...)
+CVE-2001-1262 (Avaya Argent Office 2.1 compares a user-provided SNMP community string ...)
+CVE-2001-1261 (Avaya Argent Office 2.1 may allow remote attackers to change hold ...)
+CVE-2001-1260 (Avaya Argent Office uses weak encryption (trivial encoding) for ...)
+CVE-2001-1259 (Avaya Argent Office allows remote attackers to cause a denial of ...)
+CVE-2001-1258 (Horde Internet Messaging Program (IMP) before 2.2.6 allows local users ...)
+CVE-2001-1257 (Cross-site scripting vulnerability in Horde Internet Messaging Program ...)
+CVE-2001-1256 (kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create ...)
+CVE-2001-1255 (WinMySQLadmin 1.1 stores the MySQL password in plain text in the ...)
+CVE-2001-1254 (Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX ...)
+CVE-2001-1253 (Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords ...)
+CVE-2001-1250 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...)
+CVE-2001-1249 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...)
+CVE-2001-1248 (vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts ...)
+CVE-2001-1245 (Opera 5.0 for Linux does not properly handle malformed HTTP headers, ...)
+CVE-2001-1244 (Multiple TCP implementations could allow remote attackers to cause a ...)
+CVE-2001-1243 (Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 ...)
+CVE-2001-1242 (Directory traversal vulnerability in Un-CGI 1.9 and earlier allows ...)
+CVE-2001-1241 (Un-CGI 1.9 and earlier does not verify that a CGI script has the ...)
+CVE-2001-1239 (PowerNet IX allows remote attackers to cause a denial of service via a ...)
+CVE-2001-1238 (Task Manager in Windows 2000 does not allow local users to end ...)
+CVE-2001-1233 (Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with ...)
+CVE-2001-1232 (GroupWise WebAccess 5.5 with directory indexing enabled allows a ...)
+CVE-2001-1230 (Buffer overflows in Icecast before 1.3.10 allow remote attackers to ...)
+CVE-2001-1229 (Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before ...)
+CVE-2001-1228 (Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow ...)
+CVE-2001-1226 (AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, ...)
+CVE-2001-1225 (Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to ...)
+CVE-2001-1224 (get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows ...)
+CVE-2001-1223 (The web administration server for ELSA Lancom 1100 Office does not ...)
+CVE-2001-1222 (Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain ...)
+CVE-2001-1221 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses ...)
+CVE-2001-1220 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point ...)
+CVE-2001-1219 (Microsoft Internet Explorer 6.0 and earlier allows malicious website ...)
+CVE-2001-1218 (Microsoft Internet Explorer for Unix 5.0SP1 allows local users to ...)
+CVE-2001-1217 (Directory traversal vulnerability in PL/SQL Apache module in Oracle ...)
+CVE-2001-1216 (Buffer overflow in PL/SQL Apache module in Oracle 9i Application ...)
+CVE-2001-1214 (manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote ...)
+CVE-2001-1213 (The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a ...)
+CVE-2001-1212 (Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 ...)
+CVE-2001-1211 (Ipswitch IMail 7.0.4 and earlier allows attackers with administrator ...)
+CVE-2001-1210 (Cisco ubr900 series routers that conform to the Data-over-Cable ...)
+CVE-2001-1209 (Directory traversal vulnerability in zml.cgi allows remote attackers ...)
+CVE-2001-1208 (Format string vulnerability in DayDream BBS allows remote attackers to ...)
+CVE-2001-1207 (Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote ...)
+CVE-2001-1206 (Matrix CGI vault Last Lines 2.0 allows remote attackers to execute ...)
+CVE-2001-1205 (Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 ...)
+CVE-2001-1204 (Directory traversal vulnerability in phprocketaddin in Total PC ...)
+CVE-2001-1202 (Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does ...)
+CVE-2001-1198 (RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite ...)
+CVE-2001-1197 (klprfax_filter in KDE2 KDEUtils allows local users to overwrite ...)
+CVE-2001-1196 (Directory traversal vulnerability in edit_action.cgi of Webmin ...)
+CVE-2001-1195 (Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a ...)
+CVE-2001-1194 (Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to ...)
+CVE-2001-1192 (Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 ...)
+CVE-2001-1191 (WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote ...)
+CVE-2001-1190 (The default PAM files included with passwd in Mandrake Linux 8.1 do ...)
+CVE-2001-1189 (IBM Websphere Application Server 3.5.3 and earlier stores a password ...)
+CVE-2001-1188 (mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote ...)
+CVE-2001-1187 (csvform.pl 0.1 allows remote attackers to execute arbitrary commands ...)
+CVE-2001-1184 (wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows ...)
+CVE-2001-1182 (Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows ...)
+CVE-2001-1181 (Dynamically Loadable Kernel Module (dlkm) static kernel symbol table ...)
+CVE-2001-1179 (xman allows local users to gain privileges by modifying the MANPATH to ...)
+CVE-2001-1178 (Buffer overflow in xman allows local users to gain privileges via a ...)
+CVE-2001-1173 (Vulnerability in MasqMail before 0.1.15 allows local users to gain ...)
+CVE-2001-1171 (Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and ...)
+CVE-2001-1170 (AmTote International homebet program stores the homebet.log file in ...)
+CVE-2001-1169 (keyinit in S/Key does not require authentication to initialize a ...)
+CVE-2001-1168 (Directory traversal vulnerability in index.php in PhpMyExplorer before ...)
+CVE-2001-1167
+	REJECTED
+CVE-2001-1165 (Intego FileGuard 4.0 uses weak encryption to store user information ...)
+CVE-2001-1164 (Buffer overflow in uucp utilities in UnixWare 7 allows local users to ...)
+CVE-2001-1163 (Buffer overflow in Munica Corporation NetSQL 1.0 allows remote ...)
+CVE-2001-1159 (load_prefs.php and supporting include files in SquirrelMail 1.0.4 and ...)
+CVE-2001-1157 (Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly ...)
