diff options
| author | Stefan Fritsch <sf@sfritsch.de> | 2006-11-20 07:58:43 +0000 |
|---|---|---|
| committer | Stefan Fritsch <sf@sfritsch.de> | 2006-11-20 07:58:43 +0000 |
| commit | 9e53a8244cacf2edfead3c7a26a112d4a008e56d (patch) | |
| tree | 9091c10c850bc8ee43632790c2815b9d84f374f7 /data | |
| parent | 5ad71dda945e3f1face4bd516701c2d7e3bcacd6 (diff) | |
remove pre-2003 TODOs
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4983 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/1999.list | 2678 | ||||
| -rw-r--r-- | data/CVE/2000.list | 2088 | ||||
| -rw-r--r-- | data/CVE/2001.list | 2362 | ||||
| -rw-r--r-- | data/CVE/2002.list | 798 |
4 files changed, 3963 insertions, 3963 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list index 0f93e7203f..53ac13620f 100644 --- a/data/CVE/1999.list +++ b/data/CVE/1999.list @@ -36,370 +36,370 @@ CVE-1999-1574 (Buffer overflow in the lex routines of nslookup for AIX 4.3 may a CVE-1999-1573 (Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) ...) NOT-FOR-US: HP-UX CVE-1999-1568 (Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1565 (Man2html 2.1 and earlier allows local users to overwrite arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1556 (Microsoft SQL Server 6.5 uses weak encryption for the password for the ...) NOT-FOR-US: Microsoft CVE-1999-1550 (bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1542 (RPMMail before 1.4 allows remote attackers to execute commands via an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1537 (IIS 3.x and 4.x does not distinguish between pages requiring ...) NOT-FOR-US: Microsoft CVE-1999-1535 (Buffer overflow in AspUpload.dll in Persits Software AspUpload before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1531 (Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1530 (cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1520 (A configuration problem in the Ad Server Sample directory (AdSamples) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1512 (The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1507 (Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1494 (colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1490 (xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1488 (sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1486 (sadc in IBM AIX 4.1 through 4.3, when called from programs such as ...) NOT-FOR-US: AIX CVE-1999-1481 (Squid 2.2.STABLE5 and below, when using external authentication, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1478 (The Sun HotSpot Performance Engine VM allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1476 (A bug in Intel Pentium processor (MMX and Overdrive) allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1473 (When a Web site redirects the browser to another site, Internet ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1472 (Internet Explorer 4.0 allows remote attackers to read arbitrary text ...) NOT-FOR-US: Microsoft CVE-1999-1468 (rdist in various UNIX systems uses popen to execute sendmail, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1456 (thttpd HTTP server 2.03 and earlier allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1455 (RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1452 (GINA in Windows NT 4.0 allows attackers with physical access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1437 (ePerl 2.2.12 allows remote attackers to read arbitrary files and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1433 (HP JetAdmin D.01.09 on Solaris allows local users to change the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1432 (Power management (Powermanagement) on Solaris 2.4 through 2.6 does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1423 (ping in Solaris 2.3 through 2.6 allows local users to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1419 (Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1414 (IBM Netfinity Remote Control allows local users to gain administrator ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1411 (The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1409 (The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1407 (ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1402 (The access permissions for a UNIX domain socket are ignored in Solaris ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1397 (Index Server 2.0 on IIS 4.0 stores physical path information in the ...) NOT-FOR-US: Microsoft CVE-1999-1386 (Perl 5.004_04 and earlier follows symbolic links when running with the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1385 (Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1384 (Indigo Magic System Tour in the SGI system tour package (systour) for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1382 (NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1380 (Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1379 (DNS allows remote attackers to use DNS name servers as traffic ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1365 (Windows NT searches a user's home directory (%systemroot% by default) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1363 (Windows NT 3.51 and 4.0 allow local users to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1362 (Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1360 (Windows NT 4.0 allows local users to cause a denial of service via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1359 (When the Ntconfig.pol file is used on a server whose name is longer ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1358 (When an administrator in Windows NT or Windows 2000 changes a user ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1356 (Compaq Integration Maintenance Utility as used in Compaq Insight ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1351 (Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1341 (Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1339 (Vulnerability when Network Address Translation (NAT) is enabled in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1337 (FTP client in Midnight Commander (mc) before 4.5.11 stores usernames ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1336 (3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1335 (snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1333 (automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1332 (gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows ...) {DSA-308} - gzip 1.3.5-6 CVE-1999-1331 (netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1330 (The snprintf function in the db library 1.85.4 ignores the size ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1329 (Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1328 (linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1327 (Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1326 (wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1325 (SAS System 5.18 on VAX/VMS is installed with insecure permissions for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1324 (VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1321 (Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1320 (Vulnerability in Novell NetWare 3.x and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1318 (/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1317 (Windows NT 4.0 SP4 and earlier allows local users to gain privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1316 (Passfilt.dll in Windows NT SP2 allows users to create a password that ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1309 (Sendmail before 8.6.7 allows local users to gain root access via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1301 (A design flaw in the Z-Modem protocol allows the remote sender of a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1298 (Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1297 (cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1294 (Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1290 (Buffer overflow in nftp FTP client version 1.40 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1288 (Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1284 (NukeNabber allows remote attackers to cause a denial of service by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1279 (An interaction between the AS/400 shared folders feature and Microsoft ...) NOT-FOR-US: Microsoft CVE-1999-1276 (fte-console in the fte package before 0.46b-4.1 does not drop root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1263 (Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1262 (Java in Netscape 4.5 does not properly restrict applets from ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1259 (Microsoft Office 98, Macintosh Edition, does not properly initialize ...) NOT-FOR-US: Microsoft CVE-1999-1258 (rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1249 (movemail in HP-UX 10.20 has insecure permissions, which allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1246 (Direct Mailer feature in Microsoft Site Server 3.0 saves user domain ...) NOT-FOR-US: Microsoft CVE-1999-1243 (SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1233 (IIS 4.0 does not properly restrict access for the initial session ...) NOT-FOR-US: Microsoft CVE-1999-1226 (Netscape Communicator 4.7 and earlier allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1223 (IIS 3.0 allows remote attackers to cause a denial of service via a ...) NOT-FOR-US: Microsoft CVE-1999-1222 (Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1217 (The PATH in Windows NT includes the current working directory (.), ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1215 (LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1214 (The asynchronous I/O facility in 4.4 BSD kernel does not check user ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1209 (Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1208 (Buffer overflow in ping in AIX 4.2 and earlier allows local users to ...) NOT-FOR-US: AIX CVE-1999-1205 (nettune in HP-UX 10.01 and 10.00 is installed setuid root, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1204 (Check Point Firewall-1 does not properly handle certain restricted ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1203 (Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1201 (Windows 95 and Windows 98 systems, when configured with multiple ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1199 (Apache WWW server 1.3.1 and earlier allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1198 (BuildDisk program on NeXT systems before 2.0 does not prompt users for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1197 (TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1194 (chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1193 (The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1192 (Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1191 (Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1189 (Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1188 (mysqld in MySQL 3.21 creates log files with world-readable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1181 (Vulnerability in On-Line Customer Registration software for IRIX 6.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1177 (Directory traversal vulnerability in nph-publish before 1.2 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1175 (Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS ...) NOT-FOR-US: Cisco CVE-1999-1167 (Cross-site scripting vulnerability in Third Voice Web annotation ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1163 (Vulnerability in HP Series 800 S/X/V Class servers allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1162 (Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1161 (Vulnerability in ppl in HP-UX 10.x and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1160 (Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1159 (SSH 2.0.11 and earlier allows local users to request remote forwarding ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1157 (Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1156 (BisonWare FTP Server 4.1 and earlier allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1148 (FTP service in IIS 4.0 and earlier allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-1999-1147 (Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1146 (Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1145 (Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1144 (Certain files in MPower in HP-UX 10.x are installed with insecure ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1143 (Vulnerability in runtime linker program rld in SGI IRIX 6.x and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1142 (SunOS 4.1.2 and earlier allows local users to gain privileges via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1140 (Buffer overflow in CrackLib 2.5 may allow local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1139 (Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1138 (SCO UNIX System V/386 Release 3.2, and other SCO products, installs ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1137 (The permissions for the /dev/audio device on Solaris 2.2 and earlier, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1136 (Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1132 (Windows NT 4.0 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1131 (Buffer overflow in OSF Distributed Computing Environment (DCE) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1127 (Windows NT 4.0 does not properly shut down invalid named pipe RPC ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1122 (Vulnerability in restore in SunOS 4.0.3 and earlier allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1121 (The default configuration for UUCP in AIX before 3.2 allows local ...) NOT-FOR-US: AIX CVE-1999-1120 (netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1119 (FTP installation script anon.ftp in AIX insecurely configures ...) NOT-FOR-US: AIX CVE-1999-1118 (ndd in Solaris 2.6 allows local users to cause a denial of service by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1117 (lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files ...) NOT-FOR-US: AIX CVE-1999-1116 (Vulnerability in runpriv in Indigo Magic System Administration ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1115 (Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1114 (Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1111 (Vulnerability in StackGuard before 1.21 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1109 (Sendmail before 8.10.0 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1105 (Windows 95, when Remote Administration and File Sharing for NetWare ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1104 (Windows 95 uses weak encryption for the password list (.pwl) file used ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1103 (dxconsole in DEC OSF/1 3.2C and earlier allows local users to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1102 (lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1100 (Cisco PIX Private Link 4.1.6 and earlier does not properly process ...) NOT-FOR-US: Cisco CVE-1999-1099 (Kerberos 4 allows remote attackers to obtain sensitive information via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1098 (Vulnerability in BSD Telnet client with encryption and Kerberos 4 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1094 (Buffer overflow in Internet Explorer 4.01 and earlier allows remote ...) NOT-FOR-US: Microsoft CVE-1999-1093 (Buffer overflow in the Window.External function in the JScript ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1090 (The default configuration of NCSA Telnet package for Macintosh and PC ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1087 (Internet Explorer 4 treats a 32-bit number ("dotless IP address") in ...) NOT-FOR-US: Microsoft CVE-1999-1085 (SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1080 (rmmount in SunOS 5.7 may mount file systems without the nosuid flag ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1074 (Webmin before 0.5 does not restrict the number of invalid passwords ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1059 (Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1057 (VMS 4.0 through 5.3 allows local users to gain privileges via the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1055 (Microsoft Excel 97 does not warn the user before executing worksheet ...) NOT-FOR-US: Microsoft CVE-1999-1048 (Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1047 (When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1045 (pnserver in RealServer 5.0 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1044 (Vulnerability in Advanced File System Utility (advfs) in Digital UNIX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1037 (rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1035 (IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-1999-1034 (Vulnerability in login in AT&T System V Release 4 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1032 (Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1028 (Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1027 (Solaris 2.6 HW3/98 installs admintool with world-writable permissions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1021 (NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1019 (SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1014 (Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1011 (The Remote Data Service (RDS) DataFactory component of Microsoft Data ...) NOT-FOR-US: Microsoft CVE-1999-1010 (An SSH 1.2.27 server allows a client to use the "none" cipher, even if ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1008 (xsoldier program allows local users to gain root access via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1007 (Buffer overflow in VDO Live Player allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1005 (Groupwise web server GWWEB.EXE allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1004 (Buffer overflow in the POP server POProxy for the Norton Anti-Virus ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1001 (Cisco Cache Engine allows a remote attacker to gain access via a null ...) NOT-FOR-US: Cisco CVE-1999-1000 (The web administration interface for Cisco Cache Engine allows remote ...) @@ -412,209 +412,209 @@ CVE-1999-0997 (wu-ftp with FTP conversion enabled allows an attacker to execute {DSA-377} - wu-ftpd 2.6.2-15 CVE-1999-0996 (Buffer overflow in Infoseek Ultraseek search engine allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0995 (Windows NT Local Security Authority (LSA) allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0994 (Windows NT with SYSKEY reuses the keystream that is used for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0992 (HP VirtualVault with the PHSS_17692 patch allows unprivileged ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0991 (Buffer overflow in GoodTech Telnet Server NT allows remote users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0989 (Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) ...) NOT-FOR-US: Microsoft CVE-1999-0987 (Windows NT does not properly download a system policy if the domain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0986 (The ping command in Linux 2.0.3x allows local users to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0982 (The Sun Web-Based Enterprise Management (WBEM) installation script ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0981 (Internet Explorer 5.01 and earlier allows a remote attacker to create ...) NOT-FOR-US: Microsoft CVE-1999-0980 (Windows NT Service Control Manager (SCM) allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0979 (The SCO UnixWare privileged process system allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0978 (htdig allows remote attackers to execute commands via filenames with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0977 (Buffer overflow in Solaris sadmind allows remote attackers to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0976 (Sendmail allows local users to reinitialize the aliases database via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0975 (The Windows help system can allow a local user to execute commands as ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0974 (Buffer overflow in Solaris snoop allows remote attackers to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0973 (Buffer overflow in Solaris snoop program allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0972 (Buffer overflow in Xshipwars xsw program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0971 (Buffer overflow in Exim allows local users to gain root privileges via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0969 (The Windows NT RPC service allows remote attackers to conduct a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0968 (Buffer overflow in BNC IRC proxy allows remote attackers to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0967 (Buffer overflow in the HTML library used by Internet Explorer, Outlook ...) NOT-FOR-US: Microsoft CVE-1999-0966 (Buffer overflow in Solaris getopt in libc allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0965 (Race condition in xterm allows local users to modify arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0964 (Buffer overflow in FreeBSD setlocale in the libc module allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0963 (FreeBSD mount_union command allows local users to gain root privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0962 (Buffer overflow in HPUX passwd command allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0961 (HPUX sysdiag allows local users to gain root privileges via a symlink ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0960 (IRIX cdplayer allows local users to create directories in arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0959 (IRIX startmidi program allows local users to modify arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0958 (sudo 1.5.x allows local users to execute arbitrary commands via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0957 (MajorCool mj_key_cache program allows local users to modify files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0956 (The NeXT NetInfo _writers property allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0955 (Race condition in wu-ftpd and BSDI ftpd allows remote attackers gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0954 (WWWBoard has a default username and default password. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0953 (WWWBoard stores encrypted passwords in a password file that is ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0951 (Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0950 (Buffer overflow in WFTPD FTP server allows remote attackers to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0947 (AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0946 (Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0945 (Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange ...) NOT-FOR-US: Microsoft CVE-1999-0943 (Buffer overflow in OpenLink 3.2 allows remote attackers to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0942 (UnixWare dos7utils allows a local user to gain root privileges by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0940 (Buffer overflow in mutt mail client allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0939 (Denial of service in Debian IRC Epic/epic4 client via a long string. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0938 (MBone SDR Package allows remote attackers to execute commands via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0937 (BNBForm allows remote attackers to read arbitrary files via the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0936 (BNBSurvey survey.cgi program allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0935 (classifieds.cgi allows remote attackers to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0934 (classifieds.cgi allows remote attackers to read arbitrary files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0933 (TeamTrack web server allows remote attackers to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0932 (Mediahouse Statistics Server allows remote attackers to read the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0931 (Buffer overflow in Mediahouse Statistics Server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0930 (wwwboard allows a remote attacker to delete message board articles via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0928 (Buffer overflow in SmartDesk WebSuite allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0927 (NTMail allows remote attackers to read arbitrary files via a .. (dot ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0924 (The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0922 (An example application in ColdFusion Server 4.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0921 (BMC Patrol allows any remote attacker to flood its UDP port, causing a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0920 (Buffer overflow in the pop-2d POP daemon in the IMAP package allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0918 (Denial of service in various Windows systems via malformed, fragmented ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0917 (The Preloader ActiveX control used by Internet Explorer allows remote ...) NOT-FOR-US: Microsoft CVE-1999-0916 (WebTrends software stores account names and passwords in a file which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0915 (URL Live! web server allows remote attackers to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0914 (Buffer overflow in the FTP client in the Debian GNU/Linux netstd ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0912 (FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0909 (Multihomed Windows systems allow a remote attacker to bypass IP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0908 (Denial of service in Solaris TCP streams driver via a malicious ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0907 (sccw allows local users to read arbitrary files. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0906 (Buffer overflow in sccw allows local users to gain root access via the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0905 (Denial of service in Axent Raptor firewall via malformed zero-length ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0904 (Buffer overflow in BFTelnet allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0903 (genfilt in the AIX Packet Filtering Module does not properly filter ...) NOT-FOR-US: AIX CVE-1999-0902 (ypserv allows local administrators to modify password tables. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0901 (ypserv allows a local user to modify the GECOS and login shells ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0900 (Buffer overflow in rpc.yppasswdd allows a local user to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0899 (The Windows NT 4.0 print spooler allows a local user to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0898 (Buffer overflows in Windows NT 4.0 print spooler allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0897 (iChat ROOMS Webserver allows remote attackers to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0896 (Buffer overflow in RealNetworks RealServer administration utility ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0895 (Firewall-1 does not properly restrict access to LDAP attributes. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0894 (Red Hat Linux screen program does not use Unix98 ptys, allowing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0893 (userOsa in SCO OpenServer allows local users to corrupt files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0892 (Buffer overflow in Netscape Communicator before 4.7 via a dynamic font ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0891 (The "download behavior" in Internet Explorer 5 allows remote attackers ...) NOT-FOR-US: Microsoft CVE-1999-0890 (iHTML Merchant allows remote attackers to obtain sensitive information ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0889 (Cisco 675 routers running CBOS allow remote attackers to establish ...) NOT-FOR-US: Cisco CVE-1999-0888 (dbsnmp in Oracle Intelligent Agent allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0887 (FTGate web interface server allows remote attackers to read files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0886 (The security descriptor for RASMAN allows users to point to an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0884 (The Zeus web server administrative interface uses weak encryption for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0883 (Zeus web server allows remote attackers to read arbitrary files by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0881 (Falcon web server allows remote attackers to read arbitrary files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0880 (Denial of service in WU-FTPD via the SITE NEWER command, which does ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0879 (Buffer overflow in WU-FTPD and related FTP servers allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0878 (Buffer overflow in WU-FTPD and related FTP servers allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0877 (Internet Explorer 5 allows remote attackers to read files via an ...) NOT-FOR-US: Microsoft CVE-1999-0876 (Buffer overflow in Internet Explorer 4.0 via EMBED tag. ...) NOT-FOR-US: Microsoft CVE-1999-0875 (DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0874 (Buffer overflow in IIS 4.0 allows remote attackers to cause a denial ...) NOT-FOR-US: Microsoft CVE-1999-0873 (Buffer overflow in Skyfull mail server via MAIL FROM command. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0871 (Internet Explorer 4.0 and 4.01 allow a remote attacker to read files ...) NOT-FOR-US: Microsoft CVE-1999-0870 (Internet Explorer 4.01 allows remote attackers to read arbitrary files ...) @@ -622,796 +622,796 @@ CVE-1999-0870 (Internet Explorer 4.01 allows remote attackers to read arbitrary CVE-1999-0869 (Internet Explorer 3.x to 4.01 allows a remote attacker to insert ...) NOT-FOR-US: Microsoft CVE-1999-0868 (ucbmail allows remote attackers to execute commands via shell ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0867 (Denial of service in IIS 4.0 via a flood of HTTP requests with ...) NOT-FOR-US: Microsoft CVE-1999-0866 (Buffer overflow in UnixWare xauto program allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0864 (UnixWare programs that dump core allow a local user to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0861 (Race condition in the SSL ISAPI filter in IIS and other servers may ...) NOT-FOR-US: Microsoft CVE-1999-0859 (Solaris arp allows local users to read files via the -f parameter, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0858 (Internet Explorer 5 allows a remote attacker to modify the IE client's ...) NOT-FOR-US: Microsoft CVE-1999-0856 (login in Slackware 7.0 allows remote attackers to identify valid users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0854 (Ultimate Bulletin Board stores data files in the cgi-bin directory, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0853 (Buffer overflow in Netscape Enterprise Server and Netscape ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0851 (Denial of service in BIND named via naptr. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0849 (Denial of service in BIND named via maxdname. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0848 (Denial of service in BIND named via consuming more than "fdmax" file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0847 (Buffer overflow in free internet chess server (FICS) program, xboard. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0842 (Symantec Mail-Gear 1.0 web interface server allows remote users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0839 (Windows NT Task Scheduler installed with Internet Explorer 5 allows a ...) NOT-FOR-US: Microsoft CVE-1999-0838 (Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0837 (Denial of service in BIND by improperly closing TCP sessions via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0836 (UnixWare uidadmin allows local users to modify arbitrary files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0835 (Denial of service in BIND named via malformed SIG records. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0834 (Buffer overflow in RSAREF2 via the encryption and decryption functions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0833 (Buffer overflow in BIND 8.2 via NXT records. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0832 (Buffer overflow in NFS server on Linux allows attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0831 (Denial of service in Linux syslogd via a large number of connections. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0826 (Buffer overflow in FreeBSD angband allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0824 (A Windows NT user can use SUBST to map a drive letter to a folder, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0823 (Buffer overflow in FreeBSD xmindpath allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0820 (FreeBSD seyon allows users to gain privileges via a modified PATH ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0819 (NTMail does not disable the VRFY command, even if the administrator ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0817 (Lynx WWW client allows a remote attacker to specify command-line ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0815 (Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0814 (Red Hat pump DHCP client allows remote attackers to gain root access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0813 (Cfingerd with ALLOW_EXECUTION enabled does not properly drop ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0812 (Race condition in Samba smbmnt allows local users to mount file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0811 (Buffer overflow in Samba smbd program via a malformed message ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0810 (Denial of service in Samba NETBIOS name service daemon (nmbd). ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0809 (Netscape Communicator 4.x with Javascript enabled does not warn a user ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0807 (The Netscape Directory Server installation procedure leaves sensitive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0806 (Buffer overflow in Solaris dtprintinfo program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0804 (Denial of service in Linux 2.2.x kernels via malformed ICMP packets ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0803 (The fwluser script in AIX eNetwork Firewall allows local users to ...) NOT-FOR-US: AIX CVE-1999-0802 (Buffer overflow in Internet Explorer 5 allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-1999-0801 (BMC Patrol allows remote attackers to gain access to an agent by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0800 (The GetFile.cfm file in Allaire Forums allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0799 (Buffer overflow in bootpd 2.4.3 and earlier via a long boot file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0797 (NIS finger allows an attacker to conduct a denial of service via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0796 (FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0794 (Microsoft Excel does not warn a user when a macro is present in a ...) NOT-FOR-US: Microsoft CVE-1999-0793 (Internet Explorer allows remote attackers to read files by redirecting ...) NOT-FOR-US: Microsoft CVE-1999-0791 (Hybrid Network cable modems do not include an authentication mechanism ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0790 (A remote attacker can read information from a Netscape user's cache ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0789 (Buffer overflow in AIX ftpd in the libc library. ...) NOT-FOR-US: AIX CVE-1999-0788 (Arkiea nlservd allows remote attackers to conduct a denial of service. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0787 (The SSH authentication agent follows symlinks via a UNIX domain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0786 (The dynamic linker in Solaris allows a local user to create arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0785 (The INN inndstart program allows local users to gain root privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0783 (FreeBSD allows local users to conduct a denial of service by creating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0782 (KDE kppp allows local users to create a directory in an arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0781 (KDE allows local users to execute arbitrary commands by setting the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0780 (KDE klock allows local users to kill arbitrary processes by specifying ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0779 (Denial of service in HP-UX SharedX recserv program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0778 (Buffer overflow in Xi Graphics Accelerated-X server allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0777 (IIS FTP servers may allow a remote attacker to read or delete files on ...) NOT-FOR-US: Microsoft CVE-1999-0775 (Cisco Gigabit Switch routers running IOS allow remote attackers to ...) NOT-FOR-US: Cisco CVE-1999-0774 (Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0773 (Buffer overflow in Solaris lpset program allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0772 (Denial of service in Compaq Management Agents and the Compaq Survey ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0771 (The web components of Compaq Management Agents and the Compaq Survey ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0770 (Firewall-1 sets a long timeout for connections that begin with ACK or ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0769 (Vixie Cron on Linux systems allows local users to set parameters of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0768 (Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0766 (The Microsoft Java Virtual Machine allows a malicious Java applet to ...) NOT-FOR-US: Microsoft CVE-1999-0765 (SGI IRIX midikeys program allows local users to modify arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0764 (NetBSD allows ARP packets to overwrite static ARP entries. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0763 (NetBSD on a multi-homed host allows ARP packets on one network to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0762 (When Javascript is embedded within the TITLE tag, Netscape ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0761 (Buffer overflow in FreeBSD fts library routines allows local user to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0760 (Undocumented ColdFusion Markup Language (CFML) tags and functions in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0759 (Buffer overflow in FuseMAIL POP service via long USER and PASS ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0758 (Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0756 (ColdFusion Administrator with Advanced Security enabled allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0755 (Windows NT RRAS and RAS clients cache a user's password even if the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0754 (The INN inndstart program allows local users to gain privileges by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0753 (The w3-msql CGI script provided with Mini SQL allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0752 (Denial of service in Netscape Enterprise Server via a buffer overflow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0751 (Buffer overflow in Accept command in Netscape Enterprise Server 3.6 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0749 (Buffer overflow in Microsoft Telnet client in Windows 95 and Windows ...) NOT-FOR-US: Microsoft CVE-1999-0747 (Denial of service in BSDi Symmetric Multiprocessing (SMP) when an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0746 (A default configuration of in.identd in SuSE Linux waits 120 seconds ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0745 (Buffer overflow in Source Code Browser Program Database Name Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0744 (Buffer overflow in Netscape Enterprise Server and FastTrask Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0743 (Trn allows local users to overwrite other users' files via symlinks. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0742 (The Debian mailman package uses weak authentication, which allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0740 (Remote attackers can cause a denial of service on Linux in.telnetd ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0735 (KDE K-Mail allows local users to gain privileges via a symlink attack ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0734 (A default configuration of CiscoSecure Access Control Server (ACS) ...) NOT-FOR-US: Cisco CVE-1999-0733 (Buffer overflow in VMWare 1.0.1 for Linux via a long HOME ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0732 (The logging facilitity of the Debian smtp-refuser package allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0731 (The KDE klock program allows local users to unlock a session using ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0730 (The zsoelim program in the Debian man-db package allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0729 (Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0728 (A Windows NT user can disable the keyboard or mouse by directly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0727 (A kernel leak in the OpenBSD kernel allows IPsec packets to be sent ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0726 (An attacker can conduct a denial of service in Windows NT by executing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0725 (When IIS is run with a default language of Chinese, Korean, or ...) NOT-FOR-US: Microsoft CVE-1999-0724 (Buffer overflow in OpenBSD procfs and fdescfs file systems via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0723 (The Windows NT Client Server Runtime Subsystem (CSRSS) can be ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0722 (The default configuration of Cobalt RaQ2 servers allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0721 (Denial of service in Windows NT Local Security Authority (LSA) through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0720 (The pt_chown command in Linux allows local users to modify TTY ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0719 (The Guile plugin for the Gnumeric spreadsheet package allows attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0718 (IBM GINA, when used for OS/2 domain authentication of Windows NT ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0717 (A remote attacker can disable the virus warning mechanism in Microsoft ...) NOT-FOR-US: Microsoft CVE-1999-0716 (Buffer overflow in Windows NT 4.0 help file utility via a malformed ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0715 (Buffer overflow in Remote Access Service (RAS) client allows an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0714 (Vulnerability in Compaq Tru64 UNIX edauth command. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0713 (The dtlogin program in Compaq Tru64 UNIX allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0711 (The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0710 (The Squid package in Red Hat Linux 5.2 and 6.0, and other ...) {DSA-576-1} - squid 2.5.7-1 CVE-1999-0708 (Buffer overflow in cfingerd allows local users to gain root privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0707 (The default FTP configuration in HP Visualize Conference allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0706 (Linux xmonisdn package allows local users to gain root privileges by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0705 (Buffer overflow in INN inews program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0704 (Buffer overflow in Berkeley automounter daemon (amd) logging facility ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0703 (OpenBSD, BSDI, and other Unix operating systems allow users to set ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0702 (Internet Explorer 5.0 and 5.01 allows remote attackers to modify or ...) NOT-FOR-US: Microsoft CVE-1999-0701 (After an unattended installation of Windows NT 4.0, an installation ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0700 (Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed ...) NOT-FOR-US: Microsoft CVE-1999-0699 (The Bluestone Sapphire web server allows session hijacking via easily ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0697 (SCO Doctor allows local users to gain root privileges through a Tools ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0696 (Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0695 (The Sybase PowerDynamo personal web server allows attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0694 (Denial of service in AIX ptrace system call allows local users to ...) NOT-FOR-US: AIX CVE-1999-0693 (Buffer overflow in TT_SESSION environment variable in ToolTalk shared ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0692 (The default configuration of the Array Services daemon (arrayd) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0691 (Buffer overflow in the AddSuLog function of the CDE dtaction utility ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0690 (HP CDE program includes the current directory in root's PATH variable. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0689 (The CDE dtspcd daemon allows local users to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0688 (Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0687 (The ToolTalk ttsession daemon uses weak RPC authentication, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0686 (Denial of service in Netscape Enterprise Server (NES) in HP Virtual ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0685 (Buffer overflow in Netscape Communicator via EMBED tags in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0683 (Denial of service in Gauntlet Firewall via a malformed ICMP packet. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0682 (Microsoft Exchange 5.5 allows a remote attacker to relay email ...) NOT-FOR-US: Microsoft CVE-1999-0681 (Buffer overflow in Microsoft FrontPage Server Extensions (PWS) ...) NOT-FOR-US: Microsoft CVE-1999-0680 (Windows NT Terminal Server performs extra work when a client opens a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0679 (Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0678 (A default configuration of Apache on Debian GNU/Linux sets the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0676 (sdtcm_convert in Solaris 2.6 allows a local user to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0675 (Check Point FireWall-1 can be subjected to a denial of service via UDP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0674 (The BSD profil system call allows a local user to modify the internal ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0672 (Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0671 (Buffer overflow in ToxSoft NextFTP client through CWD command. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0668 (The scriptlet.typelib ActiveX control is marked as "safe for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0628 (The rwho/rwhod service is running, which exposes machine status ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0627 (The rexd service is running, which uses weak authentication that can ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0626 (A version of rusers is running that exposes valid user information ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0612 (A version of finger is running that exposes valid user information ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0608 (An incorrect configuration of the PDG Shopping Cart CGI program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0566 (An attacker can write to syslog files from any location, causing a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0551 (HP OpenMail can be misconfigured to allow users to run arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0526 (An X server's access control is disabled (e.g. through an "xhost +" ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0514 (UDP messages to broadcast addresses are allowed, allowing for a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0513 (ICMP messages to broadcast addresses are allowed, allowing for a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0496 (A Windows NT 4.0 user can gain administrative rights by forcing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0494 (Denial of service in WinGate proxy through a buffer overflow in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0493 (rpc.statd allows remote attackers to forward RPC calls to the local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0491 (The prompt parsing in bash allows a local user to execute commands as ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0487 (The DHTML Edit ActiveX control in Internet Explorer allows remote ...) NOT-FOR-US: Microsoft CVE-1999-0485 (Remote attackers can cause a system crash through ipintr() in ipq in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0484 (Buffer overflow in OpenBSD ping. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0483 (OpenBSD crash using nlink value in FFS and EXT2FS filesystems. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0482 (OpenBSD kernel crash through TSS handling, as caused by the crashme ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0481 (Denial of service in "poll" in OpenBSD. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0479 (Denial of service Netscape Enterprise Server with VirtualVault on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0478 (Denial of service in HP-UX sendmail 8.8.6 related to accepting ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0475 (A race condition in how procmail handles .procmailrc files allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0474 (The ICQ Webserver allows remote attackers to use .. to access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0473 (The rsync command before rsync 2.3.1 may inadvertently change the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0472 (The SNMP default community name "public" is not properly removed in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0471 (The remote proxy server in Winroute allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0470 (A weak encryption algorithm is used for passwords in Novell ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0468 (Internet Explorer 5.0 allows a remote server to read arbitrary files ...) NOT-FOR-US: Microsoft CVE-1999-0466 (The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0464 (Local users can perform a denial of service in Tripwire 1.2 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0463 (Remote attackers can perform a denial of service using IRIX fcagent. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0458 (L0phtcrack 2.5 used temporary files in the system TEMP directory which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0457 (Linux ftpwatch program allows local users to gain root privileges. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0449 (The ExAir sample site in IIS 4 allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-1999-0448 (IIS 4.0 and Apache log HTTP request methods, regardless of how long ...) NOT-FOR-US: Microsoft CVE-1999-0447 (Local users can gain privileges using the debug utility in the MPE/iX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0446 (Local users can perform a denial of service in NetBSD 1.3.3 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0445 (In Cisco routers under some versions of IOS 12.0 running NAT, some ...) NOT-FOR-US: Cisco CVE-1999-0442 (Solaris ff.core allows local users to modify files. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0441 (Remote attackers can perform a denial of service in WinGate machines ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0440 (The byte code verifier component of the Java Virtual Machine (JVM) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0439 (Buffer overflow in procmail before version 3.12 allows remote or local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0438 (Remote attackers can perform a denial of service in WebRamp systems by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0437 (Remote attackers can perform a denial of service in WebRamp systems by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0436 (Domain Enterprise Server Management System (DESMS) in HP-UX allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0433 (XFree86 startx command is vulnerable to a symlink attack, allowing local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0432 (ftp on HP-UX 11.00 allows local users to gain privileges. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0430 (Cisco Catalyst LAN switches running Catalyst 5000 supervisor software ...) NOT-FOR-US: Cisco CVE-1999-0429 (The Lotus Notes 4.5 client may send a copy of encrypted mail in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0428 (OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0425 (talkback in Netscape 4.5 allows a local user to kill an arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0424 (talkback in Netscape 4.5 allows a local user to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0423 (Vulnerability in hpterm on HP-UX 10.20 allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0422 (In some cases, NetBSD 1.3.3 mount allows local users to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0421 (During a reboot after an installation of Linux Slackware 3.6, a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0420 (umapfs allows local users to gain root privileges by changing their ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0417 (64 bit Solaris 7 procfs allows local users to perform a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0416 (Vulnerability in Cisco 7xx series routers allows a remote attacker to ...) NOT-FOR-US: Cisco CVE-1999-0415 (The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled ...) NOT-FOR-US: Cisco CVE-1999-0414 (In Linux before version 2.0.36, remote attackers can spoof a TCP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0413 (A buffer overflow in the SGI X server allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0412 (In IIS and other web servers, an attacker can attack commands as ...) NOT-FOR-US: Microsoft CVE-1999-0410 (The cancel command in Solaris 2.6 (i386) has a buffer overflow that ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0408 (Files created from interactive shell sessions in Cobalt RaQ ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0407 (By default, IIS 4.0 has a virtual directory /IISADMPWD which contains ...) NOT-FOR-US: Microsoft CVE-1999-0405 (A buffer overflow in lsof allows local users to obtain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0404 (Buffer overflow in the Mail-Max SMTP server for Windows systems allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0403 (A bug in Cyrix CPUs on Linux allows local users to perform a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0402 (wget 1.5.3 follows symlinks to change permissions of the target file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0396 (A race condition between the select() and accept() calls in NetBSD TCP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0395 (A race condition in the BackWeb Polite Agent Protocol allows an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0393 (Remote attackers can cause a denial of service in Sendmail 8.8.x and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0392 (Buffer overflow in Thomas Boutell's cgic library version up to 1.05. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0391 (The cryptographic challenge of SMB authentication in Windows 95 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0390 (Buffer overflow in Dosemu Slang library in Linux. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0388 (DataLynx suGuard trusts the PATH environment variable to execute the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0387 (A legacy credential caching mechanism used in Windows 95 and Windows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0386 (Microsoft Personal Web Server and FrontPage Personal Web Server in ...) NOT-FOR-US: Microsoft CVE-1999-0385 (The LDAP bind function in Exchange 5.5 has a buffer overflow that ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0384 (The Forms 2.0 ActiveX control (included with Visual Basic for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0383 (ACC Tigris allows public access without a login. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0382 (The screen saver in Windows NT does not verify that its security ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0380 (SLMail 3.1 and 3.2 allows local users to access any file in the NTFS ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0379 (Microsoft Taskpads allows remote web sites to execute commands on the ...) NOT-FOR-US: Microsoft CVE-1999-0378 (InterScan VirusWall for Solaris doesn't scan files for viruses when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0377 (Process table attack in Unix systems allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0376 (Local users in Windows NT can obtain administrator privileges by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0375 (Buffer overflow in webd in Network Flight Recorder (NFR) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0374 (Debian GNU/Linux cfengine package is susceptible to a symlink attack. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0373 (Buffer overflow in the "Super" utility in Debian GNU/Linux, and other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0372 (The installer for BackOffice Server includes account names and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0371 (Lynx allows a local user to overwrite sensitive files through /tmp ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0369 (The Sun sdtcm_convert calendar utility for OpenWindows has a buffer ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0368 (Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0367 (NetBSD netstat command allows local users to access kernel memory. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0366 (In some cases, Service Pack 4 for Windows NT 4.0 can allow access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0365 (The metamail package allows remote command execution using shell ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0363 (SuSE 5.2 PLP lpc program has a buffer overflow that leads to root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0362 (WS_FTP server remote denial of service through cwd command. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0358 (Digital Unix 4.0 has a buffer overflow in the inc program of the mh ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0357 (Windows 98 and other operating systems allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0355 (Local or remote users can force ControlIT 4.5 to reboot or force a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0353 (rpc.pcnfsd in HP gives remote root access by changing the permissions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0351 (FTP PASV "Pizza Thief" denial of service and unauthorized data ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0350 (Race condition in the db_loader program in ClearCase gives local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0349 (A buffer overflow in the FTP list (ls) command in IIS allows remote ...) NOT-FOR-US: Microsoft CVE-1999-0348 (IIS ASP caching problem releases sensitive information when two ...) NOT-FOR-US: Microsoft CVE-1999-0346 (CGI PHP mlog script allows an attacker to read any file on the target ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0344 (NT users can gain debug-level access on a system process using the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0343 (A malicious Palace server can force a client to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0342 (Linux PAM modules allow local users to gain root access using ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0341 (Buffer overflow in the Linux mail program "deliver" allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0340 (Buffer overflow in Linux Slackware crond program allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0339 (Buffer overflow in the libauth library in Solaris allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0338 (AIX Licensed Program Product performance tools allow local users to ...) NOT-FOR-US: AIX CVE-1999-0337 (AIX batch queue (bsh) allows local and remote users to gain additional ...) NOT-FOR-US: AIX CVE-1999-0335 (DEPRECATED. This entry has been deprecated. It is a duplicate of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0334 (In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0332 (Buffer overflow in NetMeeting allows denial of service and remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0329 (SGI mediad program allows local users to gain root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0328 (SGI permissions program allows local users to gain root privileges. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0327 (SGI syserr program allows local users to corrupt files. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0326 (Vulnerability in HP-UX mediainit program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0325 (vhe_u_mnt program in HP-UX allows local users to create root files through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0324 (ppl program in HP-UX allows local users to create root files through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0323 (FreeBSD mmap function allows users to modify append-only or immutable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0322 (The open() function in FreeBSD allows local attackers to write ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0321 (Buffer overflow in Solaris kcms_configure command allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0320 (SunOS rpc.cmsd allows attackers to obtain root access by overwriting ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0318 (Buffer overflow in xmcd 2.0p12 allows local users to gain access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0316 (Buffer overflow in Linux splitvt command gives root access to local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0315 (Buffer overflow in Solaris fdformat command gives root access to local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0314 (ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0313 (disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0312 (HP ypbind allows attackers with root privileges to modify NIS data. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0311 (fpkg2swpk in HP-UX allows local users to gain root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0310 (SSH 1.2.25 on HP-UX allows access to new user accounts. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0309 (HP-UX vgdisplay program gives root access to local users. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0308 (HP-UX gwind program allows users to modify arbitrary files. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0305 (The system configuration control (sysctl) facility in BSD based ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0304 (mmap function in BSD allows local attackers in the kmem group to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0303 (Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0302 (SunOS/Solaris FTP clients can be forced to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0301 (Buffer overflow in SunOS/Solaris ps command. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0300 (nis_cachemgr for Solaris NIS+ allows attackers to add malicious ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0299 (Buffer overflow in FreeBSD lpd through long DNS hostnames. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0297 (Buffer overflow in Vixie Cron library up to version 3.0 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0296 (Solaris volrmmount program allows attackers to read any file. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0295 (Solaris sysdef command allows local users to read kernel memory, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0294 (All records in a WINS database can be deleted through SNMP for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0293 (AAA authentication on Cisco systems allows attackers to execute ...) NOT-FOR-US: Cisco CVE-1999-0292 (Denial of service through Winpopup using large user names. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0291 (The WinGate proxy is installed without a password, which allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0290 (The WinGate telnet proxy allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0289 (The Apache web server for Win32 may provide access to restricted ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0288 (The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0281 (Denial of service in IIS using long URLs. ...) NOT-FOR-US: Microsoft CVE-1999-0280 (Remote command execution in Microsoft Internet Explorer using .lnk and ...) NOT-FOR-US: Microsoft CVE-1999-0279 (Excite for Web Servers (EWS) allows remote command execution via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0278 (In IIS, remote attackers can obtain source code for ASP files by appending ...) NOT-FOR-US: Microsoft CVE-1999-0277 (The WorkMan program can be used to overwrite any file to get root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0276 (mSQL v2.0.1 and below allows remote execution through a buffer overflow. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0275 (Denial of service in Windows NT DNS servers by flooding port 53 with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0274 (Denial of service in Windows NT DNS servers through malicious packet ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0273 (Denial of service through Solaris 2.5.1 telnet by sending ^D characters. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0272 (Denial of service in Slmail v2.5 through the POP3 port. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0270 (Directory traversal vulnerability in pfdispaly.cgi program (sometimes ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0269 (Netscape Enterprise servers may list files through the PageServices query. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0268 (MetaInfo MetaWeb web server allows users to upload, execute, and read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0267 (Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0266 (The info2www CGI script allows remote file access or remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0265 (ICMP redirect messages may crash or lock up a host. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0264 (htmlscript CGI program allows remote read access to files. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0263 (Solaris SUNWadmap can be exploited to obtain root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0262 (Hylafax faxsurvey CGI script on Linux allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0260 (The jj CGI program allows command execution via shell metacharacters. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0259 (cfingerd lists all users on a system via search.**@target. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0256 (Buffer overflow in War FTP allows remote execution of commands. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0252 (Buffer overflow in listserv allows arbitrary command execution. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0251 (Denial of service in talk program allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0248 (A race condition in the authentication agent mechanism of sshd 1.2.17 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0247 (Buffer overflow in nnrpd program in INN up to version 1.6 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0245 (Some configurations of NIS+ in Linux allowed attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0244 (Livingston RADIUS code has a buffer overflow which can allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0239 (Netscape FastTrack Web server lists files when a lowercase "get" ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0237 (Remote execution of arbitrary commands through Guestbook CGI program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0236 (ScriptAlias directory in NCSA and Apache httpd allowed attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0234 (Bash treats any character with a value of 255 as a command separator. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0233 (IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd ...) NOT-FOR-US: Microsoft CVE-1999-0230 (Buffer overflow in Cisco 7xx routers through the telnet service. ...) NOT-FOR-US: Cisco CVE-1999-0228 (Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0227 (Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0225 (Windows NT 4.0 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0224 (Denial of service in Windows NT messenger service through a long ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0223 (Solaris syslogd crashes when receiving a message from a host that ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0221 (Denial of service of Ascend routers through port 150 (remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0219 (Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0218 (Livingston portmaster machines could be rebooted via a series ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0217 (Malicious option settings in UDP packets could force a reboot in SunOS ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0215 (Routed allows attackers to append data to files. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0214 (Denial of service by sending forged ICMP unreachable packets. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0212 (Solaris rpc.mountd generates error messages that allow a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0211 (Extra long export lists over 256 characters in some mount daemons ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0210 (Automount daemon automountd allows local or remote users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0209 (The SunView (SunTools) selection_svc facility allows remote users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0208 (rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0207 (Remote attacker can execute commands through Majordomo using the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0206 (MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0204 (Sendmail 8.6.9 allows remote attackers to execute root commands, using ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0203 (In Sendmail, attackers can gain root privileges via SMTP by specifying ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0202 (The GNU tar command, when used in FTP sessions, may allow an attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0201 (A quote cwd command on FTP servers can reveal the full path of the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0196 (websendmail in Webgais 1.0 allows a remote user to access arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0194 (Denial of service in in.comsat allows attackers to generate messages. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0192 (Buffer overflow in telnet daemon tgetent routing allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0191 (IIS newdsn.exe CGI script allows remote users to overwrite files. ...) NOT-FOR-US: Microsoft CVE-1999-0190 (Solaris rpcbind can be exploited to overwrite arbitrary files and gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0189 (Solaris rpcbind listens on a high numbered UDP port, which may not be ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0188 (The passwd command in Solaris can be subjected to a denial of service. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0185 (In SunOS or Solaris, a remote user could connect from an FTP server's ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0184 (When compiled with the -DALLOW_UPDATES option, bind allows dynamic ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0183 (Linux implementations of TFTP would allow access to files outside the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0182 (Samba has a buffer overflow which allows a remote attacker to obtain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0181 (The wall daemon can be used for denial of service, social engineering ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0180 (in.rshd allows users to login with a NULL username and execute commands. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0179 (Windows NT crashes or locks up when a Samba client executes a "cd .." ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0178 (Buffer overflow in the win-c-sample program (win-c-sample.exe) in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0177 (The uploader program in the WebSite web server allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0176 (The Webgais program allows a remote user to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0175 (The convert.bas program in the Novell web server allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0174 (The view-source CGI program allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0173 (FormMail CGI program can be used by web servers other than the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0172 (FormMail CGI program allows remote execution of commands. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0170 (Remote attackers can mount an NFS file system in Ultrix or OSF, even ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0168 (The portmapper may act as a proxy and redirect service requests from ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0167 (In SunOS, NFS file handles could be guessed, giving unauthorized ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0166 (NFS allows users to use a "cd .." command to access other directories ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0164 (A race condition in the Solaris ps command allows an attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0162 (The "established" keyword in some Cisco IOS software allowed ...) NOT-FOR-US: Cisco CVE-1999-0161 (In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended ...) @@ -1425,99 +1425,99 @@ CVE-1999-0158 (Cisco PIX firewall manager (PFM) on Windows NT allows attackers t CVE-1999-0157 (Cisco PIX firewall and CBAC IP fragmentation attack results in a ...) NOT-FOR-US: Cisco CVE-1999-0155 (The ghostscript command with the -dSAFER option allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0153 (Windows 95/NT out of band (OOB) data denial of service through NETBIOS ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0152 (The DG/UX finger daemon allows remote command execution through shell ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0151 (The SATAN session key may be disclosed if the user points the web ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0150 (The Perl fingerd program allows arbitrary command execution from ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0149 (The wrap CGI program in IRIX allows remote attackers to view ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0148 (The handler CGI program in IRIX allows arbitrary command execution. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0147 (The aglimpse CGI program of the Glimpse package allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0146 (The campas CGI program provided with some NCSA web servers allows an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0145 (Sendmail WIZ command enabled, allowing root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0143 (Kerberos 4 key servers allow a user to masquerade as another by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0142 (The Java Applet Security Manager implementation in Netscape Navigator ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0141 (Java Bytecode Verifier allows malicious applets to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0139 (Buffer overflow in Solaris x86 mkcookie allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0138 (The suidperl and sperl program do not give up root privileges when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0137 (The dip program on many Linux systems allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0136 (Kodak Color Management System (KCMS) on Solaris allows a local user to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0135 (admintool in Solaris allows a local user to write to arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0134 (vold in Solaris 2.x allows local users to gain root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0133 (fm_fls license server for Adobe Framemaker allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0132 (Expreserve, as used in vi and ex, allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0131 (Buffer overflow and denial of service in Sendmail 8.7.5 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0130 (Local users can start Sendmail in daemon mode and gain root privileges. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0129 (Sendmail allows local users to write to a file and gain group ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0128 (Oversized ICMP ping packets can result in a denial of service, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0126 (SGI IRIX buffer overflow in xterm and Xaw allows root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0125 (Buffer overflow in SGI IRIX mailx program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0124 (Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0122 (Buffer overflow in AIX lchangelv gives root access. ...) NOT-FOR-US: AIX CVE-1999-0120 (Sun/Solaris utmp file allows local users to gain root access if it ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0118 (AIX infod allows local users to gain root access through an X display. ...) NOT-FOR-US: AIX CVE-1999-0117 (AIX passwd allows local users to gain root access. ...) NOT-FOR-US: AIX CVE-1999-0116 (Denial of service when an attacker sends many SYN packets to create ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0115 (AIX bugfiler program allows local users to gain root access. ...) NOT-FOR-US: AIX CVE-1999-0113 (Some implementations of rlogin allow root access if given a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0112 (Buffer overflow in AIX dtterm program for the CDE. ...) NOT-FOR-US: AIX CVE-1999-0111 (RIP v1 is susceptible to spoofing. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0109 (Buffer overflow in ffbconfig in Solaris 2.5.1. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0108 (The printers program in IRIX has a buffer overflow that gives root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0103 (Echo and chargen, or other combinations of UDP services, can be used ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0102 (Buffer overflow in SLmail 3.x allows attackers to execute commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0101 (Buffer overflow in AIX and Solaris "gethostbyname" library call allows ...) NOT-FOR-US: AIX CVE-1999-0100 (Remote access in AIX innd 1.5.1, using control messages. ...) NOT-FOR-US: AIX CVE-1999-0099 (Buffer overflow in syslog utility allows local or remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0097 (The AIX FTP client can be forced to execute commands from a malicious ...) NOT-FOR-US: AIX CVE-1999-0096 (Sendmail decode alias can be used to overwrite sensitive files. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0095 (The debug command in Sendmail is enabled, allowing attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0094 (AIX piodmgrsu command allows local users to gain additional ...) NOT-FOR-US: AIX CVE-1999-0093 (AIX nslookup command allows local users to obtain root access by not ...) @@ -1531,324 +1531,324 @@ CVE-1999-0087 (Denial of service in AIX telnet can freeze a system and prevent . CVE-1999-0085 (Buffer overflow in rwhod on AIX and other operating systems allows ...) NOT-FOR-US: AIX CVE-1999-0084 (Certain NFS servers allow users to use mknod to gain privileges by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0083 (getcwd() file descriptor leak in FTP. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0082 (CWD ~root command in ftpd allows root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0081 (wu-ftp allows files to be overwritten via the rnfr command. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0080 (Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0079 (Remote attackers can cause a denial of service in FTP by issuing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0077 (Predictable TCP sequence numbers allow spoofing. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0075 (PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0074 (Listening TCP ports are sequentially allocated, allowing spoofing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0073 (Telnet allows a remote client to specify environment variables including ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0072 (Buffer overflow in AIX xdat gives root access to local users. ...) NOT-FOR-US: AIX CVE-1999-0071 (Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0070 (test-cgi program allows an attacker to list files on the server. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0069 (Solaris ufsrestore buffer overflow. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0068 (CGI PHP mylog script allows an attacker to read any file on the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0067 (phf CGI program allows remote command execution through shell ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0066 (AnyForm CGI remote execution. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0065 (Multiple buffer overflows in how dtmail handles attachments allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0064 (Buffer overflow in AIX lquerylv program gives root access to local users. ...) NOT-FOR-US: AIX CVE-1999-0063 (Cisco IOS 12.0 and other versions can be crashed by malicious UDP ...) NOT-FOR-US: Cisco CVE-1999-0062 (The chpass command in OpenBSD allows a local user to gain root access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0060 (Attackers can cause a denial of service in Ascend MAX and Pipeline ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0059 (IRIX fam service allows an attacker to obtain a list of all files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0058 (Buffer overflow in PHP cgi program, php.cgi allows shell access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0057 (Vacation program allows command execution by remote users through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0056 (Buffer overflow in Sun's ping program can give root access to local users. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0055 (Buffer overflows in Sun libnsl allow root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0054 (Sun's ftpd daemon can be subjected to a denial of service. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0053 (TCP RST denial of service in FreeBSD. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0052 (IP fragmentation denial of service in FreeBSD allows a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0051 (Arbitrary file creation and program execution using FLEXlm ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0050 (Buffer overflow in HP-UX newgrp program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0049 (Csetup under IRIX allows arbitrary file creation or overwriting. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0048 (Talkd, when given corrupt DNS information, can be used to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0047 (MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0046 (Buffer overflow of rlogin program using TERM environmental variable. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0045 (List of arbitrary files on Web host via nph-test-cgi script. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0044 (fsdump command in IRIX allows local users to obtain root access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0043 (Command execution via shell metachars in INN daemon (innd) 1.5 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0042 (Buffer overflow in University of Washington's implementation of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0041 (Buffer overflow in NLS (Natural Language Service). ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0040 (Buffer overflow in Xt library of X Windowing System allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0039 (webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0038 (Buffer overflow in xlock program allows local users to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0037 (Arbitrary command execution via metamail package using message ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0036 (IRIX login program with a nonzero LOCKOUT parameter allows creation or ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0035 (Race condition in signal handling routine in ftpd, allowing read/write ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0034 (Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0032 (Buffer overflow in lpr, as used in BSD-based systems including Linux, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0031 (JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and ...) NOT-FOR-US: Microsoft CVE-1999-0029 (root privileges via buffer overflow in ordist command on SGI IRIX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0028 (root privileges via buffer overflow in login/scheme command on SGI ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0027 (root privileges via buffer overflow in eject command on SGI IRIX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0026 (root privileges via buffer overflow in pset command on SGI IRIX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0025 (root privileges via buffer overflow in df command on SGI IRIX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0024 (DNS cache poisoning via BIND, by predictable query IDs. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0023 (Local user gains root privileges via buffer overflow in rdist, via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0022 (Local user gains root privileges via buffer overflow in rdist, via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0021 (Arbitrary command execution via buffer overflow in Count.cgi ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0019 (Delete or create a file via rpc.statd, due to invalid information. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0018 (Buffer overflow in statd allows root privileges. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0017 (FTP servers can allow an attacker to connect to arbitrary ports on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0016 (Land IP denial of service. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0014 (Unauthorized privileged access or denial of service via dtappgather ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0013 (Stolen credentials from SSH clients via ssh-agent program, allowing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0012 (Some web servers under Microsoft Windows allow remote attackers ...) NOT-FOR-US: Microsoft CVE-1999-0011 (Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0010 (Denial of Service vulnerability in BIND 8 Releases via maliciously ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0009 (Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0008 (Buffer overflow in NIS+, in Sun's rpc.nisd program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0007 (Information from SSL-encrypted sessions via PKCS #1. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0006 (Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0005 (Arbitrary command execution via IMAP buffer overflow in authenticate ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0003 (Execute commands as root via buffer overflow in Tooltalk database ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0002 (Buffer overflow in NFS mountd gives root access to remote attackers, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1572 (cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other ...) {DSA-664-1} - cpio 2.5-1.2 (bug #293379) CVE-1999-1571 (Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1570 (Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1569 (Quake 1 and NetQuake servers allow remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1567 (Seapine Software TestTrack server allows a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1566 (Buffer overflow in iParty server 1.2 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1564 (FreeBSD 3.2 and possibly other versions allows a local user to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1563 (Nachuatec D435 and D445 printer allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1562 (gFTP FTP client 1.13, and other versions before 2.0.0, records a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1561 (Nullsoft SHOUTcast server stores the administrative password in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1560 (Vulnerability in a script in Texas A&M University (TAMU) Tiger allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1559 (Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1558 (Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1557 (Buffer overflow in the login functions in IMAP server (imapd) in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1555 (Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1554 (/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1553 (Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1552 (dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1551 (Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1549 (Lynx 2.x does not properly distinguish between internal and external ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1548 (Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1547 (Oracle Web Listener 2.1 allows remote attackers to bypass access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1546 (netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1545 (Joe's Own Editor (joe) 2.8 sets the world-readable permission on its ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1544 (Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows ...) NOT-FOR-US: Microsoft CVE-1999-1543 (MacOS uses weak encryption for passwords that are stored in the Users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1541 (shell-lock in Cactus Software Shell Lock allows local users to read or ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1540 (shell-lock in Cactus Software Shell Lock uses weak encryption (trivial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1539 (Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1538 (When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in ...) NOT-FOR-US: Microsoft CVE-1999-1536 (.sbstart startup script in AcuShop Salesbuilder is world writable, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1534 (Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1533 (Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1532 (Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1529 (A buffer overflow exists in the HELO command in Trend Micro ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1528 (ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1527 (Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1526 (Auto-update feature of Macromedia Shockwave 7 transmits a user's ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1525 (Macromedia Shockwave before 6.0 allows a malicious webmaster to read a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1524 (FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1523 (Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1522 (Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1521 (Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1519 (Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1518 (Operating systems with shared memory implementations based on BSD 4.4 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1517 (runtar in the Amanda backup system used in various UNIX operating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1516 (A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1515 (A non-default configuration in TenFour TFS Gateway 4.0 allows an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1514 (Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1513 (Management information base (MIB) for a 3Com SuperStack II hub running ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1511 (Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1510 (Buffer overflows in Bisonware FTP server prior to 4.1 allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1509 (Directory traversal vulnerability in Etype Eserv 2.50 web server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1508 (Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1506 (Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1505 (Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1504 (Stalker Internet Mail Server 1.6 allows a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1503 (Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1502 (Buffer overflows in Quake 1.9 client allows remote malicious servers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1501 ((1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1500 (Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1499 (named in ISC BIND 4.9 and 8.1 allows local users to destroy files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1498 (Slackware Linux 3.4 pkgtool allows local attacker to read and write to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1497 (Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1496 (Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1495 (xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1493 (Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1492 (Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1491 (abuse.console in Red Hat 2.1 uses relative pathnames to find and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1489 (Buffer overflow in TestChip function in XFree86 SuperProbe in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1487 (Vulnerability in digest in AIX 4.3 allows printq users to gain root ...) NOT-FOR-US: AIX CVE-1999-1485 (nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1484 (Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1483 (Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1482 (SVGAlib zgv 3.0-7 and earlier allows local users to gain root access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1480 ((1) acledit and (2) aclput in AIX 4.3 allow local users to create or ...) NOT-FOR-US: AIX CVE-1999-1479 (The textcounter.pl by Matt Wright allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1477 (Buffer overflow in GNOME libraries 1.0.8 allows local user to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1475 (ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1474 (PowerPoint 95 and 97 allows remote attackers to cause an application ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1471 (Buffer overflow in passwd in BSD based operating systems 4.3 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1470 (Eastman Work Management 3.21 stores passwords in cleartext in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1469 (Buffer overflow in w3-auth CGI program in miniSQL package allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1467 (Vulnerability in rcp on SunOS 4.0.x allows remote attackers from ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1466 (Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote ...) NOT-FOR-US: Cisco CVE-1999-1465 (Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast ...) @@ -1856,449 +1856,449 @@ CVE-1999-1465 (Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fas CVE-1999-1464 (Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast ...) NOT-FOR-US: Cisco CVE-1999-1463 (Windows NT 4.0 before SP3 allows remote attackers to bypass firewall ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1462 (Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1461 (inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1460 (BMC PATROL SNMP Agent before 3.2.07 allows local users to create ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1459 (BMC PATROL Agent before 3.2.07 allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1458 (Buffer overflow in at program in Digital UNIX 4.0 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1457 (Buffer overflow in thttpd HTTP server before 2.04-31 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1454 (Macromedia "The Matrix" screen saver on Windows 95 with the "Password ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1453 (Internet Explorer 4 allows remote attackers (malicious web site ...) NOT-FOR-US: Microsoft CVE-1999-1451 (The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows ...) NOT-FOR-US: Microsoft CVE-1999-1450 (Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1449 (SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1448 (Eudora and Eudora Light before 3.05 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1447 (Internet Explorer 4.0 allows remote attackers to cause a denial of ...) NOT-FOR-US: Microsoft CVE-1999-1446 (Internet Explorer 3 records a history of all URL's that are visited by ...) NOT-FOR-US: Microsoft CVE-1999-1445 (Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1444 (genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1443 (Micah Software Full Armor Network Configurator and Zero Administration ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1442 (Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1441 (Linux 2.0.34 does not properly prevent users from sending SIGIO ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1440 (Win32 ICQ 98a 1.30, and possibly other versions, does not display the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1439 (gcc 2.7.2 allows local users to overwrite arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1438 (Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1436 (Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1435 (Buffer overflow in libsocks5 library of Socks 5 (socks5) 1.0r5 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1434 (login in Slackware Linux 3.2 through 3.5 does not properly check for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1431 (ZAK in Appstation mode allows users to bypass the "Run only allowed ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1430 (PIM software for Royal daVinci does not properly password-protext ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1429 (DIT TransferPro installs devices with world-readable and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1428 (Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1427 (Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1426 (Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1425 (Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1424 (Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1422 (The default configuration of Slackware 3.4, and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1421 (NBase switches NH208 and NH215 run a TFTP server which allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1420 (NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1418 (ICQ99 ICQ web server build 1701 with "Active Homepage" enabled ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1417 (Format string vulnerability in AnswerBook2 (AB2) web server dwhttpd ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1416 (AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1415 (Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1413 (Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1412 (A possible interaction between Apple MacOS X release 1.0 and Apache ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1410 (addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1408 (Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users ...) NOT-FOR-US: AIX CVE-1999-1406 (dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1405 (snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory ...) NOT-FOR-US: AIX CVE-1999-1404 (IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1403 (IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1401 (Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1400 (The Economist screen saver 1999 with the "Password Protected" option ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1399 (spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1398 (Vulnerability in xfsdump in SGI IRIX may allow local users to obtain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1396 (Vulnerability in integer multiplication emulation code on SPARC ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1395 (Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1394 (BSD 4.4 based operating systems, when running at security level 1, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1393 (Control Panel "Password Security" option for Apple Powerbooks allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1392 (Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1391 (Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1390 (suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1389 (US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1388 (passwd in SunOS 4.1.x allows local users to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1387 (Windows NT 4.0 SP2 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1383 ((1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1381 (Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1378 (dbmlparser.exe CGI guestbook program does not perform a chroot ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1377 (Matt Wright's download.cgi 1.0 allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1376 (Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server ...) NOT-FOR-US: Microsoft CVE-1999-1375 (FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1374 (perlshop.cgi shopping cart program stores sensitive customer ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1373 (FORE PowerHub before 5.0.1 allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1372 (Triactive Remote Manager with Basic authentication enabled stores the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1371 (Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1370 (The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) ...) NOT-FOR-US: Microsoft CVE-1999-1369 (Real Media RealServer (rmserver) 6.0.3.353 stores a password in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1368 (AV Option for MS Exchange Server option for InoculateIT 4.53, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1367 (Internet Explorer 5.0 does not properly reset the username/password ...) NOT-FOR-US: Microsoft CVE-1999-1366 (Pegasus e-mail client 3.0 and earlier uses weak encryption to store ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1364 (Windows NT 4.0 allows local users to cause a denial of service (crash) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1361 (Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1357 (Netscape Communicator 4.04 through 4.7 (and possibly other versions) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1355 (BMC Patrol component, when installed with Compaq Insight Management ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1354 (E-mail client in Softarc FirstClass Internet Server 5.506 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1353 (Nosque MsgCore 2.14 stores passwords in cleartext: (1) the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1352 (mknod in Linux 2.2 follows symbolic links, which could allow local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1350 (ARCAD Systemhaus 0.078-5 installs critical programs and files with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1349 (NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1348 (Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1347 (Xsession in Red Hat Linux 6.1 and earlier can allow local users with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1346 (PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1345 (Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1344 (Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1343 (HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1342 (ICQ ActiveList Server allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1340 (Buffer overflow in faxalter in hylafax 4.0.2 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1338 (Delegate proxy 5.9.3 and earlier creates files and directories in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1334 (Multiple buffer overflows in filter command in Elm 2.4 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1323 (Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1322 (The installation of 1ArcServe Backup and Inoculan AV client modules ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1319 (Vulnerability in object server program in SGI IRIX 5.2 through 6.