+CVE-2001-1156 (TYPSoft FTP 0.95 allows remote attackers to cause a denial of service ...)
+CVE-2001-1154 (Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, ...)
+CVE-2001-1152 (Baltimore Technologies WEBsweeper 4.02, when used to manage URL ...)
+CVE-2001-1151 (Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 ...)
+CVE-2001-1150 (Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate ...)
+CVE-2001-1148 (Multiple buffer overflows in programs used by scoadmin and sysadmsh in ...)
+CVE-2001-1143 (IBM DB2 7.0 allows a remote attacker to cause a denial of service ...)
+CVE-2001-1142 (ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, ...)
+CVE-2001-1140 (BadBlue Personal Edition v1.02 beta allows remote attackers to read ...)
+CVE-2001-1139 (Directory traversal vulnerability in ASCII NT WinWrapper Professional ...)
+CVE-2001-1138 (Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker ...)
+CVE-2001-1137 (D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows ...)
+CVE-2001-1136 (The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to ...)
+CVE-2001-1135 (ZyXEL Prestige 642R and 642R-I routers do not filter the routers' ...)
+CVE-2001-1134 (Xerox DocuPrint N40 Printers allow remote attackers to cause a denial ...)
+CVE-2001-1133 (Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users ...)
+CVE-2001-1131 (Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 ...)
+CVE-2001-1129 (Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) ...)
+CVE-2001-1128 (Buffer overflow in Progress database 8.3D and 9.1C allows local users ...)
+CVE-2001-1127 (Buffer overflow in Progress database 8.3D and 9.1C could allow a local ...)
+CVE-2001-1126 (Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, ...)
+CVE-2001-1125 (Symantec LiveUpdate before 1.6 does not use cryptography to ensure the ...)
+CVE-2001-1124 (rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to ...)
+CVE-2001-1123 (Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP ...)
+CVE-2001-1122 (Windows NT 4.0 SP 6a allows a local user with write access to ...)
+CVE-2001-1120 (Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote ...)
+CVE-2001-1115 (generate.cgi in SIX-webboard 2.01 and before allows remote attackers ...)
+CVE-2001-1114 (book.cgi in NetCode NC Book 0.2b allows remote attackers to execute ...)
+CVE-2001-1112 (Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute ...)
+CVE-2001-1111 (EFTP 2.0.7.337 stores user passwords in plaintext in the ...)
+CVE-2001-1110 (EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials ...)
+CVE-2001-1109 (Directory traversal vulnerability in EFTP 2.0.7.337 allows remote ...)
+CVE-2001-1107 (SnapStream PVS 1.2a stores its passwords in plaintext in the file ...)
+CVE-2001-1105 (RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches ...)
+CVE-2001-1104 (SonicWALL SOHO uses easily predictable TCP sequence numbers, which ...)
+CVE-2001-1102 (Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users ...)
+CVE-2001-1101 (The Log Viewer function in the Check Point FireWall-1 GUI for Solaris ...)
+CVE-2001-1097 (Cisco routers and switches running IOS 12.0 through 12.2.1 allows a ...)
+CVE-2001-1094 (NetOp School 1.5 allows local users to bypass access restrictions on ...)
+CVE-2001-1093 (Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows ...)
+CVE-2001-1092 (msgchk in Digital UNIX 4.0G and earlier allows a local user to read ...)
+CVE-2001-1091 (The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 ...)
+CVE-2001-1090 (nss_postgresql 0.6.1 and before allows a remote attacker to execute ...)
+CVE-2001-1087 (The default configuration of the config.http.tunnel.allow_ports option ...)
+CVE-2001-1086 (XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using ...)
+CVE-2001-1082 (Directory traversal vulnerability in Livingston/Lucent RADIUS before ...)
+CVE-2001-1078 (Format string vulnerability in flog function of eXtremail 1.1.9 and ...)
+CVE-2001-1077 (Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users ...)
+CVE-2001-1076 (Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows ...)
+CVE-2001-1073 (Webridge PX Application Suite allows remote attackers to obtain ...)
+CVE-2001-1070 (Sage Software MAS 200 allows remote attackers to cause a denial of ...)
+CVE-2001-1068 (qpopper 4.01 with PAM based authentication on Red Hat systems ...)
+CVE-2001-1065 (Web-based configuration utility in Cisco 600 series routers running ...)
+CVE-2001-1064 (Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows ...)
+CVE-2001-1061 (Vulnerability in lsmcode in unknown versions of AIX, possibly related ...)
+CVE-2001-1060 (phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute ...)
+CVE-2001-1058 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...)
+CVE-2001-1057 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...)
+CVE-2001-1052 (Empris PHP script allows remote attackers to include arbitrary files ...)
+CVE-2001-1051 (Dark Hart Portal (darkportal) PHP script allows remote attackers to ...)
+CVE-2001-1050 (CCCSoftware CCC PHP script allows remote attackers to include ...)
+CVE-2001-1047 (Race condition in OpenBSD VFS allows local users to cause a denial of ...)
+CVE-2001-1045 (Directory traversal vulnerability in basilix.php3 in Basilix Webmail ...)
+CVE-2001-1044 (Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class ...)
+CVE-2001-1042 (Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary ...)
+CVE-2001-1041 (oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to ...)
+CVE-2001-1040 (HP LaserJet, and possibly other JetDirect devices, resets the admin ...)
+CVE-2001-1039 (The JetAdmin web interface for HP JetDirect does not set a password ...)
+CVE-2001-1034 (Format string vulnerability in Hylafax on FreeBSD allows local users ...)
+	{DSA-148}
+CVE-2001-1033 (Compaq TruCluster 1.5 allows remote attackers to cause a denial of ...)
+CVE-2001-1031 (Directory traversal vulnerability in Meteor FTP 1.0 allows remote ...)
+CVE-2001-1026 (Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs ...)
+CVE-2001-1025 (PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL ...)
+CVE-2001-1024 (login.gas.bat and other CGI scripts in Entrust getAccess allow remote ...)