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1315 (Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1314 (Vulnerability in union file system in FreeBSD 2.2 and earlier, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1313 (Manual page reader (man) in FreeBSD 2.2 and earlier allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1312 (Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1311 (Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1310 REJECTED CVE-1999-1308 (Certain programs in HP-UX 10.20 do not properly handle large user IDs ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1307 (Vulnerability in urestore in Novell UnixWare 1.1 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1306 (Cisco IOS 9.1 and earlier does not properly handle extended IP access ...) NOT-FOR-US: Cisco CVE-1999-1305 (Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1304 (Vulnerability in login in SCO UNIX 4.2 and earlier allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1303 (Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1302 (Vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1300 (Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1299 (rcp on various Linux systems including Red Hat 4.0 allows a "nobody" ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1296 (Buffer overflow in Kerberos IV compatibility libraries as used in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1295 (Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1293 (mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1292 (Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1291 (TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and ...) NOT-FOR-US: Microsoft CVE-1999-1289 (ICQ 98 beta on Windows NT leaks the internal IP address of a client in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1287 (Vulnerability in Analog 3.0 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1286 (addnetpr in SGI IRIX 6.2 and earlier allows local users to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1285 (Linux 2.1.132 and earlier allows local users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1283 (Opera 3.2.1 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1282 (RealSystem G2 server stores the administrator password in cleartext in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1281 (Development version of Breeze Network Server allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1280 (Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1278 (nlog CGI scripts do not properly filter shell metacharacters from the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1277 (BackWeb client stores the username and password in cleartext for proxy ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1275 (Lotus cc:Mail release 8 stores the postoffice password in plaintext in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1274 (iPass RoamServer 3.1 creates temporary files with world-writable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1273 (Squid Internet Object Cache 1.1.20 allows users to bypass access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1272 (Buffer overflows in CDROM Confidence Test program (cdrom) allow local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1271 (Macromedia Dreamweaver uses weak encryption to store FTP passwords, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1270 (KMail in KDE 1.0 provides a PGP passphrase as a command line argument ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1269 (Screen savers in KDE beta 3 allows local users to overwrite arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1268 (Vulnerability in KDE konsole allows local users to hijack or observe ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1267 (KDE file manager (kfm) uses a TCP server for certain file operations, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1266 (rsh daemon (rshd) generates different error messages when a valid ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1265 (SMTP server in SLmail 3.1 and earlier allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1264 (WebRamp M3 router does not disable remote telnet or HTTP access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1261 (Buffer overflow in Rainbow Six Multiplayer allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1260 (mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1257 (Xyplex terminal server 6.0.1S1, and possibly other versions, allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1256 (Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1255 (Hyperseek allows remote attackers to modify the hyperseek ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1254 (Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1253 (Vulnerability in a kernel error handling routine in SCO OpenServer ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1252 (Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1251 (Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1250 (Vulnerability in CGI program in the Lasso application by Blue World, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1248 (Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1247 (Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1245 (vacm ucd-snmp SNMP server, version 3.52, does not properly disable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1244 (IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1242 (Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1241 (Internet Explorer, with a security setting below Medium, allows remote ...) NOT-FOR-US: Microsoft CVE-1999-1240 (Buffer overflow in cddbd CD database server allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1239 (HP-UX 9.x does not properly enable the Xauthority mechanism in certain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1238 (Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1237 (Multiple buffer overflows in smbvalid/smbval SMB authentication ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1236 (Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1235 (Internet Explorer 5.0 records the username and password for FTP ...) NOT-FOR-US: Microsoft CVE-1999-1234 (LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1232 (Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1231 (ssh 2.0.12, and possibly other versions, allows valid user names to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1230 (Quake 2 server allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1229 (Quake 2 server 3.13 on Linux does not properly check file permissions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1228 (Various modems that do not implement a guard time, or are configured ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1227 (Ethereal allows local users to overwrite arbitrary files via a symlink ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1225 (rpc.mountd on Linux, Ultrix, and possibly other operating systems, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1224 (IMAP 4.1 BETA, and possibly other versions, does not properly handle ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1221 (dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1220 (Majordomo 1.94.3 and earlier allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1219 (Vulnerability in sgihelp in the SGI help system and print manager in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1218 (Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1216 (Cisco routers 9.17 and earlier allow remote attackers to bypass ...) NOT-FOR-US: Cisco CVE-1999-1213 (Vulnerability in telnet service in HP-UX 10.30 allows attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1212 (Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1211 (Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1210 (xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1207 (Buffer overflow in web-admin tool in NetXRay 2.6 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1206 (SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1202 (StarTech (1) POP3 proxy server and (2) telnet server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1200 (Vintra SMTP MailServer allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1196 (Hummingbird Exceed X version 5 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1195 (NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1190 (Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1187 (Pine before version 3.94 allows local users to gain privileges via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1186 (rxvt, when compiled with the PRINT_PIPE option in various Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1185 (Buffer overflow in SCO mscreen allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1184 (Buffer overflow in Elm 2.4 and earlier allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1183 (System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1182 (Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1180 (O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1179 (Vulnerability in man.sh CGI script, included in May 1998 issue of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1178 (Sambar Server 4.1 beta allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1176 (Buffer overflow in cidentd ident daemon allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1174 (ZIP drive for Iomega ZIP-100 disks allows attackers with physical ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1173 (Corel Word Perfect 8 for Linux creates a temporary working directory ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1172 (By design, Maximizer Enterprise 4 calendar and address book program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1171 (IPswitch WS_FTP allows local users to gain additional privileges and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1170 (IPswitch IMail allows local users to gain additional privileges and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1169 (nobo 1.2 allows remote attackers to cause a denial of service (crash) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1168 (install.iss installation script for Internet Security Scanner (ISS) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1166 (Linux 2.0.37 does not properly encode the Custom segment limit, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1165 (GNU fingerd 1.37 does not properly drop privileges before accessing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1164 (Microsoft Outlook client allows remote attackers to cause a denial of ...) NOT-FOR-US: Microsoft CVE-1999-1158 (Buffer overflow in (1) pluggable authentication module (PAM) on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1155 (LakeWeb Mail List CGI script allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1154 (LakeWeb Filemail CGI script allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1153 (HAMcards Postcard CGI script 1.0 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1152 (Compaq/Microcom 6000 Access Integrator does not disconnect a client ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1151 (Compaq/Microcom 6000 Access Integrator does not cause a session ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1150 (Livingston Portmaster routers running ComOS use the same initial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1149 (Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1141 (Ascom Timeplex router allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1135 (Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1134 (Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1133 (HP-UX 9.x and 10.x running X windows may allow local attackers to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1130 (Default configuration of the search engine in Netscape Enterprise ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1129 (Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers ...) NOT-FOR-US: Cisco CVE-1999-1128 (Internet Explorer 3.01 on Windows 95 allows remote malicious web sites ...) @@ -2306,273 +2306,273 @@ CVE-1999-1128 (Internet Explorer 3.01 on Windows 95 allows remote malicious web CVE-1999-1126 (Cisco Resource Manager (CRM) 1.1 and earlier creates certain files ...) NOT-FOR-US: Cisco CVE-1999-1125 (Oracle Webserver 2.1 and earlier runs setuid root, but the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1124 (HTTP Client application in ColdFusion allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1123 (The installation of Sun Source (sunsrc) tapes allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1113 (Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1112 (Buffer overflow in IrfanView32 3.07 and earlier allows attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1110 (Windows Media Player ActiveX object as used in Internet Explorer 5.0 ...) NOT-FOR-US: Microsoft CVE-1999-1108 REJECTED CVE-1999-1107 (Buffer overflow in kppp in KDE allows local users to gain root access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1106 (Buffer overflow in kppp in KDE allows local users to gain root access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1101 (Kabsoftware Lydia utility uses weak encryption to store user passwords ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1097 (Microsoft NetMeeting 2.1 allows one client to read the contents of ...) NOT-FOR-US: Microsoft CVE-1999-1096 (Buffer overflow in kscreensaver in KDE klock allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1095 (sort creates temporary files and follows symbolic links, which allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1092 (tin 1.40 creates the .tin directory with insecure permissions, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1091 (UNIX news readers tin and rtin create the /tmp/.tin_log file with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1089 (Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1088 (Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1086 (Novell 5 and earlier, when running over IPX with a packet signature ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1084 (The "AEDebug" registry key is installed with insecure permissions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1083 (Directory traversal vulnerability in Jana proxy web server 1.45 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1082 (Directory traversal vulnerability in Jana proxy web server 1.40 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1081 (Vulnerability in files.pl script in Novell WebServer Examples Toolkit ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1079 (Vulnerability in ptrace in AIX 4.3 allows local users to gain ...) NOT-FOR-US: AIX CVE-1999-1078 (WS_FTP Pro 6.0 uses weak encryption for passwords in its ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1077 (Idle locking function in MacOS 9 allows local attackers to bypass the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1076 (Idle locking function in MacOS 9 allows local users to bypass the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1075 (inetd in AIX 4.1.5 dynamically assigns a port N when starting ...) NOT-FOR-US: AIX CVE-1999-1073 (Excite for Web Servers (EWS) 1.1 records the first two characters of a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1072 (Excite for Web Servers (EWS) 1.1 allows local users to gain privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1071 (Excite for Web Servers (EWS) 1.1 installs the Architext.conf ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1070 (Buffer overflow in ping CGI program in Xylogics Annex terminal service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1069 (Directory traversal vulnerability in carbo.dll in iCat Carbo Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1068 (Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1067 (SGI MachineInfo CGI program, installed by default on some web servers, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1066 (Quake 1 server responds to an initial UDP game connection request with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1065 (Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1064 (Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1063 (CDomain whois_raw.cgi whois CGI script allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1062 (HP Laserjet printers with JetDirect cards, when configured with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1061 (HP Laserjet printers with JetDirect cards, when configured with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1060 (Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1058 (Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1056 REJECTED CVE-1999-1054 (The default configuration of FLEXlm license manager 6.0d, and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1053 (guestbook.pl cleanses user-inserted SSI commands by removing text ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1052 (Microsoft FrontPage stores form results in a default location in ...) NOT-FOR-US: Microsoft CVE-1999-1051 (Default configuration in Matt Wright FormHandler.cgi script allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1050 (Directory traversal vulnerability in Matt Wright FormHandler.cgi ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1049 (ARCserve NT agents use weak encryption (XOR) for passwords, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1046 (Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1043 (Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) ...) NOT-FOR-US: Microsoft CVE-1999-1042 (Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log ...) NOT-FOR-US: Cisco CVE-1999-1041 (Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1040 (Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1039 (Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1038 (Tiger 2.2.3 allows local users to overwrite arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1036 (COPS 1.04 allows local users to overwrite or create arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1033 (Microsoft Outlook Express before 4.72.3612.1700 allows a malicious ...) NOT-FOR-US: Microsoft CVE-1999-1031 (counter.exe 2.70 allows a remote attacker to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1030 (counter.exe 2.70 allows a remote attacker to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1029 (SSH server (sshd2) before 2.0.12 does not properly record login ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1026 (aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1025 (CDE screen lock program (screenlock) on Solaris 2.6 does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1024 (ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1023 (useradd in Solaris 7.0 does not properly interpret certain date ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1022 (serial_ports administrative program in IRIX 4.x and 5.x trusts the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1020 (The installation of Novell Netware NDS 5.99 provides an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1018 (IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1017 (Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1016 (Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) ...) NOT-FOR-US: Microsoft CVE-1999-1015 (Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1013 (named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group ...) NOT-FOR-US: AIX CVE-1999-1012 (SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1009 (The Disney Go Express Search allows remote attackers to access and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1006 (Groupwise web server GWWEB.EXE allows remote attackers to determine ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1003 (War FTP Daemon 1.70 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1002 (Netscape Navigator uses weak encryption for storing a user's Netscape ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0993 (Modifications to ACLs (Access Control Lists) in Microsoft Exchange ...) NOT-FOR-US: Microsoft CVE-1999-0990 (Error messages generated by gdm with the VerboseAuth setting allows an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0988 (UnixWare pkgtrans allows local users to read arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0985 (CC Whois program whois.cgi allows remote attackers to execute commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0984 (Matt's Whois program whois.cgi allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0983 (Whois Internic Lookup program whois.cgi allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0970 (The OmniHTTPD visadmin.exe program allows a remote attacker to conduct ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0952 (Buffer overflow in Solaris lpstat via class argument allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0949 (Buffer overflow in canuum program for Canna input system allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0948 (Buffer overflow in uum program for Canna input system allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0944 (IBM WebSphere ikeyman tool uses weak encryption to store ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0941 (Mutt mail client allows a remote attacker to execute commands via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0929 (Novell NetWare with Novell-HTTP-Server or YAWN web servers allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0926 (Apache allows remote attackers to conduct a denial of service via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0925 (UnityMail allows remote attackers to conduct a denial of service via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0923 (Sample runnable code snippets in ColdFusion Server 4.0 allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0919 (A memory leak in a Motorola CableRouter allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0913 (dfire.cgi script in Dragon-Fire IDS allows remote users to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0911 (Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0910 (Microsoft Site Server and Commercial Internet System (MCIS) do not set ...) NOT-FOR-US: Microsoft CVE-1999-0885 (Alibaba web server allows remote attackers to execute commands via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0882 (Falcon web server allows remote attackers to determine the absolute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0872 (Buffer overflow in Vixie cron allows local users to gain root access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0863 (Buffer overflow in FreeBSD seyon via HOME environmental variable, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0862 (Insecure directory permissions in RPM distribution for PostgreSQL ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0860 (Solaris chkperm allows local users to read files owned by bin via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0857 (FreeBSD gdc program allows local users to modify files via a symlink ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0855 (Buffer overflow in FreeBSD gdc program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0852 (IBM WebSphere sets permissions that allow a local user to modify a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0850 (The default permissions for Endymion MailMan allow local users to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0846 (Denial of service in MDaemon 2.7 via a large number of connection ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0845 (Buffer overflow in SCO su program allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0844 (Denial of service in MDaemon WorldClient and WebConfig services via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0843 (Denial of service in Cisco routers running NAT via a PORT command from ...) NOT-FOR-US: Cisco CVE-1999-0841 (Buffer overflow in CDE mailtool allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0840 (Buffer overflow in CDE dtmail and dtmailpr programs allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0830 (Buffer overflow in SCO UnixWare Xsco command via a long argument. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0829 (HP Secure Web Console uses weak encryption. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0828 (UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0827 (By default, Internet Explorer 5.0 and other versions enables the ...) NOT-FOR-US: Microsoft CVE-1999-0825 (The default permissions for UnixWare /var/mail allow local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0822 (Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0821 (FreeBSD seyon allows local users to gain privileges by providing a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0818 (Buffer overflow in Solaris kcms_configure via a long NETPATH ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0816 (The Motorola CableRouter allows any remote user to connect to and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0808 (Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0805 (Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0798 (Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0795 (The NIS+ rpc.nisd server allows remote attackers to execute certain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0792 (ROUTERmate has a default SNMP community name which allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0784 (Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0776 (Alibaba HTTP server allows remote attackers to read files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0767 (Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0757 (The ColdFusion CFCRYPT program for encrypting CFML templates has weak ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0750 (Hotmail allows Javascript to be executed via the HTML STYLE tag, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0748 (Buffer overflows in Red Hat net-tools package. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0741 (QMS CrownNet Unix Utilities for 2060 allows root to log on without a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0739 (The codebrws.asp sample file in IIS and Site Server allows remote ...) NOT-FOR-US: Microsoft CVE-1999-0738 (The code.asp sample file in IIS and Site Server allows remote ...) @@ -2582,311 +2582,311 @@ CVE-1999-0737 (The viewcode.asp sample file in IIS and Site Server allows remote CVE-1999-0736 (The showcode.asp sample file in IIS and Site Server allows remote ...) NOT-FOR-US: Microsoft CVE-1999-0712 (A vulnerability in Caldera Open Administration System (COAS) allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0698 (Denial of service in IP protocol logger (ippl) on Red Hat and Debian ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0684 (Denial of service in Sendmail 8.8.6 in HPUX. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0677 (The WebRamp web administration utility has a default password. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0673 (Buffer overflow in ALMail32 POP3 client via From: or To: headers. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0670 (Buffer overflow in the Eyedog ActiveX control allows a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0669 (The Eyedog ActiveX control is marked as "safe for scripting" for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0667 (The ARP protocol allows any host to spoof ARP replies and poison the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0665 (An application-critical Windows NT registry key has an inappropriate ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0664 (An application-critical Windows NT registry key has inappropriate ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0663 (A system-critical program, library, or file has a checksum or other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0662 (A system-critical program or library does not have the appropriate ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0661 (A system is running a version of software that was replaced with a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0660 (A hacker utility, back door, or Trojan Horse is installed on a system, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0659 (A Windows NT Primary Domain Controller (PDC) or Backup Domain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0658 (DCOM is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0657 (WinGate is being used. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0656 (The ugidd service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0655 (A service may include useful information in its banner or help ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0654 (The OS/2 or POSIX subsystem in NT is enabled. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0653 (A component service related to NIS+ is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0652 (A database service is running, e.g. a SQL server, Oracle, or mySQL. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0651 (The rsh/rlogin service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0650 (The netstat service is running, which provides sensitive information ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0649 (The FSP service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0648 (The X25 service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0647 (The bootparam (bootparamd) service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0646 (The LDAP service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0645 (The IRC service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0644 (The NNTP news service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0643 (The IMAP service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0642 (A POP service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0641 (The UUCP service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0640 (The Gopher service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0639 (The chargen service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0638 (The daytime service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0637 (The systat service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0636 (The discard service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0635 (The echo service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0634 (The SSH service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0633 (The HTTP/WWW service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0632 (The RPC portmapper service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0631 (The NFS service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0630 (The NT Alerter and Messenger services are running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0629 (The ident/identd service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0625 (The rpc.rquotad service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0624 (The rstat/rstatd service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0623 (The X Windows service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0622 (A component service related to DNS service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0621 (A component service related to NETBIOS is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0620 (A component service related to NIS is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0619 (The Telnet service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0618 (The rexec service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0617 (The SMTP service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0616 (The TFTP service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0615 (The SNMP service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0614 (The FTP service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0613 (The rpc.sprayd service is running. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0611 (A system-critical Windows NT registry key has an inappropriate value. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0610 (An incorrect configuration of the Webcart CGI program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0609 (An incorrect configuration of the SoftCart CGI program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0607 (quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0606 (An incorrect configuration of the EZMall 2000 shopping cart ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0605 (An incorrect configuration of the Order Form 1.0 shopping cart ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0604 (An incorrect configuration of the WebStore 1.0 shopping cart ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0603 (In Windows NT, an inappropriate user is a member of a group, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0602 (A network intrusion detection system (IDS) does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0601 (A network intrusion detection system (IDS) does not properly handle ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0600 (A network intrusion detection system (IDS) does not verify the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0599 (A network intrusion detection system (IDS) does not properly handle ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0598 (A network intrusion detection system (IDS) does not properly handle ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0597 (A Windows NT account policy does not forcibly disconnect remote users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0596 (A Windows NT log file has an inappropriate maximum size or retention ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0595 (A Windows NT system does not clear the system page file during ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0594 (A Windows NT system does not restrict access to removable media drives ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0593 (A user is allowed to shut down a Windows NT system without logging in. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0592 (The Logon box of a Windows NT system displays the name of the last ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0591 (An event log in Windows NT has inappropriate access permissions. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0590 (A system does not present an appropriate legal message or warning to a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0589 (A system-critical Windows NT registry key has inappropriate ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0588 (A filter in a router or firewall allows unusual fragmented packets. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0587 (A WWW server is not running in a restricted file system, e.g. through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0586 (A network service is running on a nonstandard port. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0585 (A Windows NT administrator account has the default name of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0584 (A Windows NT file system is not NTFS. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0583 (There is a one-way or two-way trust relationship between Windows NT ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0582 (A Windows NT account policy has inappropriate, security-critical ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0581 (The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0580 (The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0579 (A Windows NT system's registry audit policy does not log an event ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0578 (A Windows NT system's registry audit policy does not log an event ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0577 (A Windows NT system's file audit policy does not log an event success ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0576 (A Windows NT system's file audit policy does not log an event success ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0575 (A Windows NT system's user audit policy does not log an event success ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0572 (.reg files are associated with the Windows NT registry editor ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0571 (A router's configuration service or management interface (such as a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0570 (Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0569 (A URL for a WWW directory allows auto-indexing, which provides a list ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0568 (rpc.admind in Solaris is not running in a secure mode. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0565 (A Sendmail alias allows input to be piped to a program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0564 (An attacker can force a printer to print arbitrary documents (e.g. if ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0562 (The registry in Windows NT can be accessed remotely by users who are ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0561 (IIS has the #exec function enabled for Server Side Include (SSI) files. ...) NOT-FOR-US: Microsoft CVE-1999-0560 (A system-critical Windows NT file or directory has inappropriate ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0559 (A system-critical Unix file or directory has inappropriate ...) - webmin 1.160-1 CVE-1999-0556 (Two or more Unix accounts have the same UID. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0555 (A Unix account with a name other than "root" has UID 0, i.e. root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0554 (NFS exports system-critical data to the world, e.g. / or a password ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0550 (A router's routing tables can be obtained from arbitrary hosts. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0549 (Windows NT automatically logs in an administrator upon rebooting. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0548 (A superfluous NFS server is running, but it is not importing or exporting ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0547 (An SSH server allows authentication through the .rhosts file. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0546 (The Windows NT guest account is enabled. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0541 (A password for accessing a WWW URL is guessable. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0539 (A trust relationship exists between two Unix hosts. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0537 (A configuration in a web browser such as Internet Explorer or Netscape ...) NOT-FOR-US: Microsoft CVE-1999-0535 (A Windows NT account policy for passwords has inappropriate, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0534 (A Windows NT user has inappropriate rights or privileges, e.g. Act as ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0533 (A DNS server allows inverse queries. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0532 (A DNS server allows zone transfers. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0531 (An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0530 (A system is operating in "promiscuous" mode which allows it to perform ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0529 (A router or firewall forwards packets that claim to come from IANA ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0528 (A router or firewall forwards external packets that claim to come from ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0527 (The permissions for system-critical data in an anonymous FTP account ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0525 (IP traceroute is allowed from arbitrary hosts. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0524 (ICMP information such as netmask and timestamp is allowed from ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0523 (ICMP echo (ping) is allowed from arbitrary hosts. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0522 (The permissions for a system-critical NIS+ table (e.g. passwd) are ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0521 (An NIS domain name is easily guessable. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0520 (A system-critical NETBIOS/SMB share has inappropriate access control. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0519 (A NETBIOS/SMB share password is the default, null, or missing. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0518 (A NETBIOS/SMB share password is guessable. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0517 (An SNMP community name is the default (e.g. public), null, or ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0516 (An SNMP community name is guessable. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0515 (An unrestricted remote trust relationship for Unix systems has been ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0512 (A mail server is explicitly configured to allow SMTP mail relay, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0511 (IP forwarding is enabled on a machine which is not a router or ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0510 (A router or firewall allows source routed packets from arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0509 (Perl, sh, csh, or other shell interpreters are installed in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0508 (An account on a router, firewall, or other network device has a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0507 (An account on a router, firewall, or other network device has a guessable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0506 (A Windows NT domain user or administrator account has a default, null, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0505 (A Windows NT domain user or administrator account has a guessable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0504 (A Windows NT local user or administrator account has a default, null, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0503 (A Windows NT local user or administrator account has a guessable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0502 (A Unix account has a default, null, blank, or missing password. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0501 (A Unix account has a guessable password. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0499 (NETBIOS share information may be published through SNMP registry keys ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0498 (TFTP is not running in a restricted directory, allowing a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0497 (Anonymous FTP is enabled. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0495 (A remote attacker can gain access to a file system using .. (dot dot) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0492 (The ffingerd 1.19 allows remote attackers to identify users on the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0490 (MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn ...) NOT-FOR-US: Microsoft CVE-1999-0489 (MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste ...) @@ -2894,77 +2894,77 @@ CVE-1999-0489 (MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to p CVE-1999-0488 (Internet Explorer 4.0 and 5.0 allows a remote attacker to execute ...) NOT-FOR-US: Microsoft CVE-1999-0486 (Denial of service in AOL Instant Messenger when a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0480 (Local attackers can conduct a denial of service in Midnight Commander ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0477 (The Expression Evaluator in the ColdFusion Application Server allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0476 (A weak encryption algorithm is used for passwords in SCO TermVision, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0469 (Internet Explorer 5.0 allows window spoofing, allowing a remote ...) NOT-FOR-US: Microsoft CVE-1999-0467 (The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0465 (Remote attackers can crash Lynx and Internet Explorer using an IMG tag ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0462 (suidperl in Linux Perl does not check the nosuid mount option on file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0461 (Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0460 (Buffer overflow in Linux autofs module through long directory names ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0459 (Local users can perform a denial of service in Alpha Linux, using MILO ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0455 (The Expression Evaluator sample application in ColdFusion allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0454 (A remote attacker can sometimes identify the operating system of a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0453 (An attacker can identify a CISCO device by sending a SYN packet to ...) NOT-FOR-US: Cisco CVE-1999-0452 (A service or application has a backdoor password that was placed there ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0451 (Denial of service in Linux 2.0.36 allows local users to prevent ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0450 (In IIS, an attacker could determine a real path using a request for a ...) NOT-FOR-US: Microsoft CVE-1999-0444 (Remote attackers can perform a denial of service in Windows machines ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0443 (Patrol management software allows a remote attacker to conduct a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0435 (MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain ...) NOT-FOR-US: HP-UX CVE-1999-0434 (XFree86 xfs command is vulnerable to a symlink attack, allowing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0431 (Linux 2.2.3 and earlier allow a remote attacker to perform an IP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0427 (Eudora 4.1 allows remote attackers to perform a denial of service by ...) NOT-FOR-US: Eudora CVE-1999-0426 (The default permissions of /dev/kmem in Linux versions before 2.0.36 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0419 (When the Microsoft SMTP service attempts to send a message to a server ...) NOT-FOR-US: Microsoft CVE-1999-0418 (Denial of service in SMTP applications such as Sendmail, when a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0411 (Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, ...) NOT-FOR-US: SCO CVE-1999-0406 (Digital Unix Networker program nsralist has a buffer overflow which ...) NOT-FOR-US: DEC UNIX CVE-1999-0401 (A race condition in Linux 2.2.1 allows local users to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0400 (Denial of service in Linux 2.2.0 running the ldd command on a core ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0399 (The DCC server command in the Mirc 5.5 client doesn't filter ...) NOT-FOR-US: Mirc CVE-1999-0398 (In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0397 (The demo version of the Quakenbush NT Password Appraiser sends ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0394 (DPEC Online Courseware allows an attacker to change another user's ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0389 (Buffer overflow in the bootp server in the Debian Linux netstd ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0381 (super 3.11.6 and other versions have a buffer overflow in the syslog ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0370 (In Sun Solaris and SunOS, man and catman contain vulnerabilities ...) NOT-FOR-US: Sun CVE-1999-0364 (Microsoft Access 97 stores a database password as plaintext in a ...) @@ -2974,13 +2974,13 @@ CVE-1999-0361 (NetWare version of LaserFiche stores usernames and passwords ...) CVE-1999-0360 (MS Site Server 2.0 with IIS 4 can allow users to upload content, ...) NOT-FOR-US: Windows CVE-1999-0359 (ptylogin in Unix systems allows users to perform a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0356 (ControlIT v4.5 and earlier uses weak encryption to store ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0354 (Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution ...) NOT-FOR-US: Windows CVE-1999-0352 (ControlIT 4.5 and earlier (aka Remotely Possible) has weak password ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0347 (Internet Explorer 4.01 allows remote attackers to read local files and ...) NOT-FOR-US: Windows CVE-1999-0345 (Jolt ICMP attack causes a denial of service in Windows 95 and Windows ...) @@ -2992,19 +2992,19 @@ CVE-1999-0333 (HP OpenView Omniback allows remote execution of commands as root CVE-1999-0331 (Buffer overflow in Internet Explorer 4.0(1). ...) NOT-FOR-US: Windows CVE-1999-0330 (Linux bdash game has a buffer overflow that allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0319 (Buffer overflow in xmcd 2.1 allows local users to gain access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0317 (Buffer overflow in Linux su command gives root access to local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0307 (Buffer overflow in HP-UX cstm program allows local users to gain ...) NOT-FOR-US: HP CVE-1999-0306 (buffer overflow in HP xlock program. ...) NOT-FOR-US: HP CVE-1999-0298 (ypbind with -ypset and -ypsetme options activated in Linux Slackware ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0287 (Vulnerability in the Wguest CGI program. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0286 (In some NT web servers, appending a space at the end of a URL may ...) NOT-FOR-US: Windows CVE-1999-0285 (Denial of service in telnet from the Windows NT Resource Kit, by ...) @@ -3012,45 +3012,45 @@ CVE-1999-0285 (Denial of service in telnet from the Windows NT Resource Kit, by CVE-1999-0284 (Denial of service to NT mail servers including Ipswitch, Mdaemon, and ...) NOT-FOR-US: Windows CVE-1999-0283 (The Java Web Server would allow remote users to obtain the source ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0282 REJECTED CVE-1999-0271 (Progressive Networks Real Video server (pnserver) can be crashed remotely. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0261 (Netmanager Chameleon SMTPd has several buffer overflows that cause a crash. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0258 (Bonk variation of teardrop IP fragmentation denial of service. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0257 (Nestea variation of teardrop IP fragmentation denial of service. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0255 (Buffer overflow in ircd allows arbitrary command execution. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0254 (A hidden SNMP community string in HP OpenView allows remote attackers ...) NOT-FOR-US: HP CVE-1999-0253 (IIS 3.0 with the iis-fix hotfix installed allows remote intruders to ...) NOT-FOR-US: Windows CVE-1999-0250 (Denial of service in Qmail through long SMTP commands. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0249 (Windows NT RSHSVC program allows remote users to execute arbitrary ...) NOT-FOR-US: Windows CVE-1999-0246 (HP Remote Watch allows a remote user to gain root access. ...) NOT-FOR-US: HP CVE-1999-0243 (Linux cfingerd could be exploited to gain root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0242 (Remote attackers can access mail files via POP3 in some Linux systems ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0241 (Guessable magic cookies in X Windows allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0240 (Some filters or firewalls allow fragmented SYN packets with IP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0238 (php.cgi allows attackers to read any file on the system. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0235 (Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0232 (Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0231 (Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0229 (Denial of service in Windows NT IIS server using ..\.. ...) NOT-FOR-US: Windows CVE-1999-0226 (Windows NT TCP/IP processes fragmented IP packets improperly, causing ...) @@ -3058,21 +3058,21 @@ CVE-1999-0226 (Windows NT TCP/IP processes fragmented IP packets improperly, cau CVE-1999-0222 (Denial of service in Cisco IOS web server allows attackers to reboot ...) NOT-FOR-US: Cisco CVE-1999-0220 (Attackers can do a denial of service of IRC by crashing the server. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0216 (Denial of service of inetd on Linux through SYN and RST packets. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0213 (libnsl in Solaris allowed an attacker to perform a denial of service ...) NOT-FOR-US: Solaris CVE-1999-0205 (Denial of service in Sendmail 8.6.11 and 8.6.12. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0200 (Windows NT FTP server (WFTP) with the guest account enabled without a ...) NOT-FOR-US: Windows CVE-1999-0198 (finger .@host on some systems may print information on some user accounts. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0197 (finger 0@host on some systems may print information on some user accounts. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0195 (Denial of service in RPC portmapper allows attackers to register or ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0193 (Denial of service in Ascend and 3com routers, which can be rebooted by ...) NOT-FOR-US: Ascend/3com CVE-1999-0187 @@ -3080,43 +3080,43 @@ CVE-1999-0187 CVE-1999-0186 (In Solaris, an SNMP subagent has a default community string that allows remote ...) NOT-FOR-US: Solaris CVE-1999-0171 (Denial of service in syslog by sending it a large number of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0169 (NFS allows attackers to read and write any file on the system by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0165 (NFS cache poisoning. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0163 (In older versions of Sendmail, an attacker could use a pipe character ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0156 (wu-ftpd FTP daemon allows any user and password combination. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0154 (IIS 2.0 and 3.0 allows remote attackers to read the source code for ...) NOT-FOR-US: Windows CVE-1999-0144 (Denial of service in Qmail by specifying a large number of recipients ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0140 (Denial of service in RAS/PPTP on NT systems. ...) NOT-FOR-US: Windows CVE-1999-0127 (swinstall and swmodify commands in SD-UX package in HP-UX systems ...) NOT-FOR-US: HP-UX CVE-1999-0123 (Race condition in Linux mailx command allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0121 (Buffer overflow in dtaction command gives root access. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0119 (Windows NT 4.0 beta allows users to read and delete shares. ...) NOT-FOR-US: Windows CVE-1999-0114 (Local users can execute commands as other users, and read other users' ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0110 REJECTED CVE-1999-0107 (Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0106 (Finger redirection allows finger bombs. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0105 (finger allows recursive searches by using a long string of @ symbols. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0104 (A later variation on the Teardrop IP denial of service attack, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0098 (Buffer overflow in SMTP HELO command in Sendmail allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0092 (Various vulnerabilities in the AIX portmir command allows ...) NOT-FOR-US: AIX CVE-1999-0089 (Buffer overflow in AIX libDtSvc library can allow local users ...) @@ -3126,20 +3126,20 @@ CVE-1999-0088 (IRIX and AIX automountd services (autofsd) allow remote users to CVE-1999-0086 (AIX routed allows remote users to modify sensitive files. ...) NOT-FOR-US: AIX CVE-1999-0078 (pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0076 (Buffer overflow in wu-ftp from PASV command causes a core dump. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0061 (File creation and deletion, and remote execution, in the BSD ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0033 (Command execution in Sun systems via buffer overflow in the at ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0030 (root privileges via buffer overflow in xlock command on SGI IRIX ...) NOT-FOR-US: SGI CVE-1999-0020 REJECTED CVE-1999-0015 (Teardrop IP denial of service. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0004 (MIME buffer overflow in email clients, e.g. Solaris mailtool ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0001 (ip_input.c in BSD-derived TCP/IP implementations allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker diff --git a/data/CVE/2000.list b/data/CVE/2000.list index d5432be38f..7607216538 100644 --- a/data/CVE/2000.list +++ b/data/CVE/2000.list @@ -1,5 +1,5 @@ CVE-2000-1241 (Unspecified vulnerability in Haakon Nilsen simple, integrated ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1240 (Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 ...) NOT-FOR-US: AnyPortal CVE-2000-1239 (The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM ...) @@ -53,89 +53,89 @@ CVE-2000-1216 (Buffer overflow in portmir for AIX 4.3.0 allows local users to co CVE-2000-1215 (The default configuration of Lotus Domino server 5.0.8 includes system ...) NOT-FOR-US: Lotus Domino CVE-2000-1212 (Zope 2.2.0 through 2.2.4 does not properly protect a data updating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1211 (Zope 2.2.0 through 2.2.4 does not properly perform security ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1210 (Directory traversal vulnerability in source.jsp of Apache Tomcat ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1203 (Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1200 (Windows NT allows remote attackers to list all users in a domain by ...) NOT-FOR-US: Microsoft CVE-2000-1196 (PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1195 (telnet daemon (telnetd) from the Linux netkit package before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1193 (Performance Metrics Collector Daemon (PMCD) in Performance Copilot in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1190 (imwheel-solo in imwheel package allows local users to modify arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1189 (Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1187 (Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1184 (telnetd in FreeBSD 4.2 and earlier, and possibly other operating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1182 (WatchGuard Firebox II allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1181 (Real Networks RealServer 7 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1180 (Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1179 (Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1178 (Joe text editor follows symbolic links when creating a rescue copy ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1174 (Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1171 (Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1170 (Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1169 (OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1167 (ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1166 (Twig webmail system does not properly set the "vhosts" variable if it ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1165 (Balabit syslog-ng allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1164 (WinVNC installs the WinVNC3 registry key with permissions that give ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1163 (ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1162 (ghostscript before 5.10-16 allows local users to overwrite files of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1149 (Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server ...) NOT-FOR-US: Microsoft CVE-2000-1148 (The installation of VolanoChatPro chat server sets world-readable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1146 (Recourse ManTrap 1.6 allows attackers to cause a denial of service via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1145 (Recourse ManTrap 1.6 allows attackers who have gained root access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1144 (Recourse ManTrap 1.6 sets up a chroot environment to hide the fact ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1143 (Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1142 (Recourse ManTrap 1.6 generates an error when an attacker cd's to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1141 (Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1140 (Recourse ManTrap 1.6 does not properly hide processes from attackers, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1139 (The installation of Microsoft Exchange 2000 before Rev. A creates a ...) NOT-FOR-US: Microsoft CVE-2000-1137 (GNU ed before 0.2-18.1 allows local users to overwrite the files of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1136 (elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1135 (fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1132 (DCForum cgforum.cgi CGI script allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1131 (Bill Kendrick web site guestbook (GBook) allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1124 (Buffer overflow in piobe command in IBM AIX 4.3.x allows local users ...) NOT-FOR-US: AIX CVE-2000-1123 (Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may ...) @@ -149,7 +149,7 @@ CVE-2000-1120 (Buffer overflow in digest command in IBM AIX 4.3.x and earlier .. CVE-2000-1119 (Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows ...) NOT-FOR-US: AIX CVE-2000-1115 (Buffer overflow in remote web administration component (webprox.dll) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1113 (Buffer overflow in Microsoft Windows Media Player allows remote ...) NOT-FOR-US: Microsoft CVE-2000-1112 (Microsoft Windows Media Player 7 executes scripts in custom skin ...) @@ -157,57 +157,57 @@ CVE-2000-1112 (Microsoft Windows Media Player 7 executes scripts in custom skin CVE-2000-1111 (Telnet Service for Windows 2000 Professional does not properly ...) NOT-FOR-US: Microsoft CVE-2000-1109 (Midnight Commander (mc) 4.5.51 and earlier does not properly process ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1108 (cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1107 (in.identd ident server in SuSE Linux 6.x and 7.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1106 (Trend Micro InterScan VirusWall creates an "Intscan" share to the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1101 (Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1099 (Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1097 (The web server for the SonicWALL SOHO firewall allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1096 (crontab by Paul Vixie uses predictable file names for a temporary file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1095 (modprobe in the modutils 2.3.x package on Linux systems allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1094 (Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1089 (Buffer overflow in Microsoft Phone Book Service allows local users to ...) NOT-FOR-US: Microsoft CVE-2000-1080 (Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1077 (Buffer overflow in the SHTML logging functionality of iPlanet Web ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1075 (Directory traversal vulnerability in iPlanet Certificate Management ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1074 (csstart program in iCal 2.1 Patch 2 uses relative pathnames to install ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1073 (csstart program in iCal 2.1 Patch 2 searches for the cshttpd program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1072 (iCal 2.1 Patch 2 installs many files with world-writeable permissions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1071 (The GUI installation for iCal 2.1 Patch 2 disables access control for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1070 (pollit.cgi in Poll It 2.01 and earlier uses data files that are ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1069 (pollit.cgi in Poll It 2.01 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1068 (pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1061 (Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows ...) NOT-FOR-US: Microsoft CVE-2000-1060 (The default configuration of XFCE 3.5.1 bypasses the Xauthority access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1059 (The default configuration of the Xsession file in Mandrake Linux 7.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1058 (Buffer overflow in OverView5 CGI program in HP OpenView Network Node ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1057 (Vulnerabilities in database configuration scripts in HP OpenView ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1056 (CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to ...) NOT-FOR-US: Cisco CVE-2000-1055 (Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows ...) @@ -215,79 +215,79 @@ CVE-2000-1055 (Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allo CVE-2000-1054 (Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and ...) NOT-FOR-US: Cisco CVE-2000-1051 (Directory traversal vulnerability in Allaire JRun 2.3 server allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1050 (Allaire JRun 3.0 http servlet server allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1049 (Allaire JRun 3.0 http servlet server allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1047 (Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1045 (nss_ldap earlier than 121, when run with nscd (name service caching ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1044 (Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1043 (Format string vulnerability in ypserv in Mandrake Linux 7.1 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1042 (Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1041 (Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1040 (Format string vulnerability in logging function of ypbind 3.3, while ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1038 (The web administration interface for IBM AS/400 Firewall allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1036 (Directory traversal vulnerability in Extent RBS ISP web server allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1034 (Buffer overflow in the System Monitor ActiveX control in Windows 2000 ...) NOT-FOR-US: Microsoft CVE-2000-1032 (The client authentication interface for Check Point Firewall-1 4.0 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1031 (Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1027 (Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine ...) NOT-FOR-US: Cisco CVE-2000-1026 (Multiple buffer overflows in LBNL tcpdump allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1024 (eWave ServletExec 3.0C and earlier does not restrict access to the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1022 (The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier ...) NOT-FOR-US: Cisco CVE-2000-1019 (Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1018 (shred 1.0 file wiping utility does not properly open a file for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1016 (The default configuration of Apache (httpd.conf) on SuSE 6.4 includes ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1014 (Format string vulnerability in the search97.cgi CGI script in SCO help ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1011 (Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1010 (Format string vulnerability in talkd in OpenBSD and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1007 (I-gear 3.5.7 and earlier does not properly process log entries in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1006 (Microsoft Exchange Server 5.5 does not properly handle a MIME header ...) NOT-FOR-US: Microsoft CVE-2000-1005 (Directory traversal vulnerability in html_web_store.cgi and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1004 (Format string vulnerability in OpenBSD photurisd allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1003 (NETBIOS client in Windows 95 and Windows 98 allows a remote attacker ...) NOT-FOR-US: Microsoft CVE-2000-1002 (POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1001 (add_2_basket.asp in Element InstantShop allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1000 (Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0996 (Format string vulnerability in OpenBSD su program (and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0995 (Format string vulnerability in OpenBSD yp_passwd program (and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0994 (Format string vulnerability in OpenBSD fstat program (and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0993 (Format string vulnerability in pw_error function in BSD libutil ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0992 (Directory traversal vulnerability in scp in sshd 1.2.xx allows a ...) {CVE-2004-0175} - openssh 1:3.9p1-1 (low; bug #270770) @@ -296,9 +296,9 @@ CVE-2000-0992 (Directory traversal vulnerability in scp in sshd 1.2.xx allows a CVE-2000-0991 (Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ...) NOT-FOR-US: Microsoft CVE-2000-0990 (cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0989 (Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0984 (The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to ...) NOT-FOR-US: Cisco CVE-2000-0983 (Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote ...) @@ -306,297 +306,297 @@ CVE-2000-0983 (Microsoft NetMeeting with Remote Desktop Sharing enabled allows r CVE-2000-0982 (Internet Explorer before 5.5 forwards cached user credentials for a ...) NOT-FOR-US: Microsoft CVE-2000-0981 (MySQL Database Engine uses a weak authentication method which leaks ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0980 (NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink ...) NOT-FOR-US: Microsoft CVE-2000-0979 (File and Print Sharing service in Windows 95, Windows 98, and Windows ...) NOT-FOR-US: Microsoft CVE-2000-0978 (bbd server in Big Brother System and Network Monitor before 1.5c2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0977 (mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0976 (Buffer overflow in xlib in XFree 3.3.x possibly allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0975 (Directory traversal vulnerability in apexec.pl in Anaconda Foundation ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0974 (GnuPG (gpg) 1.0.3 does not properly check all signatures of a file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0973 (Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0972 (HP-UX 11.00 crontab allows local users to read arbitrary files via the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0970 (IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure ...) NOT-FOR-US: Microsoft CVE-2000-0969 (Format string vulnerability in Half Life dedicated server build 3104 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0968 (Buffer overflow in Half Life dedicated server before build 3104 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0967 (PHP 3 and 4 do not properly cleanse user-injected format strings, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0966 (Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0965 (The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0964 (Buffer overflow in the web administration service for the HiNet LP5100 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0962 (The IPSEC implementation in OpenBSD 2.7 does not properly handle empty ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0961 (Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0960 (The POP3 server in Netscape Messaging Server 4.15p1 generates ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0959 (glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0958 (HotJava Browser 3.0 allows remote attackers to access the DOM of a web ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0957 (The pluggable authentication module for mysql (pam_mysql) before 0.4.7 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0956 (cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0953 (Shambala Server 4.5 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0952 (global.cgi CGI program in Global 3.55 and earlier on NetBSD allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0951 (A misconfiguration in IIS 5.0 with Index Server enabled and the Index ...) NOT-FOR-US: Microsoft CVE-2000-0949 (Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0948 (GnoRPM before 0.95 allows local users to modify arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0947 (Format string vulnerability in cfd daemon in GNU CFEngine before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0946 (Compaq Easy Access Keyboard software 1.3 does not properly disable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0945 (The web configuration interface for Catalyst 3500 XL switches allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0944 (CGI Script Center News Update 1.1 does not properly validate the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0943 (Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0942 (The CiWebHitsFile component in Microsoft Indexing Services for Windows ...) NOT-FOR-US: Microsoft CVE-2000-0941 (Kootenay Web KW Whois 1.0 CGI program allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0938 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0937 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0936 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0935 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0934 (Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0933 (The Input Method Editor (IME) in the Simplified Chinese version of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0932 (MAILsweeper for SMTP 3.x does not properly handle corrupt CDA ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0930 (Pegasus Mail 3.12 allows remote attackers to read arbitrary files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0929 (Microsoft Windows Media Player 7 allows attackers to cause a denial of ...) NOT-FOR-US: Microsoft CVE-2000-0928 (WQuinn QuotaAdvisor 4.1 allows users to list directories and files by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0927 (WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0926 (SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0925 (The default installation of SmartWin CyberOffice Shopping Cart 2 (aka ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0924 (Directory traversal vulnerability in search.cgi CGI script in Armada ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0923 (authenticate.cgi CGI program in Aplio PRO allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0922 (Directory traversal vulnerability in Bytes Interactive Web Shopper ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0921 (Directory traversal vulnerability in Hassan Consulting shop.cgi ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0920 (Directory traversal vulnerability in BOA web server 0.94.8.2 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0919 (Directory traversal vulnerability in PHPix Photo Album 1.0.2 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0917 (Format string vulnerability in use_syslog() function in LPRng 3.6.24 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0915 (fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0914 (OpenBSD 2.6 and earlier allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0913 (mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0912 (MultiHTML CGI script allows remote attackers to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0911 (IMP 2.2 and earlier allows attackers to read and delete arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0910 (Horde library 1.02 allows attackers to execute arbitrary commands via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0909 (Buffer overflow in the automatic mail checking component of Pine 4.21 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0908 (BrowseGate 2.80 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0901 (Format string vulnerability in screen 3.9.5 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0900 (Directory traversal vulnerability in ssi CGI program in thttpd 2.19 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0897 (Small HTTP Server 2.03 and earlier allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0896 (WatchGuard SOHO firewall allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0895 (Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0894 (HTTP server on the WatchGuard SOHO firewall does not properly restrict ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0892 (Some telnet clients allow remote telnet servers to request environment ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0891 (A default ECL in Lotus Notes before 5.02 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0890 (periodic in FreeBSD 4.1.1 and earlier, and possibly other operating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0888 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0887 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0886 (IIS 5.0 allows remote attackers to execute arbitrary commands via a ...) NOT-FOR-US: Microsoft CVE-2000-0884 (IIS 4.0 and 5.0 allows remote attackers to read documents outside of ...) NOT-FOR-US: Microsoft CVE-2000-0883 (The default configuration of mod_perl for Apache as installed on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0878 (The mailto CGI script allows remote attacker to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0877 (mailform.pl CGI script in MailForm 2.0 allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0876 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0875 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0874 (Eudora mail client includes the absolute path of the sender's host ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0873 (netstat in AIX 4.x.x does not properly restrict access to the -Zi ...) NOT-FOR-US: AIX CVE-2000-0871 (Buffer overflow in EFTP allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0870 (Buffer overflow in EFTP allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0869 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0868 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0867 (Kernel logging daemon (klogd) in Linux does not properly cleanse ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0865 (Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0864 (Race condition in the creation of a Unix domain socket in GNOME esound ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0863 (Buffer overflow in listmanager earlier than 2.105.1 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0862 (Vulnerability in an administrative interface utility for Allaire ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0861 (Mailman 1.1 allows list administrators to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0860 (The file upload capability in PHP versions 3 and 4 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0859 (The web configuration server for NTMail V5 and V6 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0858 (Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-2000-0856 (Buffer overflow in SunFTP build 9(1) allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0854 (When a Microsoft Office 2000 document is launched, the directory of ...) NOT-FOR-US: Microsoft CVE-2000-0853 (YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0852 (Multiple buffer overflows in eject on FreeBSD and possibly other OSes ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0851 (Buffer overflow in the Still Image Service in Windows 2000 allows local ...) NOT-FOR-US: Microsoft CVE-2000-0850 (Netegrity SiteMinder before 4.11 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0849 (Race condition in Microsoft Windows Media server allows remote attackers ...) NOT-FOR-US: Microsoft CVE-2000-0848 (Buffer overflow in IBM WebSphere web application server (WAS) allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0847 (Buffer overflow in University of Washington c-client library (used by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0846 (Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0844 (Some functions that implement the locale subsystem on Unix do not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0839 (WinCOM LPD 1.00.90 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0838 (Fastream FUR HTTP server 1.0b allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0837 (FTP Serv-U 2.5e allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0834 (The Windows 2000 telnet client attempts to perform NTLM authentication ...) NOT-FOR-US: Microsoft CVE-2000-0830 (annclist.exe in webTV for Windows allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-2000-0829 (The tmpwatch utility in Red Hat Linux forks a new process for each ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0825 (Ipswitch Imail 6.0 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0824 (The unsetenv function in glibc 2.1.1 does not properly unset an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0818 (The default installation for the Oracle listener program 7.3.4, 8.0.6, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0816 (Linux tmpwatch --fuser option allows local users to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0813 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0811 (Auction Weaver 1.0 through 1.04 allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0810 (Auction Weaver 1.0 through 1.04 does not properly validate the names ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0809 (Buffer overflow in Getkey in the protocol checker in the inter-module ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0808 (The seed generation mechanism in the inter-module S/Key authentication ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0807 (The OPSEC communications authentication mechanism (fwn1) in Check ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0806 (The inter-module authentication mechanism (fwa1) in Check Point ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0805 (Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0804 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0803 (GNU Groff uses the current working directory to find a device ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0799 (inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0797 (Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0796 (Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0795 (Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0792 (Gnome Lokkit firewall package before 0.41 does not properly restrict ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0790 (The web-based folder display capability in Microsoft Internet Explorer ...) NOT-FOR-US: Microsoft CVE-2000-0788 (The Mail Merge tool in Microsoft Word does not prompt the user before ...) NOT-FOR-US: Microsoft CVE-2000-0787 (IRC Xchat client versions 1.4.2 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0786 (GNU userv 1.0.0 and earlier does not properly perform file descriptor ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0783 (Watchguard Firebox II allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0782 (netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0781 (uagentsetup in ARCServeIT Client Agent 6.62 does not properly check ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0780 (The web server in IPSWITCH IMail 6.04 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0779 (Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0778 (IIS 5.0 allows remote attackers to obtain source code for .ASP files ...) NOT-FOR-US: Microsoft CVE-2000-0777 (The password protection feature of Microsoft Money can store the ...) NOT-FOR-US: Microsoft CVE-2000-0776 (Mediahouse Statistics Server 5.02x allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0773 (Bajie HTTP web server 0.30a allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0771 (Microsoft Windows 2000 allows local users to cause a denial of service ...) NOT-FOR-US: Microsoft CVE-2000-0770 (IIS 4.0 and 5.0 does not properly restrict access to certain types of ...) @@ -606,101 +606,101 @@ CVE-2000-0768 (A function in Internet Explorer 4.x and 5.x does not properly ver CVE-2000-0767 (The ActiveX control for invoking a scriptlet in Internet Explorer 4.x ...) NOT-FOR-US: Microsoft CVE-2000-0766 (Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0765 (Buffer overflow in the HTML interpreter in Microsoft Office 2000 ...) NOT-FOR-US: Microsoft CVE-2000-0764 (Intel Express 500 series switches allow a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0763 (xlockmore and xlockf do not properly cleanse user-injected format ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0762 (The default installation of eTrust Access Control (formerly SeOS) uses ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0761 (OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0758 (The web interface for Lyris List Manager 3 and 4 allows list ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0754 (Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0753 (The Microsoft Outlook mail client identifies the physical path of the ...) NOT-FOR-US: Microsoft CVE-2000-0751 (mopd (Maintenance Operations Protocol loader daemon) does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0750 (Buffer overflow in mopd (Maintenance Operations Protocol loader ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0749 (Buffer overflow in the Linux binary compatibility module in FreeBSD ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0747 (The logrotate script for OpenLDAP before 1.2.11 in Conectiva ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0745 (admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0744 (DEPRECATED. This entry has been deprecated. It is a duplicate of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0743 (Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0742 (The IPX protocol implementation in Microsoft Windows 95 and 98 allows ...) NOT-FOR-US: Microsoft CVE-2000-0741 (Format string vulnerability in strong.exe program in NAI Net Tools PKI ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0740 (Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0739 (Directory traversal vulnerability in strong.exe program in NAI Net ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0738 (WebShield SMTP 4.5 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0737 (The Service Control Manager (SCM) in Windows 2000 creates predictable ...) NOT-FOR-US: Microsoft CVE-2000-0733 (Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0732 (Worm HTTP server allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0731 (Directory traversal vulnerability in Worm HTTP server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0730 (Vulnerability in newgrp command in HP-UX 11.0 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0729 (FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0728 (xpdf PDF viewer client earlier than 0.91 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0727 (xpdf PDF viewer client earlier than 0.91 does not properly launch a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0726 (CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0725 (Zope before 2.2.1 does not properly restrict access to the getRoles ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0720 (news.cgi in GWScripts News Publisher does not properly authenticate ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0718 (A race condition in MandrakeUpdate allows local users to modify RPM ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0717 (GoodTech FTP server allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0716 (WorldClient email client in MDaemon 2.8 includes the session ID in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0712 (Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0711 (Netscape Communicator does not properly prevent a ServerSocket object ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0708 (Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0707 (PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0706 (Buffer overflows in ntop running in web mode allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0705 (ntop running in web mode allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0703 (suidperl (aka sperl) does not properly cleanse the escape sequence ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0702 (The net.init rc script in HP-UX 11.00 (S008net.init) allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0700 (Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit ...) NOT-FOR-US: Cisco CVE-2000-0699 (Format string vulnerability in ftpd in HP-UX 10.20 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0698 (Minicom 1.82.1 and earlier on some Linux systems allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0694 (pgxconfig in the Raptor GFX configuration tool allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0693 (pgxconfig in the Raptor GFX configuration tool uses a relative path ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0685 (BEA WebLogic 5.1.x does not properly restrict access to the ...) NOT-FOR-US: BEA WebLogic CVE-2000-0684 (BEA WebLogic 5.1.x does not properly restrict access to the ...) @@ -712,317 +712,317 @@ CVE-2000-0682 (BEA WebLogic 5.1.x allows remote attackers to read source code fo CVE-2000-0681 (Buffer overflow in BEA WebLogic server proxy plugin allows remote ...) NOT-FOR-US: BEA WebLogic CVE-2000-0679 (The CVS 1.10.8 client trusts pathnames that are provided by the CVS ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0678 (PGP 5.5.x through 6.5.3 does not properly check if an Additional ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0677 (Buffer overflow in IBM Net.Data db2www CGI program allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0676 (Netscape Communicator and Navigator 4.04 through 4.74 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0675 (Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0674 (ftp.pl CGI program for Virtual Visions FTP browser allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0673 (The NetBIOS Name Server (NBNS) protocol does not perform ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0672 (The default configuration of Jakarta Tomcat does not restrict access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0671 (Roxen web server earlier than 2.0.69 allows allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0670 (The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0669 (Novell NetWare 5.0 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0668 (pam_console PAM module in Linux systems allows a user to access the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0666 (rpc.statd in the nfs-utils package in various Linux distributions does ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0665 (GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0664 (AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0663 (The registry entry for the Windows Shell executable (Explorer.exe) in ...) NOT-FOR-US: Microsoft CVE-2000-0662 (Internet Explorer 5.x and Microsoft Outlook allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-2000-0661 (WircSrv IRC Server 5.07s allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0660 (The WDaemon web server for WorldClient 2.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0655 (Netscape Communicator 4.73 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0654 (Microsoft Enterprise Manager allows local users to obtain database ...) NOT-FOR-US: Microsoft CVE-2000-0652 (IBM WebSphere allows remote attackers to read source code for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0651 (The ClientTrust program in Novell BorderManager does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0650 (The default installation of VirusScan 4.5 and NetShield 4.5 has ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0644 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0643 (Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0642 (The default configuration of WebActive HTTP Server 1.00 stores the web ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0641 (Savant web server allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0640 (Guild FTPd allows remote attackers to determine the existence of files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0639 (The default configuration of Big Brother 1.4h2 and earlier does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0638 (bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0637 (Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary ...) NOT-FOR-US: Microsoft CVE-2000-0636 (HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0635 (The view_page.html sample page in the MiniVend shopping cart program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0634 (The web administration interface for CommuniGate Pro 3.2.5 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0633 (Vulnerability in Mandrake Linux usermode package allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0632 (Buffer overflow in the web archive component of L-Soft Listserv 1.8d ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0631 (An administrative script from IIS 3.0, later included in IIS 4.0 and ...) NOT-FOR-US: Microsoft CVE-2000-0630 (IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source ...) NOT-FOR-US: Microsoft CVE-2000-0628 (The source.asp example script in the Apache ASP module Apache::ASP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0627 (BlackBoard CourseInfo 4.0 does not properly authenticate users, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0624 (Buffer overflow in Winamp 2.64 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0622 (Buffer overflow in Webfind CGI program in O'Reilly WebSite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0621 (Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, ...) NOT-FOR-US: Microsoft CVE-2000-0620 (libX11 X library allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0619 (Top Layer AppSwitch 2500 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0616 (Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0615 (LPRng 3.6.x improperly installs lpd as setuid root, which can allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0613 (Cisco Secure PIX Firewall does not properly identify forged TCP Reset ...) NOT-FOR-US: Cisco CVE-2000-0611 (The default configuration of NetWin dMailWeb and cwMail trusts all POP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0610 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0604 (gkermit in Red Hat Linux is improperly installed with setgid uucp, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0603 (Microsoft SQL Server 7.0 allows a local user to bypass permissions for ...) NOT-FOR-US: Microsoft CVE-2000-0602 (Secure Locate (slocate) in Red Hat Linux allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0601 (LeafChat 1.7 IRC client allows a remote IRC server to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0600 (Netscape Enterprise Server in NetWare 5.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0599 (Buffer overflow in iMesh 1.02 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0598 (Fortech Proxy+ allows remote attackers to bypass access restrictions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0597 (Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are ...) NOT-FOR-US: Microsoft CVE-2000-0596 (Internet Explorer 5.x does not warn a user before opening a Microsoft ...) NOT-FOR-US: Microsoft CVE-2000-0595 (libedit searches for the .editrc file in the current directory instead ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0594 (BitchX IRC client does not properly cleanse an untrusted format ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0593 (WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0591 (Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0590 (Poll It 2.0 CGI script allows remote attackers to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0588 (SawMill 5.0.21 CGI program allows remote attackers to read the first ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0587 (The privpath directive in glftpd 1.18 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0586 (Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0585 (ISC DHCP client program dhclient allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0584 (Buffer overflow in Canna input system allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0583 (vchkpw program in vpopmail before version 4.8 does not properly cleanse ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0582 (Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0581 (Windows 2000 Telnet Server allows remote attackers to cause a denial ...) NOT-FOR-US: Microsoft CVE-2000-0579 (IRIX crontab creates temporary files with predictable file names and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0577 (Netscape Professional Services FTP Server 1.3.6 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0576 (Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows ...) NOT-FOR-US: AIX CVE-2000-0575 (SSH 1.2.27 with Kerberos authentication support stores Kerberos ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0573 (The lreply function in wu-ftpd 2.6.0 and earlier does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0571 (LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0570 (FirstClass Internet Services server 5.770, and other versions before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0569 (Sybergen Sygate allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0568 (Sybergen Secure Desktop 2.1 does not properly protect against false ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0567 (Buffer overflow in Microsoft Outlook and Outlook Express allows remote ...) NOT-FOR-US: Microsoft CVE-2000-0566 (makewhatis in Linux man package allows local users to overwrite files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0565 (SmartFTP Daemon 0.2 allows a local user to access arbitrary files by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0561 (Buffer overflow in WebBBS 1.15 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0558 (Buffer overflow in HP Openview Network Node Manager 6.