+CVE-2001-1023 (Xcache 2.1 allows remote attackers to determine the absolute path of ...)
+CVE-2001-1021 (Buffer overflows in WS_FTP 2.02 allow remote attackers to execute ...)
+CVE-2001-1019 (Directory traversal vulnerability in view_item CGI program in ...)
+CVE-2001-1018 (Lotus Domino web server 5.08 allows remote attackers to determine the ...)
+CVE-2001-1015 (Buffer overflow in Snes9x 1.37, when installed setuid root, allows ...)
+CVE-2001-1014 (eshop.pl in WebDiscount(e)shop allows remote attackers to execute ...)
+CVE-2001-1013 (Apache on Red Hat Linux with with the UserDir directive enabled ...)
+CVE-2001-1012 (Vulnerability in screen before 3.9.10, related to a multi-attach error, ...)
+CVE-2001-1009 (Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious ...)
+CVE-2001-1007 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a ...)
+CVE-2001-1006 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not ...)
+CVE-2001-1005 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak ...)
+CVE-2001-1004 (Cross-site scripting (CSS) vulnerability in gnut Gnutella client ...)
+CVE-2001-1003 (Respondus 1.1.2 for WebCT uses weak encryption to remember usernames ...)
+CVE-2001-1000 (rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and ...)
+CVE-2001-0999 (Outlook Express 6.00 allows remote attackers to execute arbitrary ...)
+CVE-2001-0997 (Textor Webmasters Ltd listrec.pl CGI program allows remote attackers ...)
+CVE-2001-0996 (POP3Lite before 0.2.4 does not properly quote a . (dot) in an email ...)
+CVE-2001-0994 (Marconi ForeThought 7.1 allows remote attackers to cause a denial of ...)
+CVE-2001-0992 (shopplus.cgi in ShopPlus shopping cart allows remote attackers to ...)
+CVE-2001-0991 (Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and ...)
+CVE-2001-0990 (Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, ...)
+CVE-2001-0989 (Buffer overflows in Pileup before 1.2 allows local users to gain root ...)
+CVE-2001-0988 (Arkeia backup server 4.2.8-2 and earlier creates its database files ...)
+CVE-2001-0986 (SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote ...)
+CVE-2001-0985 (shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote ...)
+CVE-2001-0984 (Password Safe 1.7(1) leaves cleartext passwords in memory when a user ...)
+CVE-2001-0983 (UltraEdit uses weak encryption to record FTP passwords in the ...)
+CVE-2001-0979 (Buffer overflow in swverify in HP-UX 11.0, and possibly other ...)
+CVE-2001-0976 (Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and ...)
+CVE-2001-0975 (Buffer overflow vulnerabilities in Oracle Internet Directory Server ...)
+CVE-2001-0974 (Format string vulnerabilities in Oracle Internet Directory Server ...)
+CVE-2001-0972 (Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on ...)
+CVE-2001-0971 (Directory traversal vulnerability in ACI 4d webserver allows remote ...)
+CVE-2001-0970 (Cross-site scripting vulnerability in TDForum 1.2 CGI script ...)
+CVE-2001-0968 (Knox Arkeia server 4.2, and possibly other versions, installs its root ...)
+CVE-2001-0967 (Knox Arkeia server 4.2, and possibly other versions, uses a constant ...)
+CVE-2001-0966 (Directory traversal vulnerability in Nudester 1.10 and earlier allows ...)
+CVE-2001-0964 (Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows ...)
+CVE-2001-0958 (Buffer overflows in eManager plugin for Trend Micro InterScan ...)
+CVE-2001-0956 (speechd 0.54 and earlier, with the Festival or rsynth speech synthesis ...)
+CVE-2001-0955 (Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph ...)
+CVE-2001-0953 (Kebi WebMail allows remote attackers to access the administrator menu ...)
+CVE-2001-0952 (THQ Volition Red Faction Game allows remote attackers to cause a ...)
+CVE-2001-0950 (ValiCert Enterprise Validation Authority (EVA) Administration Server ...)
+CVE-2001-0949 (Buffer overflows in forms.exe CGI program in ValiCert Enterprise ...)
+CVE-2001-0948 (Cross-site scripting (CSS) vulnerability in ValiCert Enterprise ...)
+CVE-2001-0947 (Forms.exe CGI program in ValiCert Enterprise Validation Authority ...)
+CVE-2001-0945 (Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh ...)
+CVE-2001-0944 (DDE in mIRC allows local users to launch applications under another ...)
+CVE-2001-0943 (dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the ...)
+CVE-2001-0942 (dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment ...)
+CVE-2001-0941 (Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local ...)
+CVE-2001-0938 (Directory traversal vulnerability in AspUpload 2.1, in certain ...)
+CVE-2001-0937 (PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands ...)
+CVE-2001-0935 (Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which ...)
+CVE-2001-0934 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the ...)
+CVE-2001-0933 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the ...)
+CVE-2001-0932 (Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote ...)
+CVE-2001-0931 (Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 ...)
+CVE-2001-0930 (Sendpage.pl allows remote attackers to execute arbitrary commands via ...)
+CVE-2001-0928 (Buffer overflow in the permitted function of GNOME gtop daemon ...)
+	{DSA-301}
+CVE-2001-0927 (Format string vulnerability in the permitted function of GNOME ...)
+CVE-2001-0926 (SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers ...)
+CVE-2001-0925 (The default installation of Apache before 1.3.19 allows remote ...)
+CVE-2001-0924 (Directory traversal vulnerability in ifx CGI program in Informix Web ...)
+CVE-2001-0923 (RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to ...)
+CVE-2001-0922 (ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier ...)
+CVE-2001-0919 (Internet Explorer 5.50.4134.0100 on Windows ME with &quot;Prompt to allow ...)
+CVE-2001-0916 (Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier ...)
+CVE-2001-0915 (Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 ...)
+CVE-2001-0913 (Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and ...)
+CVE-2001-0911 (PHP-Nuke 5.1 stores user and administrator passwords in a base-64 ...)