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0557 (Buffer overflow in the web interface for Cmail 2.4.7 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0556 (Buffer overflow in the web interface for Cmail 2.4.7 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0555 (Ceilidh allows remote attackers to cause a denial of service via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0553 (Race condition in IPFilter firewall 3.4.3 and earlier, when configured ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0552 (ICQwebmail client for ICQ 2000A creates a world readable temporary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0551 (The file transfer mechanism in Danware NetOp 6.0 does not provide ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0550 (Kerberos 4 KDC program improperly frees memory twice (aka ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0549 (Kerberos 4 KDC program does not properly check for null termination of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0548 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0542 (Tigris remote access server before 11.5.4.22 does not properly record ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0541 (The Panda Antivirus console on port 2001 allows local users to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0540 (JSP sample files in Allaire JRun 2.3.x allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0539 (Servlet examples in Allaire JRun 2.3.x allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0538 (ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0537 (BRU backup software allows local users to append data to arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0536 (xinetd 2.1.8.x does not properly restrict connections if hostnames are ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0534 (The apsfilter software in the FreeBSD ports package does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0533 (Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0532 (A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0530 (The KApplication class in the KDE 1.1.2 configuration file management ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0529 (Net Tools PKI Server allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0528 (Net Tools PKI Server does not properly restrict access to remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0525 (OpenSSH does not properly drop privileges when the UseLogin option is ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0523 (Buffer overflow in the logging feature of EServ 2.9.2 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0522 (RSA ACE/Server allows remote attackers to cause a denial of service by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0521 (Savant web server allows remote attackers to read source code of CGI ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0519 (Internet Explorer 4.x and 5.x does not properly re-validate an SSL ...) NOT-FOR-US: Microsoft CVE-2000-0518 (Internet Explorer 4.x and 5.x does not properly verify all contents of ...) NOT-FOR-US: Microsoft CVE-2000-0517 (Netscape 4.73 and earlier does not properly warn users about a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0516 (When configured to store configuration information in an LDAP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0515 (The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0514 (GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0513 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0512 (CUPS (Common Unix Printing System) 1.04 and earlier does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0511 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0510 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0508 (rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0507 (Imate Webmail Server 2.5 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0506 (The "capabilities" feature in Linux before 2.2.16 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0505 (The Apache 1.3.x HTTP server for Windows platforms allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0504 (libICE in XFree86 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0502 (Mcafee VirusScan 4.03 does not properly restrict access to the alert ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0501 (Race condition in MDaemon 2.8.5.0 POP server allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0500 (The default configuration of BEA WebLogic 5.1.0 allows a remote ...) NOT-FOR-US: BEA WebLogic CVE-2000-0499 (The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a ...) NOT-FOR-US: BEA WebLogic CVE-2000-0498 (Unify eWave ServletExec allows a remote attacker to view source code ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0497 (IBM WebSphere server 3.0.2 allows a remote attacker to view source ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0495 (Microsoft Windows Media Encoder allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-2000-0494 (Veritas Volume Manager creates a world writable .server_pids file, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0493 (Buffer overflow in Simple Network Time Sync (SMTS) daemon allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0490 (Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0489 (FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0488 (Buffer overflow in ITHouse mail server 1.04 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0486 (Buffer overflow in Cisco TACACS+ tac_plus server allows remote ...) NOT-FOR-US: Cisco CVE-2000-0485 (Microsoft SQL Server allows local users to obtain database passwords ...) NOT-FOR-US: Microsoft CVE-2000-0484 (Buffer overflow in Small HTTP Server allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0483 (The DocumentTemplate package in Zope 2.2 and earlier allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0482 (Check Point Firewall-1 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0481 (Buffer overflow in KDE Kmail allows a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0478 (In some cases, Norton Antivirus for Exchange (NavExchange) enters a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0477 (Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0475 (Windows 2000 allows a local user process to access another user's ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0474 (Real Networks RealServer 7.x allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0472 (Buffer overflow in innd 2.2.2 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0471 (Buffer overflow in ufsrestore in Solaris 8 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0470 (Allegro RomPager HTTP server allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0469 (Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0468 (man in HP-UX 10.20 and 11 allows local attackers to overwrite files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0467 (Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0466 (AIX cdmount allows local users to gain root privileges via shell ...) NOT-FOR-US: AIX CVE-2000-0465 (Internet Explorer 4.x and 5.x does properly verify the domain of a ...) @@ -1030,401 +1030,401 @@ CVE-2000-0465 (Internet Explorer 4.x and 5.x does properly verify the domain of CVE-2000-0464 (Internet Explorer 4.x and 5.x allows remote attackers to execute ...) NOT-FOR-US: Microsoft CVE-2000-0463 (BeOS 5.0 allows remote attackers to cause a denial of service via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0462 (ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0461 (The undocumented semconfig system call in BSD freezes the state of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0460 (Buffer overflow in KDE kdesud on Linux allows local uses to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0459 (IMP does not remove files properly if the MSWordView application ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0458 (The MSWordView application in IMP creates world-readable files in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0457 (ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file ...) NOT-FOR-US: Microsoft CVE-2000-0456 (NetBSD 1.4.2 and earlier allows local users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0455 (Buffer overflow in xlockmore xlock program version 4.16 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0454 (Buffer overflow in Linux cdrecord allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0453 (XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0452 (Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0451 (The Intel express 8100 ISDN router allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0448 (The WebShield SMTP Management Tool version 4.5.44 does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0447 (Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0446 (Buffer overflow in MDBMS database server allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0445 (The pgpk command in PGP 5.x on Unix systems uses an insufficiently ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0443 (The web interface server in HP Web JetAdmin 5.6 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0442 (Qpopper 2.53 and earlier allows local users to gain privileges via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0441 (Vulnerability in AIX 3.2.x and 4.x allows local users to gain write ...) NOT-FOR-US: AIX CVE-2000-0440 (NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0439 (Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain ...) NOT-FOR-US: Microsoft CVE-2000-0438 (Buffer overflow in fdmount on Linux systems allows local users in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0437 (Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0436 (MetaProducts Offline Explorer 1.2 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0435 (The allmanageup.pl file upload CGI script in the Allmanage Website ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0432 (The calender.pl and the calendar_admin.pl calendar scripts by Matt ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0431 (Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0430 (Cart32 allows remote attackers to access sensitive debugging ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0428 (Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0427 (The Aladdin Knowledge Systems eToken device allows attackers with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0426 (UltraBoard 1.6 and other versions allow remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0425 (Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0424 (The CGI counter 4.0.7 by George Burgyan allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0421 (The process_bug.cgi script in Bugzilla allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0419 (The Office 2000 UA ActiveX Control is marked as "safe for scripting," ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0418 (The Cayman 3220-H DSL router allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0417 (The HTTP administration interface to the Cayman 3220-H DSL router ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0416 (NTMail 5.x allows network users to bypass the NTMail proxy ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0414 (Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0411 (Matt Wright's FormMail CGI script allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0410 (ColdFusion Server 4.5.1 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0409 (Netscape 4.73 and earlier follows symlinks when it imports a new ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0408 (IIS 4.05 and 5.0 allow remote attackers to cause a denial of service ...) NOT-FOR-US: Microsoft CVE-2000-0407 (Buffer overflow in Solaris netpr program allows local users to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0406 (Netscape Communicator before version 4.73 and Navigator 4.07 do not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0405 (Buffer overflow in L0pht AntiSniff allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0404 (The CIFS Computer Browser service allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0403 (The CIFS Computer Browser service on Windows NT 4.0 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0402 (The Mixed Mode authentication capability in Microsoft SQL Server 7.0 ...) NOT-FOR-US: Microsoft CVE-2000-0399 (Buffer overflow in MDaemon POP server allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0398 (Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0397 (The EMURL web-based email account software encodes predictable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0396 (The add.exe program in the Carello shopping cart software allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0395 (Buffer overflow in CProxy 3.3 allows remote users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0394 (NetProwler 3.0 allows remote attackers to cause a denial of service by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0393 (The KDE kscd program does not drop privileges when executing a program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0392 (Buffer overflow in ksu in Kerberos 5 allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0391 (Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0390 (Buffer overflow in krb425_conv_principal function in Kerberos 5 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0389 (Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0388 (Buffer overflow in FreeBSD libmytinfo library allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0387 (The makelev program in the golddig game from the FreeBSD ports ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0382 (ColdFusion ClusterCATS appends stale query string arguments to a URL ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0381 (The Gossamer Threads DBMan db.cgi CGI script allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0380 (The IOS HTTP service in Cisco routers and switches running IOS 11.1 ...) NOT-FOR-US: Cisco CVE-2000-0379 (The Netopia R9100 router does not prevent authenticated users from ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0378 (The pam_console PAM module in Linux systems performs a chown on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0377 (The Remote Registry server in Windows NT 4.0 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0376 (Buffer overflow in the HTTP proxy server for the i-drive Filo software ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0375 (The kernel in FreeBSD 3.2 follows symbolic links when it creates core ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0374 (The default configuration of kdm in Caldera and Mandrake Linux, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0373 (Vulnerabilities in the KDE kvt terminal program allow local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0372 (Vulnerability in Caldera rmt command in the dump package 0.4b4 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0371 (The libmediatool library used for the KDE mediatool allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0370 (The debug option in Caldera Linux smail allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0369 (The IDENT server in Caldera Linux 2.3 creates multiple threads for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0368 (Classic Cisco IOS 9.1 and later allows attackers with access to the ...) NOT-FOR-US: Cisco CVE-2000-0367 (Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0366 (dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0363 (Linux cdwtools 093 and earlier allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0362 (Buffer overflows in Linux cdwtools 093 and earlier allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0361 (The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0360 (Buffer overflow in INN 2.2.1 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0359 (Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0356 (Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0354 (mirror 2.8.x in Linux systems allows remote attackers to create files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0353 (Pine 4.x allows a remote attacker to execute arbitrary commands via an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0352 (Pine before version 4.21 does not properly filter shell metacharacters ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0351 (Some packaging commands in SCO UnixWare 7.1.0 have insecure ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0350 (A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0349 (Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0348 (A vulnerability in the Sendmail configuration file sendmail.cf as ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0347 (Windows 95 and Windows 98 allow a remote attacker to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0346 (AppleShare IP 6.1 and later allows a remote attacker to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0344 (The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0342 (Eudora 4.x allows remote attackers to bypass the user warning for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0341 (ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0340 (Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0339 (ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0338 (Concurrent Versions Software (CVS) uses predictable temporary file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0337 (Buffer overflow in Xsun X server in Solaris 7 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0336 (Linux OpenLDAP server allows local users to modify arbitrary files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0335 (The resolver in glibc 2.1.3 uses predictable IDs, which allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0334 (The Allaire Spectra container editor preview tool does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0332 (UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0331 (Buffer overflow in Microsoft command processor (CMD.EXE) for Windows ...) NOT-FOR-US: Microsoft CVE-2000-0330 (The networking software in Windows 95 and Windows 98 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0329 (A Microsoft ActiveX control allows a remote attacker to execute a ...) NOT-FOR-US: Microsoft CVE-2000-0328 (Windows NT 4.0 generates predictable random TCP initial sequence ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0327 (Microsoft Virtual Machine (VM) allows remote attackers to escape the ...) NOT-FOR-US: Microsoft CVE-2000-0324 (pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0323 (The Microsoft Jet database engine allows an attacker to modify text ...) NOT-FOR-US: Microsoft CVE-2000-0322 (The passwd.php3 CGI script in the Red Hat Piranha Virtual Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0320 (Qpopper 2.53 and 3.0 does not properly identify the \n string which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0319 (mail.local in Sendmail 8.10.x does not properly identify the .\n ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0318 (Atrium Mercur Mail Server 3.2 allows local attackers to read other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0316 (Buffer overflow in Solaris 7 lp allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0315 (traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0314 (traceroute in NetBSD 1.3.3 and Linux systems allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0313 (Vulnerability in OpenBSD 2.6 allows a local user to change interface ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0311 (The Windows 2000 domain controller allows a malicious user to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0310 (IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0309 (The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0308 (Insecure file permissions for Netscape FastTrack Server 2.x, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0307 (Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0306 (Buffer overflow in calserver in SCO OpenServer allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0305 (Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0304 (Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory ...) NOT-FOR-US: Microsoft CVE-2000-0303 (Quake3 Arena allows malicious server operators to read or modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0302 (Microsoft Index Server allows remote attackers to view the source code ...) NOT-FOR-US: Microsoft CVE-2000-0301 (Ipswitch IMAIL server 6.02 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0298 (The unattended installation of Windows 2000 with the OEMPreinstall ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0297 (Allaire Forums 2.0.5 allows remote attackers to bypass access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0296 (fcheck allows local users to gain privileges by embedding shell ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0294 (Buffer overflow in healthd for FreeBSD allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0292 (The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0290 (Buffer overflow in Webstar HTTP server allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0289 (IP masquerading in Linux 2.2.x allows remote attackers to route UDP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0287 (The BizDB CGI script bizdb-search.cgi allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0285 (Buffer overflow in XFree86 3.3.x allows local users to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0283 (The default installation of IRIX Performance Copilot allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0282 (TalentSoft webpsvr daemon in the Web+ shopping cart application allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0279 (BeOS allows remote attackers to cause a denial of service via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0278 (The SalesLogix Eviewer allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0277 (Microsoft Excel 97 and 2000 does not warn the user when executing ...) NOT-FOR-US: Microsoft CVE-2000-0276 (BeOS 4.5 and 5.0 allow local users to cause a denial of service via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0274 (The Linux trustees kernel patch allows attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0273 (PCAnywhere allows remote attackers to cause a denial of service by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0272 (RealNetworks RealServer allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0268 (Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of ...) NOT-FOR-US: Cisco CVE-2000-0267 (Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode ...) NOT-FOR-US: Cisco CVE-2000-0265 (Panda Security 3.0 allows users to uninstall the Panda software via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0264 (Panda Security 3.0 with registry editing disabled allows users to edit ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0263 (The X font server xfs in Red Hat Linux 6.x allows an attacker to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0262 (The AVM KEN! ISDN Proxy server allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0261 (The AVM KEN! web server allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0260 (Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 ...) NOT-FOR-US: Microsoft CVE-2000-0258 (IIS 4.0 and 5.0 allows remote attackers to cause a denial of service ...) NOT-FOR-US: Microsoft CVE-2000-0257 (Buffer overflow in the NetWare remote web administration utility ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0255 (The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0254 (The dansie shopping cart application cart.pl allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0253 (The dansie shopping cart application cart.pl allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0252 (The dansie shopping cart application cart.pl allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0251 (HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0249 (The AIX Fast Response Cache Accelerator (FRCA) allows local users to ...) NOT-FOR-US: AIX CVE-2000-0247 (Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0246 (IIS 4.0 and 5.0 does not properly perform ISAPI extension processing ...) NOT-FOR-US: Microsoft CVE-2000-0245 (Vulnerability in SGI IRIX objectserver daemon allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0243 (AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0240 (vqSoft vqServer program allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0238 (Buffer overflow in the web server for Norton AntiVirus for Internet ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0237 (Netscape Enterprise Server with Web Publishing enabled allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0236 (Netscape Enterprise Server with Directory Indexing enabled allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0235 (Buffer overflow in the huh program in the orville-write package allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0234 (The default configuration of Cobalt RaQ2 and RaQ3 as specified in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0233 (SuSE Linux IMAP server allows remote attackers to bypass IMAP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0232 (Microsoft TCP/IP Printing Services, aka Print Services for Unix, ...) NOT-FOR-US: Microsoft CVE-2000-0231 (Linux kreatecd trusts a user-supplied path that is used to find the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0230 (Buffer overflow in imwheel allows local users to gain root privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0229 (gpm-root in the gpm package does not properly drop privileges, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0228 (Microsoft Windows Media License Manager allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-2000-0226 (IIS 4.0 allows attackers to cause a denial of service by requesting a ...) NOT-FOR-US: Microsoft CVE-2000-0225 (The Pocsag POC32 program does not properly prevent remote users from ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0224 (ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0223 (Buffer overflow in the wmcdplay CD player program for the WindowMaker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0222 (The installation for Windows 2000 does not activate the Administrator ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0221 (The Nautica Marlin bridge allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0218 (Buffer overflow in Linux mount and umount allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0217 (The default configuration of SSH allows X forwarding, which could ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0215 (Vulnerability in SCO cu program in UnixWare 7.x allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0212 (InterAccess TelnetID Server 4.0 allows remote attackers to conduct a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0211 (The Windows Media server allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0210 (The lit program in Sun Flex License Manager (FlexLM) follows symlinks, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0209 (Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0208 (The htdig (ht://Dig) CGI program htsearch allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0207 (SGI InfoSearch CGI program infosrch.cgi allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0206 (The installation of Oracle 8.1.5.x on Linux follows symlinks and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0202 (Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow ...) NOT-FOR-US: Microsoft CVE-2000-0201 (The window.showHelp() method in Internet Explorer 5.x does not ...) @@ -1432,367 +1432,367 @@ CVE-2000-0201 (The window.showHelp() method in Internet Explorer 5.x does not .. CVE-2000-0200 (Buffer overflow in Microsoft Clip Art Gallery allows remote attackers ...) NOT-FOR-US: Microsoft CVE-2000-0196 (Buffer overflow in mhshow in the Linux nmh package allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0195 (setxconf in Corel Linux allows local users to gain root access via the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0194 (buildxconf in Corel Linux allows local users to modify or create ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0193 (The default configuration of Dosemu in Corel Linux 1.0 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0192 (The default installation of Caldera OpenLinux 2.3 includes the CGI ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0191 (Axis StorPoint CD allows remote attackers to access administrator URLs ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0189 (ColdFusion Server 4.x allows remote attackers to determine the real ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0186 (Buffer overflow in the dump utility in the Linux ext2fs backup package ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0185 (RealMedia RealServer reveals the real IP address of a Real Server, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0184 (Linux printtool sets the permissions of printer configuration files to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0183 (Buffer overflow in ircII 4.4 IRC client allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0182 (iPlanet Web Server 4.1 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0181 (Firewall-1 3.0 and 4.0 leaks packets with private IP address ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0180 (Sojourn search engine allows remote attackers to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0179 (HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0178 (ServerIron switches by Foundry Networks have predictable TCP/IP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0175 (Buffer overflow in StarOffice StarScheduler web server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0174 (StarOffice StarScheduler web server allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0172 (The mtr program only uses a seteuid call when attempting to drop ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0171 (atsadc in the atsar package for Linux does not properly check the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0170 (Buffer overflow in the man program in Linux allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0169 (Batch files in the Oracle web listener ows-bin directory allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0168 (Microsoft Windows 9x operating systems allow an attacker to cause a ...) NOT-FOR-US: Microsoft CVE-2000-0166 (Buffer overflow in the InterAccess telnet server TelnetD allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0165 (The Delegate application proxy has several buffer overflows which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0164 (The installation of Sun Internet Mail Server (SIMS) creates a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0162 (The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x ...) NOT-FOR-US: Microsoft CVE-2000-0161 (Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not ...) NOT-FOR-US: Microsoft CVE-2000-0159 (HP Ignite-UX does not save /etc/passwd when it creates an image of a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0157 (NetBSD ptrace call on VAX allows local users to gain privileges by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0156 (Internet Explorer 4.x and 5.x allows remote web servers to access ...) NOT-FOR-US: Microsoft CVE-2000-0152 (Remote attackers can cause a denial of service in Novell BorderManager ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0150 (Check Point Firewall-1 allows remote attackers to bypass port access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0149 (Zeus web server allows remote attackers to view the source code for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0148 (MySQL 3.22 allows remote attackers to bypass password authentication ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0146 (The Java Server in the Novell GroupWise Web Access Enhancement Pack ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0145 (The libguile.so library file used by gnucash in Debian GNU/Linux is ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0144 (Axis 700 Network Scanner does not properly restrict access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0141 (Infopop Ultimate Bulletin Board (UBB) allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0140 (Internet Anywhere POP3 Mail Server allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0139 (Internet Anywhere POP3 Mail Server allows local users to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0131 (Buffer overflow in War FTPd 1.6x allows users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0130 (Buffer overflow in SCO scohelp program allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0128 (The Finger Server 0.82 allows remote attackers to execute commands via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0127 (The Webspeed configuration program does not properly disable access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0121 (The Recycle Bin utility in Windows NT and Windows 2000 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0120 (The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0117 (The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0116 (Firewall-1 does not properly filter script tags, which allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0113 (The SyGate Remote Management program does not properly restrict access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0112 (The default installation of Debian GNU/Linux uses an insecure Master ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0111 (The RightFax web client uses predictable session numbers, which allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0107 (Linux apcd program allows local attackers to modify arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0100 (The SMS Remote Control program is installed with insecure permissions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0099 (Buffer overflow in UnixWare ppptalk command allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0098 (Microsoft Index Server allows remote attackers to determine the real ...) NOT-FOR-US: Microsoft CVE-2000-0097 (The WebHits ISAPI filter in Microsoft Index Server allows remote ...) NOT-FOR-US: Microsoft CVE-2000-0095 (The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0094 (procfs in BSD systems allows local users to gain root privileges by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0092 (The BSD make program allows local users to modify files via a symlink ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0091 (Buffer overflow in vchkpw/vpopmail POP authentication package allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0090 (VMWare 1.1.2 allows local users to cause a denial of service via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0089 (The rdisk utility in Microsoft Terminal Server Edition and Windows NT ...) NOT-FOR-US: Microsoft CVE-2000-0088 (Buffer overflow in the conversion utilities for Japanese, Korean and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0087 (Netscape Mail Notification (nsnotify) utility in Netscape Communicator ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0083 (HP asecure creates the Audio Security File audio.sec with insecure ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0080 (AIX techlibss allows local users to overwrite files via a symlink ...) NOT-FOR-US: AIX CVE-2000-0076 (nviboot boot script in the Debian nvi package allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0075 (Super Mail Transfer Package (SMTP), later called MsgCore, has a memory ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0073 (Buffer overflow in Microsoft Rich Text Format (RTF) reader allows ...) NOT-FOR-US: Microsoft CVE-2000-0072 (Visual Casel (Vcasel) does not properly prevent users from executing ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0070 (NtImpersonateClientOfPort local procedure call in Windows NT 4.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0065 (Buffer overflow in InetServ 3.0 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0064 (cgiproc CGI script in Nortel Contivity HTTP server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0063 (cgiproc CGI script in Nortel Contivity HTTP server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0062 (The DTML implementation in the Z Object Publishing Environment (Zope) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0060 (Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0057 (Cold Fusion CFCACHE tag places temporary cache files within the web ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0056 (IMail IMONITOR status.cgi CGI script allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0053 (Microsoft Commercial Internet System (MCIS) IMAP server allows remote ...) NOT-FOR-US: Microsoft CVE-2000-0052 (Red Hat userhelper program in the usermode package allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0051 (The Allaire Spectra Configuration Wizard allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0050 (The Allaire Spectra Webtop allows authenticated users to access other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0048 (get_it program in Corel Linux Update allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0045 (MySQL allows local users to modify passwords for arbitrary MySQL users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0044 (Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0043 (Buffer overflow in CamShot WebCam HTTP server allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0042 (Buffer overflow in CSM mail server allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0041 (Macintosh systems generate large ICMP datagrams in response to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0040 (glFtpD allows local users to gain privileges via metacharacters in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0039 (AltaVista search engine allows remote attackers to read files above ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0037 (Majordomo wrapper allows local users to gain privileges by specifying ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0036 (Outlook Express 5 for Macintosh downloads attachments to HTML mail ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0034 (Netscape 4.7 records user passwords in the preferences.js file during ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0033 (InterScan VirusWall SMTP scanner does not properly scan messages with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0032 (Solaris dmi_cmd allows local users to crash the dmispd daemon by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0031 (The initscripts package in Red Hat Linux allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0030 (Solaris dmispd dmi_cmd allows local users to fill up restricted disk ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0029 (UnixWare pis and mkpis commands allow local users to gain privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0027 (IBM Network Station Manager NetStation allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0026 (Buffer overflow in UnixWare i2odialogd daemon allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0025 (IIS 4.0 and Site Server 3.0 allow remote attackers to read source code ...) NOT-FOR-US: Microsoft CVE-2000-0024 (IIS does not properly canonicalize URLs, potentially allowing remote ...) NOT-FOR-US: Microsoft CVE-2000-0023 (Buffer overflow in Lotus Domino HTTP server allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0022 (Lotus Domino HTTP server does not properly disable anonymous access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0020 (DNS PRO allows remote attackers to conduct a denial of service via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0018 (wmmon in FreeBSD allows local users to gain privileges via the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0015 (CascadeView TFTP server allows local users to gain privileges via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0014 (Denial of service in Savant web server via a null character in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0013 (IRIX soundplayer program allows local users to gain privileges by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0012 (Buffer overflow in w3-msql CGI program in miniSQL package allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0011 (Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0010 (WebWho+ whois.cgi program allows remote attackers to execute commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0009 (The bna_pass program in Optivity NETarchitect uses the PATH ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0007 (Trend Micro PC-Cillin does not restrict access to its internal proxy ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0006 (strace allows local users to read arbitrary files via memory mapped ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0004 (ZBServer Pro allows remote attackers to read source code for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0003 (Buffer overflow in UnixWare rtpm program allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0002 (Buffer overflow in ZBServer Pro 1.50 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0001 (RealMedia server allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1214 (Buffer overflows in the (1) outpack or (2) buf variables of ping in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1213 (ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1209 (The "sa" account is installed with a default null password on (1) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1208 (Format string vulnerability in startprinting() function of printjob.c ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1207 (userhelper in the usermode package on Red Hat Linux executes ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1206 (Vulnerability in Apache httpd before 1.3.11, when configured for mass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1205 (Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1204 (Vulnerability in the mod_vhost_alias virtual hosting module for Apache ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1202 (ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1201 (Check Point FireWall-1 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1199 (PostgreSQL stores usernames and passwords in plaintext in (1) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1198 (qpopper POP server creates lock files with predictable names, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1197 (POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1194 (Argosoft FRP server 1.0 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1192 (Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1191 (htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1188 (Directory traversal vulnerability in Quikstore shopping cart program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1186 (Buffer overflow in phf CGI program allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1185 (The telnet proxy in RideWay PN proxy server allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1183 (Buffer overflow in socks5 server on Linux allows attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1177 (bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1176 (Directory traversal vulnerability in YaBB search.pl CGI script allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1175 (Buffer overflow in Koules 1.4 allows local users to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1173 (Microsys CyberPatrol uses weak encryption (trivial encoding) for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1172 (Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1168 (IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1161 (The installation of AdCycle banner management system leaves the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1160 (NAI Sniffer Agent allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1159 (NAI Sniffer Agent allows remote attackers to gain privileges on the agent ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1158 (NAI Sniffer Agent uses base64 encoding for authentication, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1157 (Buffer overflow in NAI Sniffer Agent allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1156 (StarOffice 5.2 follows symlinks and sets world-readable permissions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1155 (RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1154 (RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1153 (PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1152 (Browser IRC client in BeOS r5 pro and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1151 (Baxter IRC client in BeOS r5 pro and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1150 (Felix IRC client in BeOS r5 pro and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1147 (Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers ...) NOT-FOR-US: Microsoft CVE-2000-1138 (Lotus Notes R5 client R5.0.5 and earlier does not properly warn users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1134 (Multiple shell programs on various Unix systems, including (1) tcsh, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1133 (Authentix Authentix100 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1130 (McAfee WebShield SMTP 4.5 allows remote attackers to bypass email ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1129 (McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1128 (The default configuration of McAfee VirusScan 4.5 does not quote the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1127 (registrar in the HP resource monitor service allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1126 (Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1125 (restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1118 (24Link 1.06 web server allows remote attackers to bypass access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1117 (The Extended Control List (ECL) feature of the Java Virtual Machine ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1116 (Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1114 (Unify ServletExec AS v3.0C allows remote attackers to read source code ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1110 (document.d2w CGI program in the IBM Net.Data db2www package allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1105 (The ixsso.query ActiveX Object is marked as safe for scripting, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1104 (Variant of the "IIS Cross-Site Scripting" vulnerability as originally ...) NOT-FOR-US: Microsoft CVE-2000-1103 (rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1102 (PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1100 (The default configuration for PostACI webmail system installs the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1098 (The web server for the SonicWALL SOHO firewall allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1093 (Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1092 (loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1090 (Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers ...) NOT-FOR-US: Microsoft CVE-2000-1088 (The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL ...) @@ -1812,652 +1812,652 @@ CVE-2000-1082 (The xp_enumresultset function in SQL Server and Microsoft SQL Ser CVE-2000-1081 (The xp_displayparamstmt function in SQL Server and Microsoft SQL ...) NOT-FOR-US: Microsoft CVE-2000-1079 (Interactions between the CIFS Browser Protocol and NetBIOS as ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1078 (ICQ Web Front HTTPd allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1076 (Netscape (iPlanet) Certificate Management System 4.2 and Directory ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1066 (The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1065 (Vulnerability in IP implementation of HP JetDirect printer card ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1064 (Buffer overflow in the LPD service in HP JetDirect printer card ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1063 (Buffer overflow in the Telnet service in HP JetDirect printer card ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1062 (Buffer overflow in the FTP service in HP JetDirect printer card ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1053 (Allaire JRun 2.3.3 server allows remote attackers to compile and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1052 (Allaire JRun 2.3 server allows remote attackers to obtain source code ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1048 (Directory traversal vulnerability in the logfile service of Wingate ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1046 (Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1039 (Various TCP/IP stacks and network applications allow remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1037 (Check Point Firewall-1 session agent 3.0 through 4.1 generates ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1035 (Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1033 (Serv-U FTP Server allows remote attackers to bypass its anti-hammering ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1030 (CS&T CorporateTime for the Web returns different error messages for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1029 (Buffer overflow in host command allows a remote attacker to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1028 (Buffer overflow in cu program in HP-UX 11.0 may allow local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1025 (eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1023 (The Alabanza Control Panel does not require passwords to access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1021 (Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1020 (Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1017 (Webteachers Webdata allows remote attackers with valid Webdata ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1015 (The default configuration of Slashcode before version 2.0 Alpha has a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1013 (The setlocale function in FreeBSD 5.0 and earlier, and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1012 (The catopen function in FreeBSD 5.0 and earlier, and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1009 (dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1008 (PalmOS 3.5.2 and earlier uses weak encryption to store the user ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0999 (Format string vulnerabilities in OpenBSD ssh program (and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0998 (Format string vulnerability in top program allows local attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0997 (Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0988 (WinU 1.0 through 5.1 has a backdoor password that allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0987 (Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0986 (Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0985 (Buffer overflow in All-Mail 1.1 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0971 (Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0963 (Buffer overflow in ncurses library allows local users to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0955 (Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to ...) NOT-FOR-US: Cisco CVE-2000-0954 (Shambala Server 4.5 stores passwords in plaintext, which could allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0950 (Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0940 (Directory traversal vulnerability in Metertek pagelog.cgi allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0939 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0931 (Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0918 (Format string vulnerability in kvt in KDE 1.1.2 may allow local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0916 (FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0907 (EServ 2.92 Build 2982 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0906 (Directory traversal vulnerability in Moreover.com cached_feed.cgi ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0905 (QNX Embedded Resource Manager in Voyager web server 2.01B in the demo ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0904 (Voyager web server 2.01B in the demo disks for QNX 405 stores ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0903 (Directory traversal vulnerability in Voyager web server 2.01B in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0902 (getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0899 (Small HTTP Server 2.01 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0898 (Small HTTP Server 2.01 does not properly process Server Side Includes ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0893 (The presence of the Distributed GL Daemon (dgld) service on port 5232 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0889 (Two Sun security certificates have been compromised, which could allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0885 (Buffer overflows in Microsoft Network Monitor (Netmon) allow remote ...) NOT-FOR-US: Microsoft CVE-2000-0882 (Intel Express 500 series switches allow a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0881 (The dccscan setuid program in LPPlus does not properly check if the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0880 (LPPlus creates the lpdprocess file with world-writeable permissions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0879 (LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0872 (explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0866 (Interbase 6 SuperServer for Linux allows an attacker to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0857 (The logging capability in muh 2.05d IRC server does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0855 (SunFTP build 9(1) allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0845 (kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0843 (Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0842 (The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0841 (Buffer overflow in XMail POP3 server before version 0.59 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0840 (Buffer overflow in XMail POP3 server before version 0.59 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0836 (Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0835 (search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0833 (Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0832 (Htgrep CGI program allows remote attackers to read arbitrary files by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0831 (Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0828 (Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0827 (Buffer overflow in the web authorization form of Mobius DocumentDirect ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0826 (Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0817 (Buffer overflow in the HTTP protocol parser for Microsoft Network ...) NOT-FOR-US: Microsoft CVE-2000-0812 (The administration module in Sun Java web server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0802 (The BAIR program does not properly restrict access to the Internet ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0801 (Buffer overflow in bdf program in HP-UX 11.00 may allow local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0800 (String parsing error in rpc.kstatd in the linuxnfs or knfsd packages ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0798 (The truncate function in IRIX 6.x does not properly check for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0794 (Buffer overflow in IRIX libgl.so library allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0793 (Norton AntiVirus 5.00.01C with the Novell Netware client does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0791 (Trustix installs the httpsd program for Apache-SSL with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0789 (WinU 5.x and earlier uses weak encryption to store its configuration ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0785 (WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0784 (sshd program in the Rapidstream 2.1 Beta VPN appliance has a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0775 (Buffer overflow in RobTex Viking server earlier than 1.06-370 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0774 (The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0772 (The installation of Tumbleweed Messaging Management System (MMS) 4.6 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0769 (O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0760 (The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0759 (Jakarta Tomcat 3.1 under Apache reveals physical path information when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0757 (The sysgen service in Aptis Totalbill does not perform authentication, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0756 (Microsoft Outlook 2000 does not properly process long or malformed ...) NOT-FOR-US: Microsoft CVE-2000-0755 (Vulnerability in the newgrp command in HP-UX 11.00 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0752 (Buffer overflows in brouted in FreeBSD and possibly other OSes allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0748 (OpenLDAP 1.2.11 and earlier improperly installs the ud binary with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0746 (Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against ...) NOT-FOR-US: Microsoft CVE-2000-0736 (Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0735 (Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0734 (eEye IRIS 1.01 beta allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0724 (The go-gnome Helix GNOME pre-installer allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0723 (Helix GNOME Updater helix-update 0.5 and earlier does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0722 (Helix GNOME Updater helix-update 0.5 and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0721 (The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0719 (VariCAD 7.0 is installed with world-writeable files, which allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0715 (DiskCheck script diskcheck.pl in Red Hat Linux allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0714 (umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0713 (Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0710 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions ...) NOT-FOR-US: Microsoft CVE-2000-0709 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions ...) NOT-FOR-US: Microsoft CVE-2000-0704 (Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0701 (The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0697 (The administration interface for the dwhttpd web server in Solaris ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0696 (The administration interface for the dwhttpd web server in Solaris ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0695 (Buffer overflows in pgxconfig in the Raptor GFX configuration tool ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0692 (ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a ...) - kdebase 4:2.2.2-14.6 CVE-2000-0691 (The faxrunq and faxrunqd in the mgetty package allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0690 (Auction Weaver CGI script 1.02 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0689 (Account Manager LITE does not properly authenticate attempts to change ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0688 (Subscribe Me LITE does not properly authenticate attempts to change ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0687 (Auction Weaver CGI script 1.03 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0686 (Auction Weaver CGI script 1.03 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0680 (The CVS 1.10.8 server does not properly restrict users from creating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0667 (Vulnerability in gpm in Caldera Linux allows local users to delete ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0659 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0658 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0657 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0656 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0653 (Microsoft Outlook Express allows remote attackers to monitor a user's ...) NOT-FOR-US: Microsoft CVE-2000-0649 (IIS 4.0 allows remote attackers to obtain the internal IP address of ...) NOT-FOR-US: Microsoft CVE-2000-0648 (WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0647 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0646 (WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0645 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0629 (The default configuration of the Sun Java web server 2.0 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0626 (Buffer overflow in Alibaba web server allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0625 (NetZero 3.0 and earlier uses weak encryption for storing a user's ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0623 (Buffer overflow in O'Reilly WebSite Professional web server 2.4 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0618 (Buffer overflow in xconq and cconq game programs on Red Hat Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0617 (Buffer overflow in xconq and cconq game programs on Red Hat Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0614 (Tnef program in Linux systems allows remote attackers to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0612 (Windows 95 and Windows 98 do not properly process spoofed ARP packets, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0609 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0608 (NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0607 (Buffer overflow in fld program in Kanji on Console (KON) package on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0606 (Buffer overflow in kon program in Kanji on Console (KON) package on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0605 (Blackboard CourseInfo 4.0 stores the local and SQL administrator user ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0592 (Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0589 (SawMill 5.0.21 uses weak encryption to store passwords, which allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0580 (Windows 2000 Server allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0578 (SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0574 (FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0572 (The Razor configuration management tool uses weak encryption for its ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0564 (The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0563 (The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0562 (BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0559 (eTrust Intrusion Detection System (formerly SessionWall-3) uses weak ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0554 (Ceilidh allows remote attackers to obtain the real path of the Ceilidh ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0547 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0546 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0545 (Buffer overflow in mailx mail command (aka Mail) on Linux systems ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0544 (Windows NT and Windows 2000 hosts allow a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0543 (The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0535 (OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0531 (Linux gpm program allows local users to cause a denial of service by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0527 (userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0526 (mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0524 (Microsoft Outlook and Outlook Express allow remote attackers to cause ...) NOT-FOR-US: Microsoft CVE-2000-0520 (Buffer overflow in restore program 0.4b17 and earlier in dump package ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0509 (Buffer overflows in the finger and whois demonstration scripts in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0503 (The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows ...) NOT-FOR-US: Microsoft CVE-2000-0492 (PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0491 (Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0487 (The Protected Store in Windows 2000 does not properly select the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0480 (Dragon telnet server allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0479 (Dragon FTP server allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0476 (xterm, Eterm, and rxvt allow an attacker to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0473 (Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0450 (Vulnerability in bbd server in Big Brother System and Network Monitor ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0449 (Omnis Studio 2.4 uses weak encryption (trivial encoding) for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0444 (HP Web JetAdmin 6.0 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0434 (The administrative password for the Allmanage web site administration ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0433 (The SuSE aaa_base package installs some system accounts with home ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0429 (A backdoor password in Cart32 3.0 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0423 (Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0422 (Buffer overflow in Netwin DMailWeb CGI program allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0420 (The default configuration of SYSKEY in Windows 2000 stores the startup ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0415 (Buffer overflow in Outlook Express 4.x allows attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0413 (The shtml.exe program in the FrontPage extensions package of IIS 4.0 ...) NOT-FOR-US: Microsoft CVE-2000-0412 (The gnapster and knapster clients for Napster do not properly restrict ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0401 (Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0400 (The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does ...) NOT-FOR-US: Microsoft CVE-2000-0386 (FileMaker Pro 5 Web Companion allows remote attackers to send ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0385 (FileMaker Pro 5 Web Companion allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0384 (NetStructure 7110 and 7180 have undocumented accounts (servnow, root, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0383 (The file transfer component of AOL Instant Messenger (AIM) reveals the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0365 (Red Hat Linux 6.0 installs the /dev/pts file system with insecure ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0364 (screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0358 (ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0357 (ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0355 (pg and pb in SuSE pbpg 1.x package allows an attacker to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0345 (The on-line help system options in Cisco routers allows non-privileged ...) NOT-FOR-US: Cisco CVE-2000-0343 (Buffer overflow in Sniffit 0.3.x with the -L logging option enabled ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0333 (tcpdump, Ethereal, and other sniffer packages allow remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0326 (Meeting Maker uses weak encryption (a polyalphabetic substitution ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0325 (The Microsoft Jet database engine allows an attacker to execute ...) NOT-FOR-US: Microsoft CVE-2000-0321 (Buffer overflow in IC Radius package allows a remote attacker to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0317 (Buffer overflow in Solaris 7 lpset allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0312 (cron in OpenBSD 2.5 allows local users to gain root privileges via an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0300 (The default encryption method of PcAnywhere 9.x uses weak encryption, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0299 (Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0295 (Buffer overflow in LCDproc allows remote attackers to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0293 (aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0291 (Buffer overflow in Star Office 5.1 allows attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0288 (Infonautics getdoc.cgi allows remote attackers to bypass the payment ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0286 (X fontserver xfs allows local users to cause a denial of service via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0284 (Buffer overflow in University of Washington imapd version 4.7 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0281 (Buffer overflow in the Napster client beta 5 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0280 (Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0275 (CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0271 (read-passwd and other Lisp functions in Emacs 20 do not properly clear ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0270 (The make-temp-name Lisp function in Emacs 20 creates temporary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0269 (Emacs 20 does not properly set permissions for a slave PTY device when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0266 (Internet Explorer 5.01 allows remote attackers to bypass the cross ...) NOT-FOR-US: Microsoft CVE-2000-0259 (The default permissions for the Cryptography\Offload registry key used ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0256 (Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0250 (The crypt function in QNX uses weak encryption, which allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0248 (The web GUI for the Linux Virtual Server (LVS) software in the Red Hat ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0244 (The Citrix ICA (Independent Computing Architecture) protocol uses weak ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0242 (WindMail allows remote attackers to read arbitrary files or execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0241 (vqSoft vqServer stores sensitive information such as passwords in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0239 (Buffer overflow in the MERCUR WebView WebMail server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0227 (The Linux 2.2.x kernel does not restrict the number of Unix domain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0220 (ZoneAlarm sends sensitive system and network information in cleartext ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0219 (Red Hat 6.0 allows local users to gain root access by booting single ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0216 (Microsoft email clients in Outlook, Exchange, and Windows Messaging ...) NOT-FOR-US: Microsoft CVE-2000-0214 (FTP Explorer uses weak encryption for storing the username, password, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0213 (The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0205 (Trend Micro OfficeScan allows remote attackers to replay ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0204 (The Trend Micro OfficeScan client allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0203 (The Trend Micro OfficeScan client tmlisten.exe allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0199 (When a new SQL Server is registered in Enterprise Manager for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0198 (Buffer overflow in POP3 and IMAP servers in the MERCUR mail server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0197 (The Windows NT scheduler uses the drive mapping of the interactive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0190 (AOL Instant Messenger (AIM) client allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0188 (EZShopper 3.0 search.cgi CGI script allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0187 (EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0177 (DNSTools CGI applications allow remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0176 (The default configuration of Serv-U 2.5d and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0173 (Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0167 (IIS Inetinfo.exe allows local users to cause a denial of service by ...) NOT-FOR-US: Microsoft CVE-2000-0163 (asmon and ascpu in FreeBSD allow local users to gain root privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0160 (The Microsoft Active Setup ActiveX component in Internet Explorer 4.x ...) NOT-FOR-US: Microsoft CVE-2000-0158 (Buffer overflow in MMDF server allows remote attackers to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0155 (Windows NT Autorun executes the autorun.inf file on non-removable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0154 (The ARCserve agent in UnixWare allows local attackers to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0153 (FrontPage Personal Web Server (PWS) allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0151 (GNU make follows symlinks when it reads a Makefile from stdin, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0147 (snmpd in SCO OpenServer has an SNMP community string that is writable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0143 (The SSH protocol server sshd allows local users without shell access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0142 (The authentication protocol in Timbuktu Pro 2.0b650 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0138 (A system has a distributed denial of service (DDOS) attack master, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0137 (The CartIt shopping cart application allows remote users to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0136 (The Cart32 shopping cart application allows remote users to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0135 (The @Retail shopping cart application allows remote users to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0134 (The Check It Out shopping cart application allows remote users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0133 (Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0132 (Microsoft Java Virtual Machine allows remote attackers to read ...) NOT-FOR-US: Microsoft CVE-2000-0129 (Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0126 (Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote ...) NOT-FOR-US: Microsoft CVE-2000-0125 (wwwthreads does not properly cleanse numeric data or table names that ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0124 (surfCONTROL SuperScout does not properly asign a category to web sites ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0123 (The shopping cart application provided with Filemaker allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0122 (Frontpage Server Extensions allows remote attackers to determine the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0119 (The default configurations for McAfee Virus Scan and Norton Anti-Virus ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0118 (The Red Hat Linux su program does not log failed password guesses if ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0115 (IIS allows local users to cause a denial of service via invalid ...) NOT-FOR-US: Microsoft CVE-2000-0114 (Frontpage Server Extensions allows remote attackers to determine the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0110 (The WebSiteTool shopping cart application allows remote users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0109 (The mcsp Client Site Processor system (MultiCSP) in Standard and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0108 (The Intellivend shopping cart application allows remote users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0106 (The EasyCart shopping cart application allows remote users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0105 (Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers ...) NOT-FOR-US: Microsoft CVE-2000-0104 (The Shoptron shopping cart application allows remote users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0103 (The SmartCart shopping cart application allows remote users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0102 (The SalesCart shopping cart application allows remote users to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0101 (The Make-a-Store OrderPage shopping cart application allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0096 (Buffer overflow in qpopper 3.0 beta versions allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0093 (An installation of Red Hat uses DES password encryption with crypt() ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0086 (Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0085 (Hotmail does not properly filter JavaScript code from a user's ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0084 (CuteFTP uses weak encryption to store password information in its ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0082 (WebTV email client allows remote attackers to force the client to send ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0081 (Hotmail does not properly filter JavaScript code from a user's ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0079 (The W3C CERN httpd HTTP server allows remote attackers to determine ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0078 (The June 1999 version of the HP-UX aserver program allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0077 (The October 1998 version of the HP-UX aserver program allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0074 (PowerScripts PlusMail CGI program allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0071 (IIS 4.0 allows a remote attacker to obtain the real pathname of the ...) NOT-FOR-US: Microsoft CVE-2000-0069 (The recover program in Solstice Backup allows local users to restore ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0068 (daynad program in Intel InBusiness E-mail Station does not require ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0067 (CyberCash Merchant Connection Kit (MCK) allows local users to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0066 (WebSite Pro allows remote attackers to determine the real pathname of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0061 (Internet Explorer 5 does not modify the security zone for a document ...) NOT-FOR-US: Microsoft CVE-2000-0059 (PHP3 with safe_mode enabled does not properly filter shell ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0058 (Network HotSync program in Handspring Visor does not have ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0055 (Buffer overflow in Solaris chkperm command allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0054 (search.cgi in the SolutionScripts Home Free package allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0049 (Buffer overflow in Winamp client allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0047 (Buffer overflow in Yahoo Pager/Messenger client allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0046 (Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0038 (glFtpD includes a default glftpd user account with a default password ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0035 (resend command in Majordomo allows local users to gain privileges via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0028 (Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the ...) NOT-FOR-US: Microsoft CVE-2000-0021 (Lotus Domino HTTP server allows remote attackers to determine the real ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0019 (IMail POP3 daemon uses weak encryption, which allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0017 (Buffer overflow in Linux linuxconf package allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0016 (Buffer overflow in Internet Anywhere POP3 Mail Server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0008 (FTPPro allows local users to read sensitive information, which is ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0005 (HP-UX aserver program allows local users to gain privileges via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker diff --git a/data/CVE/2001.list b/data/CVE/2001.list index 242316514e..b375e73b72 100644 --- a/data/CVE/2001.list +++ b/data/CVE/2001.list @@ -358,191 +358,191 @@ CVE-2001-1415 (vi.recover in OpenBSD before 3.1 allows local users to remove ... CVE-2001-1414 (The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does ...) NOT-FOR-US: Solaris CVE-2001-1407 (Bugzilla before 2.14 allows Bugzilla users to bypass group security ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1406 (process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1391 (Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1386 (WFTPD 3.00 allows remote attackers to read arbitrary files by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1385 (The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1383 (initscript in setserial 2.17-4 and earlier uses predictable temporary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1382 (The "echo simulation" traffic analysis countermeasure in OpenSSH ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1380 (OpenSSH before 2.9.9, while using keypairs and multiple keys of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1378 (fetchmailconf in fetchmail before 5.7.4 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1375 (tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1374 (expect before 5.32 searches for its libraries in /var/tmp before other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1373 (MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1372 (Oracle 9i Application Server 1.0.2 allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1371 (The default configuration of Oracle Application Server 9iAS 1.0.2.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1370 (prepend.php3 in PHPLib before 7.2d, when register_globals is enabled ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1369 (Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1367 (The checkAccess function in PHPSlice 0.1.4, and all other versions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1359 (Volution clients 1.0.7 and earlier attempt to contact the computer ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1352 (Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1351 (Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1350 (Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1349 (Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1347 (Windows 2000 allows local users to cause a denial of service and ...) NOT-FOR-US: Microsoft CVE-2001-1345 (bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1342 (Apache before 1.3.20 on Windows and OS/2 systems allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1334 (Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1328 (Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1327 (pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1322 (xinetd 2.1.8 and earlier runs with a default umask of 0, which could ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1303 (The default configuration of SecuRemote for Check Point Firewall-1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1302 (The change password option in the Windows Security interface for ...) NOT-FOR-US: Microsoft CVE-2001-1301 (rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1299 (Zorbat Zorbstats PHP script before 0.9 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1297 (PHP remote file inclusion vulnerability in Actionpoll PHP script ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1296 (More.groupware PHP script allows remote attackers to include arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1295 (Directory traversal vulnerability in Cerberus FTP Server 1.5 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1291 (The telnet server for 3Com hardware such as PS40 SuperStack II does ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1279 (Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1277 (makewhatis in the man package before 1.5i2 allows an attacker in group ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1276 (ispell before 3.1.20 allows local users to overwrite files of other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1267 (Directory traversal vulnerability in GNU tar 1.13.19 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1266 (Directory traversal vulnerability in Doug Neal's HTTPD Daemon ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1252 (Network Associates PGP Keyserver 7.0 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1251 (SmallHTTP 1.204 through 3.00 beta 8 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1247 (PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1246 (PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1240 (The default configuration of sudo in Engarde Secure Linux 1.0.1 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1237 (Phormation PHP script 0.9.1 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1236 (myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1235 (pSlash PHP script 0.7 and earlier allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1234 (Bharat Mediratta Gallery PHP script before 1.2.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1231 (GroupWise 5.5 and 6 running in live remote or smart caching mode ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1227 (Zope before 2.2.4 allows partially trusted users to bypass security ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1215 (Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1203 (Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1201 (Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1200 (Microsoft Windows XP allows local users to bypass a locked screen and ...) NOT-FOR-US: Microsoft CVE-2001-1199 (Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1193 (Directory traversal vulnerability in EFTP 2.0.8.346 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1186 (Microsoft IIS 5.0 allows remote attackers to cause a denial of service ...) NOT-FOR-US: Microsoft CVE-2001-1185 (Some AIO operations in FreeBSD 4.4 may be delayed until after a call ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1183 (PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers ...) NOT-FOR-US: Cisco CVE-2001-1180 (FreeBSD 4.3 does not properly clear shared signal handlers when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1177 (ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1176 (Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1175 (vipw in the util-linux package before 2.10 causes /etc/shadow to be ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1174 (Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1172 (OmniSecure HTTProtect 1.1.1 allows a superuser without omnish ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1166 (linprocfs on FreeBSD 4.3 and earlier does not properly restrict access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1162 (Directory traversal vulnerability in the %m macro in the smb.conf ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1161 (Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1160 (udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1158 (Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1155 (TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1153 (lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1149 (Panda Antivirus Platinum before 6.23.00 allows a remore attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1147 (The PAM implementation in /bin/login of the util-linux package before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1146 (AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1145 (fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1144 (Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1141 (The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1132 (Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1130 (Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1121 (DEPRECATED. This entry has been deprecated. It is a duplicate of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1119 (cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1118 (A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1117 (LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1116 (Identix BioLogon 2.03 and earlier does not lock secondary displays on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1113 (Buffer overflow in TrollFTPD 1.26 and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1108 (Directory traversal vulnerability in SnapStream PVS 1.2a allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1106 (The default configuration of Sambar Server 5 and earlier uses a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1103 (FTP Voyager ActiveX control before 8.0, when it is marked as safe for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1100 (sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1099 (The default configuration of Norton AntiVirus for Microsoft Exchange ...) NOT-FOR-US: Norton CVE-2001-1098 (Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in ...) @@ -552,187 +552,187 @@ CVE-2001-1096 (Buffer overflows in muxatmd in AIX 4 allows an attacker to cause CVE-2001-1095 (Buffer overflow in uuq in AIX 4 could alllow local users to execute ...) NOT-FOR-US: AIX CVE-2001-1089 (libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1088 (Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, ...) NOT-FOR-US: Microsoft CVE-2001-1085 (Lmail 2.7 and earlier allows local users to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1084 (Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1083 (Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1081 (Format string vulnerabilities in Livingston/Lucent RADIUS before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1080 (diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable ...) NOT-FOR-US: AIX CVE-2001-1079 (create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates ...) NOT-FOR-US: AIX CVE-2001-1075 (poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1074 (Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1072 (Apache with mod_rewrite enabled on most UNIX systems allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1071 (Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) ...) NOT-FOR-US: Cisco CVE-2001-1069 (libCoolType library as used in Adobe Acrobat (acroread) on Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1067 (Buffer overflow in AOLserver 3.0 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1066 (ns6install installation script for Netscape 6.01 on Solaris, and other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1063 (Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1062 (Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1059 (VMWare creates a temporary file vmware-log.USERNAME with insecure ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1056 (IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1055 (The Microsoft Windows network stack allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-2001-1054 (PHPAdsNew PHP script allows remote attackers to include arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1053 (AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1049 (Phorecast PHP script before 0.40 allows remote attackers to include ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1048 (AWOL PHP script allows remote attackers to include arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1046 (Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1043 (ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1038 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote ...) NOT-FOR-US: Cisco CVE-2001-1037 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to ...) NOT-FOR-US: Cisco CVE-2001-1036 (GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1035 (Binary decoding feature of slrn 0.9 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1032 (admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1030 (Squid before 2.3STABLE5 in HTTP accelerator mode does not enable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1029 (libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1028 (Buffer overflow in ultimate_source function of man 1.5 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1027 (Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1022 (Format string vulnerability in pic utility in groff 1.16.1 and other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1020 (edit_image.php in Vibechild Directory Manager before 0.91 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1017 (rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1016 (PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1011 (index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1010 (Directory traversal vulnerability in pagecount CGI script in Sambar ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1008 (Java Plugin 1.4 for JRE 1.3 executes signed applets even if the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1002 (The default configuration of the DVI print filter (dvips) in Red Hat ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0998 (IBM HACMP 4.4 allows remote attackers to cause a denial of service via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0995 (PHProjekt before 2.4a allows remote attackers to perform actions as ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0993 (sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0987 (Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0982 (Directory traversal vulnerability in IBM Tivoli WebSEAL Policy ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0981 (HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0980 (docview before 1.0-15 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0978 (login in HP-UX 10.26 does not record failed login attempts in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0977 (slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0973 (BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0969 (ipfw in FreeBSD does not properly handle the use of "me" in its rules ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0965 (glFTPD 1.23 allows remote attackers to cause a denial of service (CPU ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0963 (Directory traversal vulnerability in SpoonFTP 1.1 allows local and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0962 (IBM WebSphere Application Server 3.02 through 3.53 uses predictable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0961 (Buffer overflow in tab expansion capability of the most program allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0960 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0959 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0954 (Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0951 (Windows 2000 allows remote attackers to cause a denial of service (CPU ...) NOT-FOR-US: Microsoft CVE-2001-0946 (apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0940 (Buffer overflow in the GUI authentication code of Check Point ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0939 (Lotus Domino 5.08 and earlier allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0936 (Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0929 (Cisco IOS Firewall Feature set, aka Context Based Access Control ...) NOT-FOR-US: Cisco CVE-2001-0921 (Netscape 4.79 and earlier for MacOS allows an attacker with access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0920 (Format string vulnerability in auto nice daemon (AND) 1.0.4 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0918 (Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0917 (Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0914 (Linux kernel before 2.4.11pre3 in multiple Linux distributions allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0912 (Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0909 (Buffer overflow in helpctr.exe program in Microsoft Help Center for ...) NOT-FOR-US: Microsoft CVE-2001-0907 (Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0906 (teTeX filter before 1.0.7 allows local users to gain privileges via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0905 (Race condition in signal handling of procmail 3.20 and earlier, when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0902 (Microsoft IIS 5.0 allows remote attackers to spoof web log entries via ...) NOT-FOR-US: Microsoft CVE-2001-0901 (Hypermail allows remote attackers to execute arbitrary commands on a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0900 (Directory traversal vulnerability in modules.php in Gallery before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0899 (Network Tools 0.2 for PHP-Nuke allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0896 (Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0895 (Multiple Cisco networking products allow remote attackers to cause a ...) NOT-FOR-US: Cisco CVE-2001-0894 (Vulnerability in Postfix SMTP server before 20010228-pl07, when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0891 (Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0889 (Exim 3.22 and earlier, in some configurations, does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0888 (Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0887 (xSANE 0.81 and earlier allows local users to modify files of other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0886 (Buffer overflow in glob function of glibc allows attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0884 (Cross-site scripting vulnerability in Mailman email archiver before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0879 (Format string vulnerability in the C runtime functions in SQL Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0877 (Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows ...) NOT-FOR-US: Microsoft CVE-2001-0876 (Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ...) @@ -742,11 +742,11 @@ CVE-2001-0875 (Internet Explorer 5.5 and 6.0 allows remote attackers to cause th CVE-2001-0874 (Internet Explorer 5.5 and 6.0 allow remote attackers to read certain ...) NOT-FOR-US: Microsoft CVE-2001-0873 (uuxqt in Taylor UUCP package does not properly remove dangerous long ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0872 (OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0869 (Format string vulnerability in the default logging callback function ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0867 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not ...) NOT-FOR-US: Cisco CVE-2001-0866 (Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not ...) @@ -764,81 +764,81 @@ CVE-2001-0861 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and ea CVE-2001-0860 (Terminal Services Manager MMC in Windows 2000 and XP trusts the Client ...) NOT-FOR-US: Microsoft CVE-2001-0859 (2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0857 (Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0852 (TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0851 (Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0850 (A configuration error in the libdb1 package in OpenLinux 3.1 uses ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0846 (Lotus Domino 5.x allows remote attackers to read files or execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0843 (Squid proxy server 2.4 and earlier allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0837 (DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0836 (Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0834 (htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0833 (Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0830 (6tunnel 0.08 and earlier does not properly close sockets that were ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0828 (A cross-site scripting vulnerability in Caucho Technology Resin before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0825 (Buffer overflow in internal string handling routines of xinetd before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0823 (The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0822 (FPF kernel module 1.0 allows a remote attacker to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0819 (A buffer overflow in Linux fetchmail before 5.8.6 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0816 (OpenSSH before 2.9.9, when running sftp using sftp-server and using ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0815 (Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0806 (Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0805 (Directory traversal vulnerability in ttawebtop.cgi in Tarantella ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0804 (Directory traversal vulnerability in story.pl in Interactive Story 1.3 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0803 (Buffer overflow in the client connection routine of libDtSvc.so.1 in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0801 (lpstat in IRIX 6.5.13f and earlier allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0797 (Buffer overflow in login in various System V based operating systems ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0796 (SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0792 (Format string vulnerability in XChat 1.2.x allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0787 (LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0784 (Directory traversal vulnerability in Icecast 1.3.10 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0779 (Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0774 (Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0773 (Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0770 (Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0769 (Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0765 (BisonFTP V4R1 allows local users to access directories outside of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0764 (Buffer overflow in ntping in scotty 2.1.0 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0763 (Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0760 (Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0757 (Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC ...) NOT-FOR-US: Cisco CVE-2001-0754 (Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial ...) @@ -850,27 +850,27 @@ CVE-2001-0751 (Cisco switches and routers running CBOS 2.3.8 and earlier use ... CVE-2001-0750 (Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial ...) NOT-FOR-US: Cisco CVE-2001-0749 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0748 (Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other ...) NOT-FOR-US: Cisco CVE-2001-0745 (Netscape 4.7x allows remote attackers to obtain sensitive information ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0741 (Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to ...) NOT-FOR-US: Cisco CVE-2001-0740 (3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0739 (Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0738 (LogLine function in klogd in sysklogd 1.3 in various Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0733 (The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0731 (Apache 1.3.20 with Multiviews enabled allows remote attackers to view ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0730 (split-logfile in Apache 1.3.20 allows remote attackers to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0728 (Buffer overflow in Compaq Management Agents before 5.2, included in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0727 (Internet Explorer 6.0 allows remote attackers to execute arbitrary ...) NOT-FOR-US: Microsoft CVE-2001-0726 (Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used ...) @@ -888,47 +888,47 @@ CVE-2001-0719 (Buffer overflow in Microsoft Windows Media Player 6.4 allows remo CVE-2001-0718 (Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) ...) NOT-FOR-US: Microsoft CVE-2001-0717 (Format string vulnerability in ToolTalk database server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0716 (Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0710 (NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0706 (Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0701 (Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0700 (Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0699 (Buffer overflow in cb_reset in the System Service Processor (SSP) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0698 (Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0697 (NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0696 (NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0692 (SMTP proxy in WatchGuard Firebox (2500 and 4500) 4.5 and 4.6 allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0690 (Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0686 (Buffer overflow in mail included with SunOS 5.8 for x86 allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0685 (Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0682 (ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0680 (Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0677 (Eudora 5.0.2 allows a remote attacker to read arbitrary files via an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0676 (Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0675 (Rit Research Labs The Bat! 1.51 for Windows allows a remote attacker ...) NOT-FOR-US: Microsoft CVE-2001-0670 (Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0668 (Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0667 (Internet Explorer 6 and earlier, when used with the Telnet client in ...) NOT-FOR-US: Microsoft CVE-2001-0666 (Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an ...) @@ -944,103 +944,103 @@ CVE-2001-0662 (RPC endpoint mapper in Windows NT 4.0 allows remote attackers to CVE-2001-0660 (Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, ...) NOT-FOR-US: Microsoft CVE-2001-0659 (Buffer overflow in IrDA driver providing infrared data exchange on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0658 (Cross-site scripting (CSS) vulnerability in Microsoft Internet ...) NOT-FOR-US: Microsoft CVE-2001-0653 (Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0652 (Heap overflow in xlock in Solaris 2.6 through 8 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0650 (Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a ...) NOT-FOR-US: Cisco CVE-2001-0648 (Directory traversal vulnerability in PHProjekt 2.1 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0646 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0644 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0643 (Internet Explorer 5.5 does not display the Class ID (CLSID) when it is ...) NOT-FOR-US: Microsoft CVE-2001-0641 (Buffer overflow in man program in various distributions of Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0635 (Red Hat Linux 7.1 sets insecure permissions on swap files created ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0634 (Sun Chili!Soft ASP has weak permissions on various configuration ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0631 (Centrinity First Class Internet Services 5.50 allows for the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0630 (Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0629 (HP Event Correlation Service (ecsd) as included with OpenView Network Node ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0628 (Microsoft Word 2000 does not check AutoRecovery (.asd) files for ...) NOT-FOR-US: Microsoft CVE-2001-0627 (vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0626 (O'Reilly Website Professional 2.5.4 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0625 (ftpdownload in Computer Associates InoculateIT 6.0 allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0622 (The web management service on Cisco Content Service series 11000 ...) NOT-FOR-US: Cisco CVE-2001-0621 (The FTP server on Cisco Content Service 11000 series switches (CSS) ...) NOT-FOR-US: Cisco CVE-2001-0616 (Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0615 (Directory traversal vulnerability in Faust Informatics Freestyle Chat ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0613 (Omnicron Technologies OmniHTTPD Professional 2.08 and earlier allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0612 (McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0611 (Becky! 