+CVE-2001-0910 (Legato Networker before 6.1 allows remote attackers to bypass access ...)
+CVE-2001-0908 (CITRIX Metaframe 1.8 logs the Client Address (IP address) that is ...)
+CVE-2001-0904 (Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies ...)
+CVE-2001-0903 (Linear key exchange process in High-bandwidth Digital Content ...)
+CVE-2001-0898 (Opera 6.0 and earlier allows remote attackers to access sensitive ...)
+CVE-2001-0897 (Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board ...)
+CVE-2001-0893 (Acme mini_httpd before 1.16 allows remote attackers to view sensitive ...)
+CVE-2001-0892 (Acme Thttpd Secure Webserver before 2.22, with the chroot option ...)
+CVE-2001-0890 (Certain backend drivers in the SANE library 1.0.3 and earlier, as used ...)
+CVE-2001-0885
+	RESERVED
+CVE-2001-0883
+	RESERVED
+CVE-2001-0882
+	RESERVED
+CVE-2001-0881
+	RESERVED
+CVE-2001-0880
+	RESERVED
+CVE-2001-0878
+	RESERVED
+CVE-2001-0871 (Directory traversal vulnerability in HTTP server for Alchemy Eye and ...)
+CVE-2001-0870 (HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through ...)
+CVE-2001-0868 (Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve ...)
+CVE-2001-0858 (Buffer overflow in pppattach and other linked PPP utilities in Caldera ...)
+CVE-2001-0856 (Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker ...)
+CVE-2001-0855 (Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local ...)
+CVE-2001-0854 (PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary ...)
+CVE-2001-0853 (Directory traversal vulnerability in Entrust GetAccess allows remote ...)
+CVE-2001-0849 (viralator CGI script in Viralator 0.9pre1 and earlier allows remote ...)
+CVE-2001-0848 (join.cfm in e-Zone Media Fuse Talk allows a local user to execute ...)
+CVE-2001-0847 (Lotus Domino Web Server 5.x allows remote attackers to gain sensitive ...)
+CVE-2001-0845 (Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 ...)
+CVE-2001-0844 (Vulnerability in (1) Book of guests and (2) Post it! allows remote ...)
+CVE-2001-0842 (Directory traversal vulnerability in Search.cgi in Leoboard LB5000 ...)
+CVE-2001-0841 (Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and ...)
+CVE-2001-0840 (Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows ...)
+CVE-2001-0839 (ibillpm.pl in iBill password management system generates weak ...)
+CVE-2001-0838 (Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows ...)
+CVE-2001-0835 (Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly ...)
+CVE-2001-0832 (Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users ...)
+CVE-2001-0831 (Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and ...)
+CVE-2001-0829 (A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a ...)
+CVE-2001-0827 (Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a ...)
+CVE-2001-0826 (Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute ...)
+CVE-2001-0824 (Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 ...)
+CVE-2001-0821 (The default configuration of DCShop 1.002 beta places sensitive files ...)
+CVE-2001-0820 (Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to ...)
+CVE-2001-0818 (A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier ...)
+CVE-2001-0817 (Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 ...)
+CVE-2001-0814
+	RESERVED
+CVE-2001-0813
+	RESERVED
+CVE-2001-0812
+	RESERVED
+CVE-2001-0811
+	RESERVED
+CVE-2001-0810
+	RESERVED
+CVE-2001-0809 (Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX ...)
+CVE-2001-0808 (gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers ...)
+CVE-2001-0807 (Internet Explorer 5.0, and possibly other versions, may allow remote ...)
+CVE-2001-0802
+	RESERVED
+CVE-2001-0800 (lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute ...)
+CVE-2001-0799 (Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote ...)
+CVE-2001-0798
+	RESERVED
+CVE-2001-0795 (Perception LiteServe 1.25 allows remote attackers to obtain source ...)
+CVE-2001-0794 (Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers ...)
+CVE-2001-0791 (Trend Micro InterScan VirusWall for Windows NT allows remote attackers ...)
+CVE-2001-0790 (Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a ...)
+CVE-2001-0789 (Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 ...)
+CVE-2001-0788 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...)
+CVE-2001-0786 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...)
+CVE-2001-0785 (Directory traversal in Webpaging interface in Internet Software ...)
+CVE-2001-0783 (Cisco TFTP server 1.1 allows remote attackers to read arbitrary files ...)
+CVE-2001-0782 (KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root ...)
+CVE-2001-0781 (Buffer overflow in SpoonFTP 1.0.0.12 allows remote attacker to execute ...)
+CVE-2001-0780 (Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl ...)
+CVE-2001-0778 (OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source ...)
+CVE-2001-0777 (Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of ...)
+CVE-2001-0776 (Buffer overflow in DynFX MailServer version 2.10 allows remote ...)
+CVE-2001-0775 (Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux ...)
+	{DSA-695-1}
+	- xli 1.17.0-17
+CVE-2001-0772 (Buffer overflows and other vulnerabilities in multiple Common Desktop ...)
+CVE-2001-0771 (Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator ...)
+CVE-2001-0768 (GuildFTPd 0.9.7 stores user names and passwords in plaintext in the ...)
+CVE-2001-0767 (Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers ...)
+CVE-2001-0766 (Apache on MacOS X Client 10.0.3 with the HFS+ file system allows ...)
+CVE-2001-0762 (Buffer overflow in su-wrapper 1.1.1 allows local users to execute ...)
+CVE-2001-0761 (Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager ...)
+CVE-2001-0759 (Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows ...)
+CVE-2001-0758 (Directory traversal vulnerability in Shambala 4.5 allows remote ...)
+CVE-2001-0756 (CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in ...)
+CVE-2001-0755 (Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows ...)
+CVE-2001-0753 (Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) ...)
+CVE-2001-0747 (Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, ...)
+CVE-2001-0746 (Buffer overflow in Web Publisher in iPlanet Web Server Enterprise ...)