2.00.05 and earlier can allow a remote attacker to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0596 (Netscape Communicator before 4.77 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0595 (Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0594 (kcms_configure as included with Solaris 7 and 8 allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0593 (Ananconda Partners Clipper 3.3 and earlier allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0591 (Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0590 (Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0589 (NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0586 (TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0585 (Gordano NTMail 6.0.3c allows a remote attacker to create a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0574 (Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0573 (lsfs in AIX 4.x allows a local user to gain additional privileges by ...) NOT-FOR-US: AIX CVE-2001-0567 (Digital Creations Zope 2.3.2 and earlier allows a local attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0565 (Buffer overflow in mailx in Solaris 8 and earlier allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0564 (APC Web/SNMP Management Card prior to Firmware 310 only supports one ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0563 (ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0560 (Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0559 (crontab in Vixie cron 3.0.1 and earlier does not properly drop ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0558 (T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0554 (Buffer overflow in BSD-based telnetd telnet daemon on various ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0553 (SSH Secure Shell 3.0.0 on Unix systems does not properly perform ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0550 (wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0549 (Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0548 (Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0547 (Memory leak in the proxy service in Microsoft Internet Security and ...) NOT-FOR-US: Microsoft CVE-2001-0546 (Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security ...) @@ -1062,27 +1062,27 @@ CVE-2001-0537 (HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass CVE-2001-0533 (Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows ...) NOT-FOR-US: AIX CVE-2001-0530 (Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0529 (OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0528 (Oracle E-Business Suite Release 11i Applications Desktop Integrator ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0527 (DCScripts DCForum versions 2000 and earlier allow a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0526 (Buffer overflow in the Xview library as used by mailtool in Solaris 8 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0525 (Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0522 (Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0518 (Oracle listener before Oracle 9i allows attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0517 (Oracle listener in Oracle 8i on Solaris allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0514 (SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0513 (Oracle listener process on Windows NT redirects connection requests to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0508 (Vulnerability in IIS 5.0 allows remote attackers to cause a denial of ...) NOT-FOR-US: Microsoft CVE-2001-0507 (IIS 5.0 uses relative paths to find system files that will run ...) @@ -1098,67 +1098,67 @@ CVE-2001-0502 (Running Windows 2000 LDAP Server over SSL, a function does not .. CVE-2001-0501 (Microsoft Word 2002 and earlier allows attackers to automatically ...) NOT-FOR-US: Microsoft CVE-2001-0500 (Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0497 (dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0495 (Directory traversal in DataWizard WebXQ server 1.204 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0494 (Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0493 (Small HTTP server 2.03 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0489 (Format string vulnerability in gftp prior to 2.0.8 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0488 (pcltotiff in HP-UX 10.x has unnecessary set group id permissions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0487 (AIX SNMP server snmpd allows remote attackers to cause a denial of ...) NOT-FOR-US: AIX CVE-2001-0486 (Remote attackers can cause a denial of service in Novell BorderManager ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0485 (Unknown vulnerability in netprint in IRIX 6.2, and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0482 (Configuration error in Argus PitBull LX allows root users to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0481 (Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0475 (index.php in Jelsoft vBulletin does not properly initialize a PHP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0474 (Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0473 (Format string vulnerability in Mutt before 1.2.5 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0469 (rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0467 (Directory traversal vulnerability in RobTex Viking Web server before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0465 (TurboTax saves passwords in a temporary file when a user imports ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0463 (Directory traversal vulnerability in cal_make.pl in PerlCal allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0462 (Directory traversal vulnerability in Perl web server 0.3 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0461 (template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0457 (man2html before 1.5-22 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0456 (postinst installation script for Proftpd in Debian 2.2 does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0455 (Cisco Aironet 340 Series wireless bridge before 8.55 does not properly ...) NOT-FOR-US: Cisco CVE-2001-0449 (Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0444 (Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") ...) NOT-FOR-US: Cisco CVE-2001-0442 (Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0440 (Buffer overflow in logging functions of licq before 1.0.3 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0439 (licq before 1.0.3 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0434 (The LogDataListToFile ActiveX function used in (1) Knowledge Center ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0430 (Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0429 (Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an ...) NOT-FOR-US: Cisco CVE-2001-0428 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote ...) @@ -1166,61 +1166,61 @@ CVE-2001-0428 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote CVE-2001-0427 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote ...) NOT-FOR-US: Cisco CVE-2001-0423 (Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0422 (Buffer overflow in Xsun in Solaris 8 and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0416 (sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0414 (Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0413 (BinTec X4000 Access router, and possibly other versions, allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0412 (Cisco Content Services (CSS) switch products 11800 and earlier, aka ...) NOT-FOR-US: Cisco CVE-2001-0409 (vim (aka gvim) allows local users to modify files being edited by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0408 (vim (aka gvim) processes VIM control codes that are embedded in a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0407 (Directory traversal vulnerability in MySQL before 3.23.36 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0405 (ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0402 (IPFilter 3.4.16 and earlier does not include sufficient session ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0394 (Remote manager service in Website Pro 3.0.37 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0388 (time server daemon timed allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0387 (Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0386 (AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0383 (banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0379 (Vulnerability in the newgrp program included with HP9000 servers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0378 (readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0377 (Infradig Inframail prior to 3.98a allows a remote attacker to create a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0375 (Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa ...) NOT-FOR-US: Cisco CVE-2001-0373 (The default configuration of the Dr. Watson program in Windows NT and ...) NOT-FOR-US: Microsoft CVE-2001-0371 (Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0368 (Directory traversal vulnerability in BearShare 2.2.2 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0366 (saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0365 (Eudora before 5.1 allows a remote attacker to execute arbitrary code, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0364 (SSH Communications Security sshd 2.4 for Windows allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0361 (Implementations of SSH version 1.5, including (1) OpenSSH up to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0353 (Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0351 (Microsoft Windows 2000 telnet service allows a local user to make a ...) NOT-FOR-US: Microsoft CVE-2001-0348 (Microsoft Windows 2000 telnet service allows attackers to cause a ...) @@ -1236,7 +1236,7 @@ CVE-2001-0344 (An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 usi CVE-2001-0341 (Buffer overflow in Microsoft Visual Studio RAD Support sub-component ...) NOT-FOR-US: Microsoft CVE-2001-0340 (An interaction between the Outlook Web Access (OWA) service in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0339 (Internet Explorer 5.5 and earlier allows remote attackers to display a ...) NOT-FOR-US: Microsoft CVE-2001-0338 (Internet Explorer 5.5 and earlier does not properly validate digital ...) @@ -1250,71 +1250,71 @@ CVE-2001-0334 (FTP service in IIS 5.0 and earlier allows remote attackers to cau CVE-2001-0333 (Directory traversal vulnerability in IIS 5.0 and earlier allows remote ...) NOT-FOR-US: Microsoft CVE-2001-0331 (Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0330 (Bugzilla 2.10 allows remote attackers to access sensitive information, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0327 (iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0326 (Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0321 (opendir.php script in PHP-Nuke allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0319 (orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0318 (Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0317 (Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0316 (Linux kernel 2.4 and 2.2 allows local users to read kernel memory and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0311 (Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0310 (sort in FreeBSD 4.1.1 and earlier, and possibly other operating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0309 (inetd in Red Hat 6.2 does not properly close sockets for internal ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0301 (Buffer overflow in Analog before 4.16 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0299 (Buffer overflow in Voyager web administration server for Nokia IP440 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0295 (Directory traversal vulnerability in War FTP 1.67.04 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0290 (Vulnerability in Mailman 2.0.1 and earlier allows list administrators ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0289 (Joe text editor 2.8 searches the current working directory (CWD) for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0288 (Cisco switches and routers running IOS 12.1 and earlier produce ...) NOT-FOR-US: Cisco CVE-2001-0287 (VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0284 (Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0280 (Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0279 (Buffer overflow in sudo earlier than 1.6.3p6 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0278 (Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0276 (ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0274 (kicq IRC client 1.0.0, and possibly later versions, allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0269 (pam_ldap authentication module in Solaris 8 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0268 (The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0267 (NM debug in HP MPE/iX 6.5 and earlier does not properly handle ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0266 (Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0265 (ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0260 (Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0259 (ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0252 (iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0245 (Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in ...) NOT-FOR-US: Microsoft CVE-2001-0244 (Buffer overflow in Microsoft Index Server 2.0 allows remote attackers ...) @@ -1332,87 +1332,87 @@ CVE-2001-0238 (Microsoft Data Access Component Internet Publishing Provider ...) CVE-2001-0237 (Memory leak in Microsoft 2000 domain controller allows remote ...) NOT-FOR-US: Microsoft CVE-2001-0236 (Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0235 (Vulnerability in crontab allows local users to read crontab files of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0234 (NewsDaemon before 0.21b allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0233 (Buffer overflow in micq client 0.4.6 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0230 (Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0222 (webmin 0.84 and earlier allows local users to overwrite and create ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0221 (Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0219 (Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0218 (Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0215 (ROADS search.pl program allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0207 (Buffer overflow in bing allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0204 (Watchguard Firebox II allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0203 (Watchguard Firebox II firewall allows users with read-only access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0197 (Format string vulnerability in print_client in icecast 1.3.8beta2 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0196 (inetd ident server in FreeBSD 4.x and earlier does not properly set ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0195 (sash before 3.4-4 in Debian GNU/Linux does not properly clone ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0194 (Buffer overflow in httpGets function in CUPS 1.1.5 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0193 (Format string vulnerability in man in some Linux distributions allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0191 (gnuserv before 3.12, as shipped with XEmacs, does not properly check ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0190 (Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0189 (Directory traversal vulnerability in LocalWEB2000 HTTP server allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0187 (Format string vulnerability in wu-ftp 2.6.1 and earlier, when running ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0185 (Netopia R9100 router version 4.6 allows authenticated users to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0183 (ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0182 (FireWall-1 4.1 with a limited-IP license allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0179 (Allaire JRun 3.0 allows remote attackers to list contents of the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0178 (kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0176 (The setuid doroot program in Voyant Sonata 3.x executes arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0175 (The caching module in Netscape Fasttrack Server 4.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0174 (Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0170 (glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0169 (When using the LD_PRELOAD environmental variable in SUID or SGID ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0166 (Macromedia Shockwave Flash plugin version 8 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0165 (Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0164 (Buffer overflow in Netscape Directory Server 4.12 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0157 (Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0156 (VShell SSH gateway 1.0.1 and earlier has a default port forwarding ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0155 (Format string vulnerability in VShell SSH gateway 1.0.1 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0154 (HTML e-mail feature in Internet Explorer 5.5 and earlier allows ...) NOT-FOR-US: Microsoft CVE-2001-0153 (Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0152 (The password protection option for the Compressed Folders feature in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0151 (IIS 5.0 allows remote attackers to cause a denial of service via a ...) NOT-FOR-US: Microsoft CVE-2001-0150 (Internet Explorer 5.5 and earlier executes Telnet sessions using ...) @@ -1424,75 +1424,75 @@ CVE-2001-0148 (The WMP ActiveX Control in Windows Media Player 7 allows remote . CVE-2001-0147 (Buffer overflow in Windows 2000 event viewer snap-in allows attackers ...) NOT-FOR-US: Microsoft CVE-2001-0144 (CORE SDI SSH1 CRC-32 compensation attack detector allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0143 (vpop3d program in linuxconf 1.23r and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0142 (squid 2.3 and earlier allows local users to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0141 (mgetty 1.1.22 allows local users to overwrite arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0140 (arpwatch 2.1a4 allows local users to overwrite arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0139 (inn 2.2.3 allows local users to overwrite arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0138 (privatepw program in wu-ftpd before 2.6.1-6 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0137 (Windows Media Player 7 allows remote attackers to execute malicious ...) NOT-FOR-US: Microsoft CVE-2001-0136 (Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0130 (Buffer overflow in HTML parser of the Lotus R5 Domino Server before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0129 (Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0128 (Zope before 2.2.4 does not properly compute local roles, which could ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0126 (Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0125 (exmh 2.2 and earlier allows local users to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0124 (Buffer overflow in exrecover in Solaris 2.6 and earlier possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0123 (Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0122 (Kernel leak in AfpaCache module of the Fast Response Cache Accelerator ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0121 (ImageCast Control Center 4.1.0 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0120 (useradd program in shadow-utils program may allow local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0119 (getty_ps 2.0.7j allows local users to overwrite arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0118 (rdist 6.1.5 allows local users to overwrite arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0117 (sdiff 2.7 in the diffutils package allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0116 (gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0115 (Buffer overflow in arp command in Solaris 7 and earlier allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0111 (Format string vulnerability in splitvt before 1.6.5 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0110 (Buffer overflow in jaZip Zip/Jaz drive manager allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0109 (rctab in SuSE 7.0 and earlier allows local users to create or overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0108 (PHP Apache module 4.0.4 and earlier allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0106 (Vulnerability in inetd server in HP-UX 11.04 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0105 (Vulnerability in top in HP-UX 11.04 and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0100 (bslist.cgi mailing list script allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0099 (bsguest.cgi guestbook script allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0096 (FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote ...) NOT-FOR-US: Microsoft CVE-2001-0095 (catman in Solaris 2.7 and 2.8 allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0094 (Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0092 (A function in Internet Explorer 5.0 through 5.5 does not properly ...) NOT-FOR-US: Microsoft CVE-2001-0091 (The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 ...) @@ -1502,35 +1502,35 @@ CVE-2001-0090 (The Print Templates feature in Internet Explorer 5.5 executes ... CVE-2001-0089 (Internet Explorer 5.0 through 5.5 allows remote attackers to read ...) NOT-FOR-US: Microsoft CVE-2001-0085 (Buffer overflow in Kermit communications software in HP-UX 11.0 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0083 (Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 ...) NOT-FOR-US: Microsoft CVE-2001-0081 (swinit in nCipher does not properly disable the Operator Card Set ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0080 (Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to ...) NOT-FOR-US: Cisco CVE-2001-0078 (in.mond in Sun Cluster 2.x allows local users to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0077 (The clustmon service in Sun Cluster 2.x does not require ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0072 (gpg (aka GnuPG) 1.0.4 and other versions imports both public and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0071 (gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0069 (dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0066 (Secure Locate (slocate) allows local users to corrupt memory via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0063 (procfs in FreeBSD and possibly other operating systems allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0062 (procfs in FreeBSD and possibly other operating systems allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0061 (procfs in FreeBSD and possibly other operating systems does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0060 (Format string vulnerability in stunnel 3.8 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0059 (patchadd in Solaris allows local users to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0058 (The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier ...) NOT-FOR-US: Cisco CVE-2001-0057 (Cisco 600 routers running CBOS 2.4.1 and earlier allow remote ...) @@ -1540,35 +1540,35 @@ CVE-2001-0056 (The Cisco Web Management interface in routers running CBOS 2.4.1 CVE-2001-0055 (CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to ...) NOT-FOR-US: Cisco CVE-2001-0054 (Directory traversal vulnerability in FTP Serv-U before 2.5i allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0053 (One-byte buffer overflow in replydirname function in BSD-based ftpd ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0050 (Buffer overflow in BitchX IRC client allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0043 (phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0042 (PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0041 (Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches ...) NOT-FOR-US: Cisco CVE-2001-0040 (APC UPS daemon, apcupsd, saves its process ID in a world-writable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0039 (IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0036 (KTH Kerberos IV allows local users to overwrite arbitrary files via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0035 (Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0034 (KTH Kerberos IV allows local users to specify an alternate proxy using ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0033 (KTH Kerberos IV allows local users to change the configuration of a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0028 (Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0026 (rp-pppoe PPPoE client allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0021 (MailMan Webmail 3.0.25 and earlier allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0020 (Directory traversal vulnerability in Arrowpoint (aka Cisco Content ...) NOT-FOR-US: Cisco CVE-2001-0018 (Windows 2000 domain controller in Windows 2000 Server, Advanced ...) @@ -1576,29 +1576,29 @@ CVE-2001-0018 (Windows 2000 domain controller in Windows 2000 Server, Advanced . CVE-2001-0017 (Memory leak in PPTP server in Windows NT 4.0 allows remote attackers ...) NOT-FOR-US: Microsoft CVE-2001-0016 (NTLM Security Support Provider (NTLMSSP) service does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0015 (Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users ...) NOT-FOR-US: Microsoft CVE-2001-0014 (Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not ...) NOT-FOR-US: Microsoft CVE-2001-0013 (Format string vulnerability in nslookupComplain function in BIND 4 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0012 (BIND 4 and BIND 8 allow remote attackers to access sensitive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0011 (Buffer overflow in nslookupComplain function in BIND 4 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0010 (Buffer overflow in transaction signature (TSIG) handling code in BIND ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0009 (Directory traversal vulnerability in Lotus Domino 5.0.5 web server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0008 (Backdoor account in Interbase database server allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0007 (Buffer overflow in NetScreen Firewall WebUI allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0006 (The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has ...) NOT-FOR-US: Microsoft CVE-2001-0005 (Buffer overflow in the parsing mechanism of the file loader in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0004 (IIS 5.0 and 4.0 allows remote attackers to read the source code for ...) NOT-FOR-US: Microsoft CVE-2001-0003 (Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and ...) @@ -1606,7 +1606,7 @@ CVE-2001-0003 (Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, CVE-2001-0002 (Internet Explorer 5.5 and earlier allows remote attackers to obtain ...) NOT-FOR-US: Microsoft CVE-2001-0001 (cookiedecode function in PHP-Nuke 4.4 allows users to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1413 (Stack-based buffer overflow in the comprexx function for ncompress ...) NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge NOTE: discussion at: @@ -1614,473 +1614,473 @@ CVE-2001-1413 (Stack-based buffer overflow in the comprexx function for ncompres NOTE: listed sarge version contains a fix like the patch from Gentoo - ncompress 4.2.4-15 CVE-2001-1412 (nidump on MacOS X before 10.3 allows local users to read the encrypted ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1411 (Format string vulnerability in gm4 (aka m4) on Mac OS X may allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1410 (Internet Explorer 6 and earlier allows remote attackers to create ...) NOT-FOR-US: Microsoft CVE-2001-1409 (dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1408 (Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1405 (Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1404 (Bugzilla before 2.14 stores user passwords in plaintext and sends ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1403 (Bugzilla before 2.14 includes the username and password in URLs, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1402 (Bugzilla before 2.14 does not properly escape untrusted parameters, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1401 (Bugzilla before 2.14 does not properly restrict access to confidential ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1400 (Unknown vulnerabilities in the UDP port allocation for Linux kernel ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1399 (Certain operations in Linux kernel before 2.2.19 on the x86 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1398 (Masquerading code for Linux kernel before 2.2.19 does not fully check ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1397 (The System V (SYS5) shared memory implementation for Linux kernel ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1396 (Unknown vulnerabilities in strnlen_user for Linux kernel before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1395 (Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1394 (Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1393 (Unknown vulnerability in classifier code for Linux kernel before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1392 (The Linux kernel before 2.2.19 does not have unregister calls for (1) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1390 (Unknown vulnerability in binfmt_misc in the Linux kernel before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1389 (Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1388 (iptables before 1.2.4 does not accurately convert rate limits that are ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1387 (iptables-save in iptables before 1.2.4 records the "--reject-with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1384 (ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1379 (The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1377 (Multiple RADIUS implementations do not properly validate the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1376 (Buffer overflow in digest calculation function of multiple RADIUS ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1368 (Vulnerability in iPlanet Web Server 4 included in Virtualvault ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1366 (netscript before 1.6.3 parses dynamic variables, which could allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1365 (Vulnerability in IntraGnat before 1.4. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1364 (Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1363 (Vulnerability in phpWebSite before 0.7.9 related to running multiple ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1362 (Vulnerability in the server for nPULSE before 0.53p4. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1361 (Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1360 (Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1358 (Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1357 (Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1356 (NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1355 (Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1354 (NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1353 (ghostscript before 6.51 allows local users to read and write arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1348 (TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1346 (Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1344 (WSSecurity.pl in WebStore allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1343 (ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1341 (The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1340 (Beck GmbH IPC@Chip TelnetD service supports only one connection and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1339 (Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1338 (Beck IPC GmbH IPC@CHIP TelnetD server generates different responses ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1337 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1336 (CesarFTP 0.98b and earlier stores usernames and passwords in plaintext ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1335 (Directory traversal vulnerability in CesarFTP 0.98b and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1333 (Linux CUPS before 1.1.6 does not securely handle temporary files, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1332 (Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1331 (mandb in the man-db package before 2.3.16-3 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1330 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...) NOT-FOR-US: AIX CVE-2001-1329 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...) NOT-FOR-US: AIX CVE-2001-1326 (Eudora 5.1 allows remote attackers to execute arbitrary code when the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1325 (Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow ...) NOT-FOR-US: Microsoft CVE-2001-1324 (cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1323 (Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1321 (Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1320 (Network Associates PGP Keyserver 7.0 allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1319 (Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial ...) NOT-FOR-US: Microsoft CVE-2001-1318 (Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1317 (Teamware Office Enterprise Directory allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1316 (Buffer overflows in Teamware Office Enterprise Directory allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1315 (Critical Path (1) InJoin Directory Server or (2) LiveContent Directory ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1314 (Buffer overflows in Critical Path (1) InJoin Directory Server or (2) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1313 (Lotus Domino R5 before R5.0.7a allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1312 (Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1311 (Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1310 (IBM SecureWay 3.2.1 allow remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1309 (Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1308 (Format string vulnerabilities in iPlanet Directory Server 4.1.4 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1307 (Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1306 (iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1305 (ICQ 2001a Alpha and earlier allows remote attackers to automatically ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1304 (Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1300 (Directory traversal vulnerability in Dynu FTP server 1.05 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1298 (Webodex PHP script 1.0 and earlier allows remote attackers to include ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1294 (Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1293 (Buffer overflow in web server of 3com HomeConnect Cable Modem External ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1292 (Sambar Telnet Proxy/Server allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1290 (admin.cgi in Active Classifieds Free Edition 1.0, and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1289 (Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1288 (Windows 2000 and Windows NT allows local users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1287 (Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1286 (Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1285 (Directory traversal vulnerability in readmail.cgi for Ipswitch IMail ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1284 (Ipswitch IMail 7.04 and earlier uses predictable session IDs for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1283 (The webmail interface for Ipswitch IMail 7.04 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1282 (Ipswitch IMail 7.04 and earlier records the physical path of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1281 (Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1280 (POP3 Server for Ipswitch IMail 7.04 and earlier generates different ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1278 (Zope before 2.2.4 allows partially trusted users to bypass security ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1275 (MySQL before 3.23.31 allows users with a MySQL account to use the SHOW ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1274 (Buffer overflow in MySQL before 3.23.31 allows attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1273 (The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1272 (wmtv 0.6.5 and earlier does not properly drop privileges, which allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1271 (Directory traversal vulnerability in rar 2.02 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1270 (Directory traversal vulnerability in the console version of PKZip ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1269 (Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1268 (Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1265 (Directory traversal vulnerability in IBM alphaWorks Java TFTP server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1264 (Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1263 (telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1262 (Avaya Argent Office 2.1 compares a user-provided SNMP community string ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1261 (Avaya Argent Office 2.1 may allow remote attackers to change hold ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1260 (Avaya Argent Office uses weak encryption (trivial encoding) for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1259 (Avaya Argent Office allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1258 (Horde Internet Messaging Program (IMP) before 2.2.6 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1257 (Cross-site scripting vulnerability in Horde Internet Messaging Program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1256 (kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1255 (WinMySQLadmin 1.1 stores the MySQL password in plain text in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1254 (Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1253 (Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1250 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1249 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1248 (vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1245 (Opera 5.0 for Linux does not properly handle malformed HTTP headers, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1244 (Multiple TCP implementations could allow remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1243 (Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 ...) NOT-FOR-US: Microsoft CVE-2001-1242 (Directory traversal vulnerability in Un-CGI 1.9 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1241 (Un-CGI 1.9 and earlier does not verify that a CGI script has the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1239 (PowerNet IX allows remote attackers to cause a denial of service via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1238 (Task Manager in Windows 2000 does not allow local users to end ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1233 (Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1232 (GroupWise WebAccess 5.5 with directory indexing enabled allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1230 (Buffer overflows in Icecast before 1.3.10 allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1229 (Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1228 (Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1226 (AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1225 (Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1224 (get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1223 (The web administration server for ELSA Lancom 1100 Office does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1222 (Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1221 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1220 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1219 (Microsoft Internet Explorer 6.0 and earlier allows malicious website ...) NOT-FOR-US: Microsoft CVE-2001-1218 (Microsoft Internet Explorer for Unix 5.0SP1 allows local users to ...) NOT-FOR-US: Microsoft CVE-2001-1217 (Directory traversal vulnerability in PL/SQL Apache module in Oracle ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1216 (Buffer overflow in PL/SQL Apache module in Oracle 9i Application ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1214 (manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1213 (The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1212 (Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1211 (Ipswitch IMail 7.0.4 and earlier allows attackers with administrator ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1210 (Cisco ubr900 series routers that conform to the Data-over-Cable ...) NOT-FOR-US: Cisco CVE-2001-1209 (Directory traversal vulnerability in zml.cgi allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1208 (Format string vulnerability in DayDream BBS allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1207 (Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1206 (Matrix CGI vault Last Lines 2.0 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1205 (Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1204 (Directory traversal vulnerability in phprocketaddin in Total PC ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1202 (Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1198 (RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1197 (klprfax_filter in KDE2 KDEUtils allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1196 (Directory traversal vulnerability in edit_action.cgi of Webmin ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1195 (Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1194 (Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1192 (Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1191 (WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1190 (The default PAM files included with passwd in Mandrake Linux 8.1 do ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1189 (IBM Websphere Application Server 3.5.3 and earlier stores a password ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1188 (mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1187 (csvform.pl 0.1 allows remote attackers to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1184 (wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1182 (Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1181 (Dynamically Loadable Kernel Module (dlkm) static kernel symbol table ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1179 (xman allows local users to gain privileges by modifying the MANPATH to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1178 (Buffer overflow in xman allows local users to gain privileges via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1173 (Vulnerability in MasqMail before 0.1.15 allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1171 (Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1170 (AmTote International homebet program stores the homebet.log file in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1169 (keyinit in S/Key does not require authentication to initialize a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1168 (Directory traversal vulnerability in index.php in PhpMyExplorer before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1167 REJECTED CVE-2001-1165 (Intego FileGuard 4.0 uses weak encryption to store user information ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1164 (Buffer overflow in uucp utilities in UnixWare 7 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1163 (Buffer overflow in Munica Corporation NetSQL 1.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1159 (load_prefs.php and supporting include files in SquirrelMail 1.0.4 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1157 (Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1156 (TYPSoft FTP 0.95 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1154 (Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1152 (Baltimore Technologies WEBsweeper 4.02, when used to manage URL ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1151 (Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1150 (Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1148 (Multiple buffer overflows in programs used by scoadmin and sysadmsh in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1143 (IBM DB2 7.0 allows a remote attacker to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1142 (ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1140 (BadBlue Personal Edition v1.02 beta allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1139 (Directory traversal vulnerability in ASCII NT WinWrapper Professional ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1138 (Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1137 (D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1136 (The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1135 (ZyXEL Prestige 642R and 642R-I routers do not filter the routers' ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1134 (Xerox DocuPrint N40 Printers allow remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1133 (Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1131 (Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1129 (Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1128 (Buffer overflow in Progress database 8.3D and 9.1C allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1127 (Buffer overflow in Progress database 8.3D and 9.1C could allow a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1126 (Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1125 (Symantec LiveUpdate before 1.6 does not use cryptography to ensure the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1124 (rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1123 (Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1122 (Windows NT 4.0 SP 6a allows a local user with write access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1120 (Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1115 (generate.cgi in SIX-webboard 2.01 and before allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1114 (book.cgi in NetCode NC Book 0.2b allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1112 (Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1111 (EFTP 2.0.7.337 stores user passwords in plaintext in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1110 (EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1109 (Directory traversal vulnerability in EFTP 2.0.7.337 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1107 (SnapStream PVS 1.2a stores its passwords in plaintext in the file ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1105 (RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches ...) NOT-FOR-US: Cisco CVE-2001-1104 (SonicWALL SOHO uses easily predictable TCP sequence numbers, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1102 (Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1101 (The Log Viewer function in the Check Point FireWall-1 GUI for Solaris ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1097 (Cisco routers and switches running IOS 12.0 through 12.2.1 allows a ...) NOT-FOR-US: Cisco CVE-2001-1094 (NetOp School 1.5 allows local users to bypass access restrictions on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1093 (Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1092 (msgchk in Digital UNIX 4.0G and earlier allows a local user to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1091 (The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1090 (nss_postgresql 0.6.1 and before allows a remote attacker to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1087 (The default configuration of the config.http.tunnel.allow_ports option ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1086 (XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1082 (Directory traversal vulnerability in Livingston/Lucent RADIUS before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1078 (Format string vulnerability in flog function of eXtremail 1.1.9 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1077 (Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1076 (Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1073 (Webridge PX Application Suite allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1070 (Sage Software MAS 200 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1068 (qpopper 4.01 with PAM based authentication on Red Hat systems ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1065 (Web-based configuration utility in Cisco 600 series routers running ...) NOT-FOR-US: Cisco CVE-2001-1064 (Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows ...) @@ -2088,209 +2088,209 @@ CVE-2001-1064 (Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allow CVE-2001-1061 (Vulnerability in lsmcode in unknown versions of AIX, possibly related ...) NOT-FOR-US: AIX CVE-2001-1060 (phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1058 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1057 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1052 (Empris PHP script allows remote attackers to include arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1051 (Dark Hart Portal (darkportal) PHP script allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1050 (CCCSoftware CCC PHP script allows remote attackers to include ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1047 (Race condition in OpenBSD VFS allows local users to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1045 (Directory traversal vulnerability in basilix.php3 in Basilix Webmail ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1044 (Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1042 (Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1041 (oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1040 (HP LaserJet, and possibly other JetDirect devices, resets the admin ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1039 (The JetAdmin web interface for HP JetDirect does not set a password ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1034 (Format string vulnerability in Hylafax on FreeBSD allows local users ...) {DSA-148} - hylafax 4.1.2-2.1 CVE-2001-1033 (Compaq TruCluster 1.5 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1031 (Directory traversal vulnerability in Meteor FTP 1.