+CVE-2001-0744 (Horde IMP 2.2.4 and earlier allows local users to overwrite files via ...)
+CVE-2001-0743 (Paging function in O'Reilly WebBoard Pager 4.10 allows remote ...)
+CVE-2001-0742 (Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows ...)
+CVE-2001-0737 (A long 'synch' delay in Logitech wireless mice and keyboard receivers ...)
+CVE-2001-0736 (Vulnerability in (1) pine before 4.33 and (2) the pico editor, ...)
+CVE-2001-0735 (Buffer overflow in cfingerd 1.4.3 and earlier with the ...)
+	- cfingerd 1.4.3-1.1 (bug #104394)
+	NOTE: 1.4.3-1.2 is not in the PTS, but 1.4.3-1.2 incorporates
+	NOTE: its changes.
+CVE-2001-0734 (Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local ...)
+CVE-2001-0729 (Apache 1.3.20 on Windows servers allows remote attackers to bypass the ...)
+CVE-2001-0725
+	RESERVED
+CVE-2001-0721 (Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows ...)
+CVE-2001-0715 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, ...)
+CVE-2001-0714 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, ...)
+CVE-2001-0713 (Sendmail before 8.12.1 does not properly drop privileges when the -C ...)
+CVE-2001-0712 (The rendering engine in Internet Explorer determines the MIME type ...)
+CVE-2001-0711 (Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a ...)
+CVE-2001-0709 (Microsoft IIS 4.0 and before, when installed on a FAT partition, ...)
+CVE-2001-0708 (Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a ...)
+CVE-2001-0707 (Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a ...)
+CVE-2001-0705 (Directory traversal vulnerability in tradecli.dll in Arcadia Internet ...)
+CVE-2001-0704 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...)
+CVE-2001-0703 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...)
+CVE-2001-0702 (Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial ...)
+CVE-2001-0695 (WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by ...)
+CVE-2001-0694 (Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote ...)
+CVE-2001-0693 (WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view ...)
+CVE-2001-0691 (Buffer overflows in Washington University imapd 2000a through 2000c ...)
+CVE-2001-0689 (Vulnerability in TrendMicro Virus Control System 1.8 allows a remote ...)
+CVE-2001-0688 (Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial ...)
+CVE-2001-0687 (Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker ...)
+CVE-2001-0684 (Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to ...)
+CVE-2001-0683 (Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a ...)
+CVE-2001-0681 (Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a ...)
+CVE-2001-0679 (A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote ...)
+CVE-2001-0678 (A buffer overflow in reggo.dll file used by Trend Micro InterScan ...)
+CVE-2001-0674 (Directory traversal vulnerability in RobTex Viking Web server before ...)
+CVE-2001-0673
+	RESERVED
+CVE-2001-0672
+	RESERVED
+CVE-2001-0671 (Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost ...)
+CVE-2001-0669 (Various Intrusion Detection Systems (IDS) including (1) Cisco Secure ...)
+CVE-2001-0661
+	RESERVED
+CVE-2001-0657
+	RESERVED
+CVE-2001-0656
+	RESERVED
+CVE-2001-0655
+	RESERVED
+CVE-2001-0654
+	RESERVED
+CVE-2001-0649 (Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial ...)
+CVE-2001-0647 (Orange Web Server 2.1, based on GoAhead, allows a remote attacker to ...)
+CVE-2001-0645 (Symantec/AXENT NetProwler 3.5.x contains several default passwords, ...)
+CVE-2001-0642 (Directory traversal vulnerability in IncrediMail version 1400185 and ...)
+CVE-2001-0636 (Buffer overflows in Raytheon SilentRunner allow remote attackers to ...)
+CVE-2001-0633 (Directory traversal vulnerability in Sun Chili!Soft ASP on multiple ...)
+CVE-2001-0632 (Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin ...)
+CVE-2001-0624 (QNX 2.4 allows a local user to read arbitrary files by directly ...)
+CVE-2001-0623 (sendfiled, as included with Simple Asynchronous File Transfer (SAFT), ...)
+CVE-2001-0620 (iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to ...)
+CVE-2001-0619 (The Lucent Closed Network protocol can allow remote attackers to join ...)
+CVE-2001-0618 (Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of ...)
+CVE-2001-0617 (Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the ...)
+CVE-2001-0614 (Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain ...)
+CVE-2001-0610 (kfm as included with KDE 1.x can allow a local attacker to gain ...)
+CVE-2001-0609 (Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier ...)
+CVE-2001-0608 (HP architected interface facility (AIF) as includes with MPE/iX 5.5 ...)
+CVE-2001-0607 (asecure as included with HP-UX 10.01 through 11.00 can allow a local ...)
+CVE-2001-0606 (Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with ...)
+CVE-2001-0605 (Headlight Software MyGetright prior to 1.0b allows a remote attacker ...)
+CVE-2001-0604 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0603 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0602 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0601 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0600 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...)
+CVE-2001-0599 (Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier ...)
+CVE-2001-0598 (Symantec Ghost 6.5 and earlier allows a remote attacker to create a ...)
+CVE-2001-0597 (Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and ...)
+CVE-2001-0592 (Watchguard Firebox II prior to 4.6 allows a remote attacker to create ...)
+CVE-2001-0588 (sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO ...)
+CVE-2001-0587 (deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a ...)
+CVE-2001-0584 (IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to ...)
+CVE-2001-0583 (Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a ...)
+CVE-2001-0582 (Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local ...)
+CVE-2001-0581 (Spytech Spynet Chat Server 6.5 allows a remote attacker to create a ...)
+CVE-2001-0580 (Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote ...)
+CVE-2001-0579 (lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain ...)
+CVE-2001-0578 (Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a ...)
+CVE-2001-0577 (recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker ...)
+CVE-2001-0576 (lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a  ...)
+CVE-2001-0575 (Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local ...)
+CVE-2001-0572 (The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and ...)
+CVE-2001-0571 (Directory traversal vulnerability in the web server for (1) Elron ...)
+CVE-2001-0570 (minicom 1.83.1 and earlier allows a local attacker to gain additional ...)
+CVE-2001-0569 (Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the ...)
+CVE-2001-0568 (Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker ...)
+CVE-2001-0566 (Cisco Catalyst 2900XL switch allows a remote attacker to create a denial ...)
+CVE-2001-0562 (a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a ...)
+CVE-2001-0561 (Directory traversal vulnerability in Drummond Miles A1Stats prior to ...)
+CVE-2001-0557 (T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to ...)
+CVE-2001-0556 (The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker ...)
+CVE-2001-0555 (ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote ...)
+CVE-2001-0552 (ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli ...)
+CVE-2001-0551 (Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users ...)
+CVE-2001-0542 (Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers ...)
+CVE-2001-0539
+	RESERVED
+CVE-2001-0535 (Example applications (Exampleapps) in ColdFusion Server 4.x do not ...)
+CVE-2001-0534 (Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b ...)
+CVE-2001-0532
+	RESERVED
+CVE-2001-0531
+	RESERVED
+CVE-2001-0524 (eEye SecureIIS versions 1.0.3 and earlier does not perform length ...)
+CVE-2001-0523 (eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to ...)
+CVE-2001-0521 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote ...)
+CVE-2001-0520 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote ...)
+CVE-2001-0519 (Aladdin eSafe Gateway versions 2.x allows a remote attacker to ...)
+CVE-2001-0516 (Oracle listener between Oracle 9i and Oracle 8.0 allows remote ...)
+CVE-2001-0515 (Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause ...)
+CVE-2001-0509 (Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 ...)
+CVE-2001-0505 (Multiple memory leaks in Microsoft Services for Unix 2.0 allow remote ...)
+CVE-2001-0499 (Buffer overflow in Transparent Network Substrate (TNS) Listener in ...)
+CVE-2001-0498 (Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i ...)
+CVE-2001-0496 (kdesu in kdelibs package creates world readable temporary files ...)
+CVE-2001-0492 (Netcruiser Web server version 0.1.2.8 and earlier allows remote ...)
+CVE-2001-0491 (Directory traversal vulnerability in RaidenFTPD Server 2.1 before ...)
+CVE-2001-0490 (Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute ...)
+CVE-2001-0484 (Tektronix PhaserLink 850 does not require authentication for access to ...)
+CVE-2001-0483 (Configuration error in Axent Raptor Firewall 6.5 allows remote ...)
+CVE-2001-0480 (Directory traversal vulnerability in Alex's FTP Server 0.7 allows ...)
+CVE-2001-0479 (Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier ...)
+CVE-2001-0478 (Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier ...)
+CVE-2001-0477 (Vulnerability in WebCalendar 0.9.26 allows remote command execution. ...)
+CVE-2001-0476 (Multiple buffer overflows in s.cgi program in Aspseek search engine ...)
+CVE-2001-0472 (Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) ...)
+CVE-2001-0471 (SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not ...)
+CVE-2001-0470 (Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local ...)
+CVE-2001-0468 (Buffer overflow in FTPFS allows local users to gain root privileges ...)
+CVE-2001-0466 (Directory traversal vulnerability in ustorekeeper 1.61 allows remote ...)
+CVE-2001-0464 (Buffer overflow in websync.exe in Cyberscheduler allows remote ...)
+CVE-2001-0460 (Websweeper 4.0 does not limit the length of certain HTTP headers, ...)
+CVE-2001-0459 (Buffer overflows in ascdc Afterstep while running setuid allows local ...)
+CVE-2001-0458 (Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and ...)
+CVE-2001-0454 (Directory traversal vulnerability in SlimServe HTTPd 1.1a allows ...)
+CVE-2001-0453 (Directory traversal vulnerability in BRS WebWeaver HTTP server ...)
+CVE-2001-0452 (BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to ...)
+CVE-2001-0451 (INDEXU 2.0 beta and earlier allows remote attackers to bypass ...)
+CVE-2001-0450 (Directory traversal vulnerability in Transsoft FTP Broker before 5.5 ...)
+CVE-2001-0448 (Web configuration server in 602Pro LAN SUITE allows remote attackers ...)
+CVE-2001-0447 (Web configuration server in 602Pro LAN SUITE allows remote attackers ...)
+CVE-2001-0446 (IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 ...)
+CVE-2001-0443 (Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote ...)
+CVE-2001-0441 (Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn ...)
+CVE-2001-0438 (Preview version of Timbuktu for Mac OS X allows local users to modify ...)
+CVE-2001-0437 (upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload ...)
+CVE-2001-0436 (dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute ...)
+CVE-2001-0435 (The split key mechanism used by PGP 7.0 allows a key share holder to ...)
+CVE-2001-0433 (Buffer overflow in Savant 3.0 web server allows remote attackers to ...)
+CVE-2001-0432 (Buffer overflows in various CGI programs in the remote administration ...)
+CVE-2001-0431 (Vulnerability in iPlanet Web Server Enterprise Edition 4.x. ...)
+CVE-2001-0426 (Buffer overflow in dtsession on Solaris, and possibly other operating ...)
+CVE-2001-0425 (AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain ...)
+CVE-2001-0424 (BubbleMon 1.31 does not properly drop group privileges before ...)
+CVE-2001-0421 (FTP server in Solaris 8 and earlier allows local and remote attackers ...)
+CVE-2001-0420 (Directory traversal vulnerability in talkback.cgi program allows ...)
+CVE-2001-0419 (Buffer overflow in shared library ndwfn4.so for iPlanet Web Server ...)
+CVE-2001-0418 (content.pl script in NCM Content Management System allows remote ...)
+CVE-2001-0417 (Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files ...)
+CVE-2001-0415 (REDIPlus program, REDI.exe, stores passwords and user names in ...)
+CVE-2001-0411 (Reliant Unix 5.44 and earlier allows remote attackers to cause a ...)
+CVE-2001-0410 (Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote ...)
+CVE-2001-0406 (Samba before 2.2.0 allows local attackers to overwrite arbitrary files ...)
+CVE-2001-0404 (Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) ...)
+CVE-2001-0403 (/opt/JSparm/bin/perfmon program in Solaris allows local users to ...)
+CVE-2001-0401 (Buffer overflow in tip in Solaris 8 and earlier allows local users to ...)
+CVE-2001-0400 (nph-maillist.pl allows remote attackers to execute arbitrary commands ...)
+CVE-2001-0399 (Caucho Resin 1.3b1 and earlier allows remote attackers to read source ...)
+CVE-2001-0398 (The BAT! mail client allows remote attackers to bypass user warnings ...)
+CVE-2001-0397 (Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote ...)
+CVE-2001-0396 (The pre-login mode in the System Administrator interface of Lightwave ...)
+CVE-2001-0395 (Lightwave ConsoleServer 3200 does not disconnect users after ...)
+CVE-2001-0393 (Navision Financials Server 2.0 allows remote attackers to cause a ...)
+CVE-2001-0392 (Navision Financials Server 2.60 and earlier allows remote attackers to ...)
+CVE-2001-0391 (Xitami 2.5d4 and earlier allows remote attackers to crash the server ...)
+CVE-2001-0390 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a ...)
+CVE-2001-0389 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine ...)
+CVE-2001-0385 (GoAhead webserver 2.1 allows remote attackers to cause a denial of ...)
+CVE-2001-0384 (ppd in Reliant Sinix allows local users to corrupt arbitrary files via ...)
+CVE-2001-0382 (Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak ...)
+CVE-2001-0381 (The OpenPGP PGP standard allows an attacker to determine the private ...)
+CVE-2001-0380 (Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 ...)
+CVE-2001-0376 (SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC ...)
+CVE-2001-0374 (The HTTP server in Compaq web-enabled management software for (1) ...)
+CVE-2001-0372 (Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a ...)
+CVE-2001-0370 (fcheck prior to 2.57.59 calls the file signature checking program ...)
+CVE-2001-0369 (Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a ...)
+CVE-2001-0367 (Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote ...)
+CVE-2001-0360 (Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and ...)
+CVE-2001-0359 (Format string vulnerability in Sierra Half-Life build 1573 and earlier ...)
+CVE-2001-0358 (Buffer overflows in Sierra Half-Life build 1573 and earlier allow ...)
+CVE-2001-0357 (FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to ...)
+CVE-2001-0355 (Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access ...)
+CVE-2001-0354 (TheNet CheckBO 1.56 allows remote attackers to cause a denial of ...)
+CVE-2001-0352 (SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point ...)
+CVE-2001-0350 (Microsoft Windows 2000 telnet service creates named pipes with ...)
+CVE-2001-0349 (Microsoft Windows 2000 telnet service creates named pipes with ...)
+CVE-2001-0343
+	RESERVED
+CVE-2001-0342
+	RESERVED
+CVE-2001-0337 (The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier ...)
+CVE-2001-0332 (Internet Explorer 5.5 and earlier does not properly verify the domain ...)
+CVE-2001-0329 (Bugzilla 2.10 allows remote attackers to execute arbitrary commands ...)
+CVE-2001-0328 (TCP implementations that use random increments for initial sequence ...)
+CVE-2001-0325 (Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a ...)
+CVE-2001-0324 (Windows 98 and Windows 2000 Java clients allow remote attackers to ...)
+CVE-2001-0323 (The ICMP path MTU (PMTU) discovery feature in various UNIX systems ...)
+CVE-2001-0322 (MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, ...)
+CVE-2001-0320 (bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote ...)
+CVE-2001-0315 (The locking feature in mIRC 5.7 allows local users to bypass the ...)
+CVE-2001-0314 (Buffer overflow in www.tol module in America Online (AOL) 5.0 may ...)
+CVE-2001-0313 (Borderware Firewall Server 6.1.2 allows remote attackers to cause a ...)
+CVE-2001-0312 (IBM WebSphere plugin for Netscape Enterprise server allows remote ...)
+CVE-2001-0308 (UploadServlet in Bajie HTTP JServer 0.78 allows remote attackers to ...)
+CVE-2001-0307 (Bajie HTTP JServer 0.78 allows remote attackers to execute arbitrary ...)
+CVE-2001-0306 (Directory traversal vulnerability in ITAfrica WEBactive HTTP Server ...)
+CVE-2001-0305 (Directory traversal vulnerability in store.cgi in Thinking Arts ES.One ...)
+CVE-2001-0304 (Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote ...)
+CVE-2001-0303 (tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to ...)
+CVE-2001-0302 (Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows ...)
+CVE-2001-0300 (oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory ...)
+CVE-2001-0298 (Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to ...)
+CVE-2001-0297 (Directory traversal vulnerability in Simple Server HTTPd 1.0 ...)
+CVE-2001-0296 (Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute ...)
+CVE-2001-0294 (Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows ...)
+CVE-2001-0293 (Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows ...)
+CVE-2001-0292 (PHP-Nuke 4.4.1a allows remote attackers to modify a user's email ...)
+CVE-2001-0291 (Buffer overflow in post-query sample CGI program allows remote ...)
+CVE-2001-0286 (Directory traversal vulnerability in A1 HTTP server 1.0a allows remote ...)
+CVE-2001-0285 (Buffer overflow in A1 HTTP server 1.0a allows remote attackers to ...)
+CVE-2001-0283 (Directory traversal vulnerability in SunFTP build 9 allows remote ...)
+CVE-2001-0282 (SEDUM 2.1 HTTP server allows remote attackers to cause a denial of ...)
+CVE-2001-0281 (Format string vulnerability in DbgPrint function, used in debug ...)
+CVE-2001-0277 (Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows ...)
+CVE-2001-0275 (Moby Netsuite Web Server 1.02 allows remote attackers to cause a ...)
+CVE-2001-0273 (pgp4pine Pine/PGP interface version 1.75-6 does not properly check to ...)
+CVE-2001-0272 (Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web ...)
+CVE-2001-0271 (mailnews.cgi 1.3 and earlier allows remote attackers to execute ...)
+CVE-2001-0270 (Marconi ASX-1000 ASX switches allow remote attackers to cause a denial ...)
+CVE-2001-0264 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote ...)
+CVE-2001-0263 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to ...)
+CVE-2001-0262 (Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers ...)
+CVE-2001-0261 (Microsoft Windows 2000 Encrypted File System does not properly destroy ...)
+CVE-2001-0258 (The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server ...)
+CVE-2001-0257 (Buffer overflow in Easycom/Safecom Print Server Web service, version ...)
+CVE-2001-0256 (FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of ...)
+CVE-2001-0255 (FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary ...)
+CVE-2001-0254 (FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real ...)
+CVE-2001-0253 (Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek ...)
+CVE-2001-0251 (The Web Publishing feature in Netscape Enterprise Server 3.x allows ...)
+CVE-2001-0250 (The Web Publishing feature in Netscape Enterprise Server 4.x and ...)
+CVE-2001-0249 (Heap overflow in FTP daemon in Solaris 8 allows remote attackers to ...)
+CVE-2001-0248 (Buffer overflow in FTP server in HPUX 11 allows remote attackers to ...)
+CVE-2001-0247 (Buffer overflows in BSD-based FTP servers allows remote attackers to ...)
+CVE-2001-0246 (Internet Explorer 5.5 and earlier does not properly verify the domain ...)
+CVE-2001-0242 (Buffer overflows in Microsoft Windows Media Player 7 and earlier allow ...)
+CVE-2001-0232 (newsdesk.cgi in News Desk 1.2 allows remote attackers to read ...)
+CVE-2001-0231 (Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 allows ...)
+CVE-2001-0229 (Chili!Soft ASP for Linux before 3.6 does not properly set group ...)
+CVE-2001-0228 (Directory traversal vulnerability in GoAhead web server 2.1 and ...)
+CVE-2001-0227 (Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to ...)
+CVE-2001-0226 (Directory traversal vulnerability in BiblioWeb web server 2.0 allows ...)
+CVE-2001-0225 (fortran math component in Infobot 0.44.5.3 and earlier allows remote ...)
+CVE-2001-0224 (Muscat Empower CGI program allows remote attackers to obtain the ...)
+CVE-2001-0223 (Buffer overflow in wwwwais allows remote attackers to execute ...)
+CVE-2001-0220 (Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local ...)
+CVE-2001-0217 (Directory traversal vulnerability in PALS Library System pals-cgi ...)
+CVE-2001-0216 (PALS Library System pals-cgi program allows remote attackers to ...)
+CVE-2001-0214 (Way-board CGI program allows remote attackers to read arbitrary files ...)
+CVE-2001-0213 (Buffer overflow in pi program in PlanetIntra 2.5 allows remote ...)
+CVE-2001-0212 (Directory traversal vulnerability in HIS Auktion 1.62 allows remote ...)
+CVE-2001-0211 (Directory traversal vulnerability in WebSPIRS 3.1 allows remote ...)
+CVE-2001-0210 (Directory traversal vulnerability in commerce.cgi CGI program allows ...)
+CVE-2001-0209 (Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) ...)
+CVE-2001-0208 (MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the ...)
+CVE-2001-0206 (Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows ...)
+CVE-2001-0205 (Directory traversal vulnerability in AOLserver 3.2 and earlier allows ...)
+CVE-2001-0202 (Picserver web server allows remote attackers to read arbitrary files ...)
+CVE-2001-0201 (The Postaci frontend for PostgreSQL does not properly filter ...)
+CVE-2001-0200 (HSWeb 2.0 HTTP server allows remote attackers to obtain the physical ...)
+CVE-2001-0199 (Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows ...)
+CVE-2001-0198 (Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows ...)
+CVE-2001-0192 (Buffer overflows in CTRLServer in XMail allows attackers to execute ...)
+CVE-2001-0188 (GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to ...)
+CVE-2001-0186 (Directory traversal vulnerability in Free Java Web Server 1.0 allows ...)
+CVE-2001-0184 (eEye Iris 1.01 beta allows remote attackers to cause a denial of ...)
+CVE-2001-0181 (Format string vulnerability in the error logging code of DHCP server ...)
+CVE-2001-0180 (Lars Ellingsen guestserver.cgi allows remote attackers to execute ...)
+CVE-2001-0177 (WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a ...)
+CVE-2001-0173 (Buffer overflow in qDecoder library 5.08 and earlier, as used in ...)
+CVE-2001-0172 (Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to ...)
+CVE-2001-0171 (Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to ...)
+CVE-2001-0168 (Buffer overflow in AT&amp;T WinVNC (Virtual Network Computing) server ...)
+CVE-2001-0167 (Buffer overflow in AT&amp;T WinVNC (Virtual Network Computing) client ...)
+CVE-2001-0163 (Cisco AP340 base station produces predictable TCP Initial Sequence ...)
+CVE-2001-0162 (WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers ...)
+CVE-2001-0161 (Cisco 340-series Aironet access point using firmware 11.01 does not ...)
+CVE-2001-0160 (Lucent/ORiNOCO WaveLAN cards generate predictable Initialization ...)
+CVE-2001-0159
+	RESERVED
+CVE-2001-0158
+	RESERVED
+CVE-2001-0146 (IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a ...)
+CVE-2001-0145 (Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook ...)
+CVE-2001-0135 (The default installation of Ultraboard 2000 2.11 creates the Skins, ...)
+CVE-2001-0134 (Buffer overflow in cpqlogin.htm in web-enabled agents for various ...)
+CVE-2001-0133 (The web administration interface for Interscan VirusWall 3.6.x and ...)
+CVE-2001-0132 (Interscan VirusWall 3.6.x and earlier follows symbolic links when ...)
+CVE-2001-0131 (htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local ...)
+	{DSA-195 DSA-188 DSA-187}