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1026 (Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1025 (PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1024 (login.gas.bat and other CGI scripts in Entrust getAccess allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1023 (Xcache 2.1 allows remote attackers to determine the absolute path of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1021 (Buffer overflows in WS_FTP 2.02 allow remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1019 (Directory traversal vulnerability in view_item CGI program in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1018 (Lotus Domino web server 5.08 allows remote attackers to determine the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1015 (Buffer overflow in Snes9x 1.37, when installed setuid root, allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1014 (eshop.pl in WebDiscount(e)shop allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1013 (Apache on Red Hat Linux with with the UserDir directive enabled ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1012 (Vulnerability in screen before 3.9.10, related to a multi-attach error, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1009 (Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1007 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1006 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1005 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1004 (Cross-site scripting (CSS) vulnerability in gnut Gnutella client ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1003 (Respondus 1.1.2 for WebCT uses weak encryption to remember usernames ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1000 (rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0999 (Outlook Express 6.00 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0997 (Textor Webmasters Ltd listrec.pl CGI program allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0996 (POP3Lite before 0.2.4 does not properly quote a . (dot) in an email ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0994 (Marconi ForeThought 7.1 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0992 (shopplus.cgi in ShopPlus shopping cart allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0991 (Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0990 (Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0989 (Buffer overflows in Pileup before 1.2 allows local users to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0988 (Arkeia backup server 4.2.8-2 and earlier creates its database files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0986 (SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote ...) NOT-FOR-US: Microsoft CVE-2001-0985 (shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0984 (Password Safe 1.7(1) leaves cleartext passwords in memory when a user ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0983 (UltraEdit uses weak encryption to record FTP passwords in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0979 (Buffer overflow in swverify in HP-UX 11.0, and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0976 (Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0975 (Buffer overflow vulnerabilities in Oracle Internet Directory Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0974 (Format string vulnerabilities in Oracle Internet Directory Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0972 (Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0971 (Directory traversal vulnerability in ACI 4d webserver allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0970 (Cross-site scripting vulnerability in TDForum 1.2 CGI script ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0968 (Knox Arkeia server 4.2, and possibly other versions, installs its root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0967 (Knox Arkeia server 4.2, and possibly other versions, uses a constant ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0966 (Directory traversal vulnerability in Nudester 1.10 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0964 (Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0958 (Buffer overflows in eManager plugin for Trend Micro InterScan ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0956 (speechd 0.54 and earlier, with the Festival or rsynth speech synthesis ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0955 (Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0953 (Kebi WebMail allows remote attackers to access the administrator menu ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0952 (THQ Volition Red Faction Game allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0950 (ValiCert Enterprise Validation Authority (EVA) Administration Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0949 (Buffer overflows in forms.exe CGI program in ValiCert Enterprise ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0948 (Cross-site scripting (CSS) vulnerability in ValiCert Enterprise ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0947 (Forms.exe CGI program in ValiCert Enterprise Validation Authority ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0945 (Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0944 (DDE in mIRC allows local users to launch applications under another ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0943 (dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0942 (dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0941 (Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0938 (Directory traversal vulnerability in AspUpload 2.1, in certain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0937 (PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0935 (Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0934 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0933 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0932 (Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0931 (Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0930 (Sendpage.pl allows remote attackers to execute arbitrary commands via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0928 (Buffer overflow in the permitted function of GNOME gtop daemon ...) {DSA-301} - libgtop 1.0.13-4 CVE-2001-0927 (Format string vulnerability in the permitted function of GNOME ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0926 (SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0925 (The default installation of Apache before 1.3.19 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0924 (Directory traversal vulnerability in ifx CGI program in Informix Web ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0923 (RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0922 (ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0919 (Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow ...) NOT-FOR-US: Microsoft CVE-2001-0916 (Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0915 (Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0913 (Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0911 (PHP-Nuke 5.1 stores user and administrator passwords in a base-64 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0910 (Legato Networker before 6.1 allows remote attackers to bypass access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0908 (CITRIX Metaframe 1.8 logs the Client Address (IP address) that is ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0904 (Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies ...) NOT-FOR-US: Microsoft CVE-2001-0903 (Linear key exchange process in High-bandwidth Digital Content ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0898 (Opera 6.0 and earlier allows remote attackers to access sensitive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0897 (Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0893 (Acme mini_httpd before 1.16 allows remote attackers to view sensitive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0892 (Acme Thttpd Secure Webserver before 2.22, with the chroot option ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0890 (Certain backend drivers in the SANE library 1.0.3 and earlier, as used ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0885 RESERVED CVE-2001-0883 @@ -2304,63 +2304,63 @@ CVE-2001-0880 CVE-2001-0878 RESERVED CVE-2001-0871 (Directory traversal vulnerability in HTTP server for Alchemy Eye and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0870 (HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0868 (Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0858 (Buffer overflow in pppattach and other linked PPP utilities in Caldera ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0856 (Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0855 (Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0854 (PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0853 (Directory traversal vulnerability in Entrust GetAccess allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0849 (viralator CGI script in Viralator 0.9pre1 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0848 (join.cfm in e-Zone Media Fuse Talk allows a local user to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0847 (Lotus Domino Web Server 5.x allows remote attackers to gain sensitive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0845 (Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0844 (Vulnerability in (1) Book of guests and (2) Post it! allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0842 (Directory traversal vulnerability in Search.cgi in Leoboard LB5000 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0841 (Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0840 (Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0839 (ibillpm.pl in iBill password management system generates weak ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0838 (Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0835 (Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0832 (Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0831 (Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0829 (A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0827 (Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0826 (Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0824 (Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0821 (The default configuration of DCShop 1.002 beta places sensitive files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0820 (Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0818 (A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0817 (Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0814 RESERVED CVE-2001-0813 @@ -2372,108 +2372,108 @@ CVE-2001-0811 CVE-2001-0810 RESERVED CVE-2001-0809 (Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0808 (gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0807 (Internet Explorer 5.0, and possibly other versions, may allow remote ...) NOT-FOR-US: Microsoft CVE-2001-0802 RESERVED CVE-2001-0800 (lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0799 (Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0798 RESERVED CVE-2001-0795 (Perception LiteServe 1.25 allows remote attackers to obtain source ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0794 (Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0791 (Trend Micro InterScan VirusWall for Windows NT allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0790 (Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0789 (Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0788 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0786 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0785 (Directory traversal in Webpaging interface in Internet Software ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0783 (Cisco TFTP server 1.1 allows remote attackers to read arbitrary files ...) NOT-FOR-US: Cisco CVE-2001-0782 (KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0781 (Buffer overflow in SpoonFTP 1.0.0.12 allows remote attacker to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0780 (Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0778 (OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0777 (Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0776 (Buffer overflow in DynFX MailServer version 2.10 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0775 (Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux ...) {DSA-695-1} - xli 1.17.0-17 CVE-2001-0772 (Buffer overflows and other vulnerabilities in multiple Common Desktop ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0771 (Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0768 (GuildFTPd 0.9.7 stores user names and passwords in plaintext in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0767 (Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0766 (Apache on MacOS X Client 10.0.3 with the HFS+ file system allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0762 (Buffer overflow in su-wrapper 1.1.1 allows local users to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0761 (Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0759 (Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0758 (Directory traversal vulnerability in Shambala 4.5 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0756 (CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0755 (Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0753 (Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) ...) NOT-FOR-US: Cisco CVE-2001-0747 (Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0746 (Buffer overflow in Web Publisher in iPlanet Web Server Enterprise ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0744 (Horde IMP 2.2.4 and earlier allows local users to overwrite files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0743 (Paging function in O'Reilly WebBoard Pager 4.10 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0742 (Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0737 (A long 'synch' delay in Logitech wireless mice and keyboard receivers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0736 (Vulnerability in (1) pine before 4.33 and (2) the pico editor, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0735 (Buffer overflow in cfingerd 1.4.3 and earlier with the ...) - cfingerd 1.4.3-1.1 (bug #104394) NOTE: 1.4.3-1.2 is not in the PTS, but 1.4.3-1.2 incorporates NOTE: its changes. CVE-2001-0734 (Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0729 (Apache 1.3.20 on Windows servers allows remote attackers to bypass the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0725 RESERVED CVE-2001-0721 (Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0715 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0714 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0713 (Sendmail before 8.12.1 does not properly drop privileges when the -C ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0712 (The rendering engine in Internet Explorer determines the MIME type ...) NOT-FOR-US: Microsoft CVE-2001-0711 (Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a ...) @@ -2481,51 +2481,51 @@ CVE-2001-0711 (Cisco IOS 11.x and 12.0 with ATM support allows attackers to caus CVE-2001-0709 (Microsoft IIS 4.0 and before, when installed on a FAT partition, ...) NOT-FOR-US: Microsoft CVE-2001-0708 (Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0707 (Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0705 (Directory traversal vulnerability in tradecli.dll in Arcadia Internet ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0704 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0703 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0702 (Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0695 (WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0694 (Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0693 (WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0691 (Buffer overflows in Washington University imapd 2000a through 2000c ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0689 (Vulnerability in TrendMicro Virus Control System 1.8 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0688 (Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0687 (Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0684 (Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0683 (Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0681 (Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0679 (A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0678 (A buffer overflow in reggo.dll file used by Trend Micro InterScan ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0674 (Directory traversal vulnerability in RobTex Viking Web server before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0673 RESERVED CVE-2001-0672 RESERVED CVE-2001-0671 (Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0669 (Various Intrusion Detection Systems (IDS) including (1) Cisco Secure ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0661 RESERVED CVE-2001-0657 @@ -2537,309 +2537,309 @@ CVE-2001-0655 CVE-2001-0654 RESERVED CVE-2001-0649 (Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0647 (Orange Web Server 2.1, based on GoAhead, allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0645 (Symantec/AXENT NetProwler 3.5.x contains several default passwords, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0642 (Directory traversal vulnerability in IncrediMail version 1400185 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0636 (Buffer overflows in Raytheon SilentRunner allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0633 (Directory traversal vulnerability in Sun Chili!Soft ASP on multiple ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0632 (Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0624 (QNX 2.4 allows a local user to read arbitrary files by directly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0623 (sendfiled, as included with Simple Asynchronous File Transfer (SAFT), ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0620 (iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0619 (The Lucent Closed Network protocol can allow remote attackers to join ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0618 (Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0617 (Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0614 (Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0610 (kfm as included with KDE 1.x can allow a local attacker to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0609 (Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0608 (HP architected interface facility (AIF) as includes with MPE/iX 5.5 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0607 (asecure as included with HP-UX 10.01 through 11.00 can allow a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0606 (Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0605 (Headlight Software MyGetright prior to 1.0b allows a remote attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0604 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0603 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0602 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0601 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0600 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0599 (Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0598 (Symantec Ghost 6.5 and earlier allows a remote attacker to create a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0597 (Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0592 (Watchguard Firebox II prior to 4.6 allows a remote attacker to create ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0588 (sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0587 (deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0584 (IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0583 (Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0582 (Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0581 (Spytech Spynet Chat Server 6.5 allows a remote attacker to create a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0580 (Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0579 (lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0578 (Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0577 (recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0576 (lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0575 (Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0572 (The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0571 (Directory traversal vulnerability in the web server for (1) Elron ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0570 (minicom 1.83.1 and earlier allows a local attacker to gain additional ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0569 (Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0568 (Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0566 (Cisco Catalyst 2900XL switch allows a remote attacker to create a denial ...) NOT-FOR-US: Cisco CVE-2001-0562 (a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0561 (Directory traversal vulnerability in Drummond Miles A1Stats prior to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0557 (T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0556 (The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0555 (ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0552 (ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0551 (Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0542 (Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers ...) NOT-FOR-US: Microsoft CVE-2001-0539 RESERVED CVE-2001-0535 (Example applications (Exampleapps) in ColdFusion Server 4.x do not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0534 (Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0532 RESERVED CVE-2001-0531 RESERVED CVE-2001-0524 (eEye SecureIIS versions 1.0.3 and earlier does not perform length ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0523 (eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0521 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0520 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0519 (Aladdin eSafe Gateway versions 2.x allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0516 (Oracle listener between Oracle 9i and Oracle 8.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0515 (Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0509 (Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 ...) NOT-FOR-US: Microsoft CVE-2001-0505 (Multiple memory leaks in Microsoft Services for Unix 2.0 allow remote ...) NOT-FOR-US: Microsoft CVE-2001-0499 (Buffer overflow in Transparent Network Substrate (TNS) Listener in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0498 (Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0496 (kdesu in kdelibs package creates world readable temporary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0492 (Netcruiser Web server version 0.1.2.8 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0491 (Directory traversal vulnerability in RaidenFTPD Server 2.1 before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0490 (Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0484 (Tektronix PhaserLink 850 does not require authentication for access to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0483 (Configuration error in Axent Raptor Firewall 6.5 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0480 (Directory traversal vulnerability in Alex's FTP Server 0.7 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0479 (Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0478 (Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0477 (Vulnerability in WebCalendar 0.9.26 allows remote command execution. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0476 (Multiple buffer overflows in s.cgi program in Aspseek search engine ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0472 (Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0471 (SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0470 (Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0468 (Buffer overflow in FTPFS allows local users to gain root privileges ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0466 (Directory traversal vulnerability in ustorekeeper 1.61 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0464 (Buffer overflow in websync.exe in Cyberscheduler allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0460 (Websweeper 4.0 does not limit the length of certain HTTP headers, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0459 (Buffer overflows in ascdc Afterstep while running setuid allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0458 (Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0454 (Directory traversal vulnerability in SlimServe HTTPd 1.1a allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0453 (Directory traversal vulnerability in BRS WebWeaver HTTP server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0452 (BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0451 (INDEXU 2.0 beta and earlier allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0450 (Directory traversal vulnerability in Transsoft FTP Broker before 5.5 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0448 (Web configuration server in 602Pro LAN SUITE allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0447 (Web configuration server in 602Pro LAN SUITE allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0446 (IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0443 (Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0441 (Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0438 (Preview version of Timbuktu for Mac OS X allows local users to modify ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0437 (upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0436 (dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0435 (The split key mechanism used by PGP 7.0 allows a key share holder to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0433 (Buffer overflow in Savant 3.0 web server allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0432 (Buffer overflows in various CGI programs in the remote administration ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0431 (Vulnerability in iPlanet Web Server Enterprise Edition 4.x. ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0426 (Buffer overflow in dtsession on Solaris, and possibly other operating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0425 (AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0424 (BubbleMon 1.31 does not properly drop group privileges before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0421 (FTP server in Solaris 8 and earlier allows local and remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0420 (Directory traversal vulnerability in talkback.cgi program allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0419 (Buffer overflow in shared library ndwfn4.so for iPlanet Web Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0418 (content.pl script in NCM Content Management System allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0417 (Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0415 (REDIPlus program, REDI.exe, stores passwords and user names in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0411 (Reliant Unix 5.44 and earlier allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0410 (Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0406 (Samba before 2.2.0 allows local attackers to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0404 (Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0403 (/opt/JSparm/bin/perfmon program in Solaris allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0401 (Buffer overflow in tip in Solaris 8 and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0400 (nph-maillist.pl allows remote attackers to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0399 (Caucho Resin 1.3b1 and earlier allows remote attackers to read source ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0398 (The BAT! mail client allows remote attackers to bypass user warnings ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0397 (Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0396 (The pre-login mode in the System Administrator interface of Lightwave ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0395 (Lightwave ConsoleServer 3200 does not disconnect users after ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0393 (Navision Financials Server 2.0 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0392 (Navision Financials Server 2.60 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0391 (Xitami 2.5d4 and earlier allows remote attackers to crash the server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0390 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0389 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0385 (GoAhead webserver 2.1 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0384 (ppd in Reliant Sinix allows local users to corrupt arbitrary files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0382 (Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0381 (The OpenPGP PGP standard allows an attacker to determine the private ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0380 (Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0376 (SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0374 (The HTTP server in Compaq web-enabled management software for (1) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0372 (Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0370 (fcheck prior to 2.57.59 calls the file signature checking program ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0369 (Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0367 (Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0360 (Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0359 (Format string vulnerability in Sierra Half-Life build 1573 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0358 (Buffer overflows in Sierra Half-Life build 1573 and earlier allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0357 (FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0355 (Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0354 (TheNet CheckBO 1.56 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0352 (SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0350 (Microsoft Windows 2000 telnet service creates named pipes with ...) NOT-FOR-US: Microsoft CVE-2001-0349 (Microsoft Windows 2000 telnet service creates named pipes with ...) @@ -2853,197 +2853,197 @@ CVE-2001-0337 (The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earli CVE-2001-0332 (Internet Explorer 5.5 and earlier does not properly verify the domain ...) NOT-FOR-US: Microsoft CVE-2001-0329 (Bugzilla 2.10 allows remote attackers to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0328 (TCP implementations that use random increments for initial sequence ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0325 (Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0324 (Windows 98 and Windows 2000 Java clients allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0323 (The ICMP path MTU (PMTU) discovery feature in various UNIX systems ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0322 (MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, ...) NOT-FOR-US: Microsoft CVE-2001-0320 (bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0315 (The locking feature in mIRC 5.7 allows local users to bypass the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0314 (Buffer overflow in www.tol module in America Online (AOL) 5.0 may ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0313 (Borderware Firewall Server 6.1.2 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0312 (IBM WebSphere plugin for Netscape Enterprise server allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0308 (UploadServlet in Bajie HTTP JServer 0.78 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0307 (Bajie HTTP JServer 0.78 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0306 (Directory traversal vulnerability in ITAfrica WEBactive HTTP Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0305 (Directory traversal vulnerability in store.cgi in Thinking Arts ES.One ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0304 (Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0303 (tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0302 (Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0300 (oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0298 (Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0297 (Directory traversal vulnerability in Simple Server HTTPd 1.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0296 (Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0294 (Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0293 (Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0292 (PHP-Nuke 4.4.1a allows remote attackers to modify a user's email ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0291 (Buffer overflow in post-query sample CGI program allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0286 (Directory traversal vulnerability in A1 HTTP server 1.0a allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0285 (Buffer overflow in A1 HTTP server 1.0a allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0283 (Directory traversal vulnerability in SunFTP build 9 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0282 (SEDUM 2.1 HTTP server allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0281 (Format string vulnerability in DbgPrint function, used in debug ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0277 (Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0275 (Moby Netsuite Web Server 1.02 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0273 (pgp4pine Pine/PGP interface version 1.75-6 does not properly check to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0272 (Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0271 (mailnews.cgi 1.3 and earlier allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0270 (Marconi ASX-1000 ASX switches allow remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0264 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0263 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0262 (Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0261 (Microsoft Windows 2000 Encrypted File System does not properly destroy ...) NOT-FOR-US: Microsoft CVE-2001-0258 (The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0257 (Buffer overflow in Easycom/Safecom Print Server Web service, version ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0256 (FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0255 (FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0254 (FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0253 (Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0251 (The Web Publishing feature in Netscape Enterprise Server 3.x allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0250 (The Web Publishing feature in Netscape Enterprise Server 4.x and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0249 (Heap overflow in FTP daemon in Solaris 8 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0248 (Buffer overflow in FTP server in HPUX 11 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0247 (Buffer overflows in BSD-based FTP servers allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0246 (Internet Explorer 5.5 and earlier does not properly verify the domain ...) NOT-FOR-US: Microsoft CVE-2001-0242 (Buffer overflows in Microsoft Windows Media Player 7 and earlier allow ...) NOT-FOR-US: Microsoft CVE-2001-0232 (newsdesk.cgi in News Desk 1.2 allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0231 (Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0229 (Chili!Soft ASP for Linux before 3.6 does not properly set group ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0228 (Directory traversal vulnerability in GoAhead web server 2.1 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0227 (Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0226 (Directory traversal vulnerability in BiblioWeb web server 2.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0225 (fortran math component in Infobot 0.44.5.3 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0224 (Muscat Empower CGI program allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0223 (Buffer overflow in wwwwais allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0220 (Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0217 (Directory traversal vulnerability in PALS Library System pals-cgi ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0216 (PALS Library System pals-cgi program allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0214 (Way-board CGI program allows remote attackers to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0213 (Buffer overflow in pi program in PlanetIntra 2.5 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0212 (Directory traversal vulnerability in HIS Auktion 1.62 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0211 (Directory traversal vulnerability in WebSPIRS 3.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0210 (Directory traversal vulnerability in commerce.cgi CGI program allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0209 (Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0208 (MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0206 (Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0205 (Directory traversal vulnerability in AOLserver 3.2 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0202 (Picserver web server allows remote attackers to read arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0201 (The Postaci frontend for PostgreSQL does not properly filter ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0200 (HSWeb 2.0 HTTP server allows remote attackers to obtain the physical ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0199 (Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0198 (Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0192 (Buffer overflows in CTRLServer in XMail allows attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0188 (GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0186 (Directory traversal vulnerability in Free Java Web Server 1.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0184 (eEye Iris 1.01 beta allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0181 (Format string vulnerability in the error logging code of DHCP server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0180 (Lars Ellingsen guestserver.cgi allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0177 (WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0173 (Buffer overflow in qDecoder library 5.08 and earlier, as used in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0172 (Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0171 (Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0168 (Buffer overflow in AT&T WinVNC (Virtual Network Computing) server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0167 (Buffer overflow in AT&T WinVNC (Virtual Network Computing) client ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0163 (Cisco AP340 base station produces predictable TCP Initial Sequence ...) NOT-FOR-US: Cisco CVE-2001-0162 (WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0161 (Cisco 340-series Aironet access point using firmware 11.01 does not ...) NOT-FOR-US: Cisco CVE-2001-0160 (Lucent/ORiNOCO WaveLAN cards generate predictable Initialization ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0159 RESERVED CVE-2001-0158 @@ -3051,110 +3051,110 @@ CVE-2001-0158 CVE-2001-0146 (IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-2001-0145 (Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0135 (The default installation of Ultraboard 2000 2.11 creates the Skins, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0134 (Buffer overflow in cpqlogin.htm in web-enabled agents for various ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0133 (The web administration interface for Interscan VirusWall 3.6.x and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0132 (Interscan VirusWall 3.6.x and earlier follows symbolic links when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0131 (htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local ...) {DSA-195 DSA-188 DSA-187} - apache-perl 1.3.26-1.1-1.27-3-1 - apache 1.3.27-1 CVE-2001-0127 (Buffer overflow in Olivier Debon Flash plugin (not the Macromedia ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0114 (statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0113 (statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0112 (Multiple buffer overflows in splitvt before 1.6.5 allow local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0107 (Veritas Backup agent on Linux allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0104 (MDaemon Pro 3.5.1 and earlier allows local users to bypass the "lock ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0103 (CoffeeCup Direct and Free FTP clients useas weak encryption to store ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0102 ("Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0101 (Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0098 (Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0097 (The Web interface for Infinite Interchange 3.6.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0093 (Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0088 (common.inc.php in phpWebLog 0.4.2 does not properly initialize the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0087 (itetris/xitetris 1.6.2 and earlier trusts the PATH environmental ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0086 (CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0084 (GTK+ library allows local users to specify arbitrary modules via the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0082 (Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0079 (Support Tools Manager (STM) A.22.00 for HP-UX allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0076 (register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0075 (Directory traversal vulnerability in main.cgi in Technote allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0074 (Directory traversal vulnerability in print.cgi in Technote allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0073 (Buffer overflow in the find_default_type function in libsecure in NSA ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0070 (Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0068 (Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0067 (The installation of J-Pilot creates the .jpilot directory with the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0065 (Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0064 (Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0052 (IBM DB2 Universal Database version 6.1 allows users to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0051 (IBM DB2 Universal Database version 6.1 creates an account with a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0049 (WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0048 (The "Configure Your Server" tool in Microsoft 2000 domain controllers ...) NOT-FOR-US: Microsoft CVE-2001-0047 (The default permissions for the MTS Package Administration registry ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0046 (The default permissions for the SNMP Parameters registry key in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0045 (The default permissions for the RAS Administration key in Windows NT ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0044 (Multiple buffer overflows in Lexmark MarkVision printer driver ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0038 (Offline Explorer 1.4 before Service Release 2 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0037 (Directory traversal vulnerability in HomeSeer before 1.4.29 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0032 (Format string vulnerability in ssldump possibly allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0031 (BroadVision One-To-One Enterprise allows remote attackers to determine ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0030 (FoolProof 3.9 allows local users to bypass program execution ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0029 (Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0027 (mod_sqlpw module in ProFTPD does not reset a cached password when a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0025 (ad.cgi CGI program by Leif Wright allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0024 (simplestmail.cgi CGI program by Leif Wright allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0023 (everythingform.cgi CGI program by Leif Wright allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0022 (simplestguest.cgi CGI program by Leif Wright allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0019 (Arrowpoint (aka Cisco Content Services, or CSS) allows local users to ...) NOT-FOR-US: Cisco diff --git a/data/CVE/2002.list b/data/CVE/2002.list index f223bf2e3c..7dcc4d6d71 100644 --- a/data/CVE/2002.list +++ b/data/CVE/2002.list @@ -1,7 +1,7 @@ CVE-2002-2218 (CRLF injection vulnerability in the setUserValue function in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-2217 (Multiple PHP remote file inclusion vulnerabilities in Web Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-2216 (Soft3304 04WebServer before 1.20 does not properly process URL ...) NOT-FOR-US: 04WebServer CVE-2002-2215 (The imap_header function in the IMAP functionality for PHP before ...) @@ -1334,11 +1334,11 @@ CVE-2002-1575 (cgiemail allows remote attackers to use cgiemail as a spam proxy {DSA-437} - cgiemail 1.6-20 CVE-2002-1573 (Unspecified vulnerability in the pcilynx ieee1394 firewire driver ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-1572 (Signed integer overflow in the bttv_read function in the bttv driver ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-1571 (The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-1570 (Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and ...) - ucd-snmp 4.2.3-2 CVE-2002-1569 (gv 3.5.8, and possibly earlier versions, allows remote attackers to ...) @@ -3392,7 +3392,7 @@ CVE-2002-0640 (Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow re CVE-2002-0639 (Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote ...) - openssh 1:3.4 (high) CVE-2002-0638 (setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0631 (Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 ...) NOT-FOR-US: SGI CVE-2002-0630 (The Telnet service for Polycom ViewStation before 7.2.4 allows remote ...) @@ -3428,15 +3428,15 @@ CVE-2002-0598 (Format string vulnerability in Foundstone FScan 1.12 with banner CVE-2002-0597 (LANMAN service on Microsoft Windows 2000 allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-2002-0594 (Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0576 (ColdFusion 5.0 and earlier on Windows systems allows remote attackers ...) NOT-FOR-US: ColdFusion CVE-2002-0575 (Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0574 (Memory leak in FreeBSD 4.5 and earlier allows remote attackers to ...) NOT-FOR-US: FreeBSD CVE-2002-0573 (Format string vulnerability in RPC wall daemon (rpc.rwalld) for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0571 (Oracle Oracle9i database server 9.0.1.x allows local users to access ...) NOT-FOR-US: Oracle CVE-2002-0569 (Oracle 9i Application Server allows remote attackers to bypass access ...) @@ -3452,47 +3452,47 @@ CVE-2002-0545 (Cisco Aironet before 11.21 with Telnet enabled allows remote atta CVE-2002-0543 (Directory traversal vulnerability in Aprelium Abyss Web Server ...) NOT-FOR-US: Aprelium CVE-2002-0542 (mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0539 (Demarc PureSecure 1.05 allows remote attackers to gain administrative ...) NOT-FOR-US: Demarc CVE-2002-0538 (FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 ...) NOT-FOR-US: Symantec CVE-2002-0536 (PHPGroupware 0.9.12 and earlier, when running with the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0532 (EMU Webmail allows local users to execute arbitrary programs via a .. ...) NOT-FOR-US: EMU CVE-2002-0531 (Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x ...) NOT-FOR-US: EMU CVE-2002-0516 (SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0513 (The PHP administration script in popper_mod 1.2.1 and earlier relies ...) NOT-FOR-US: popper_mod CVE-2002-0512 (startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0511 (The default configuration of Name Service Cache Daemon (nscd) in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0506 (Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0505 (Memory leak in the Call Telephony Integration (CTI) Framework ...) NOT-FOR-US: Cisco CVE-2002-0501 (Format string vulnerability in log_print() function of Posadis DNS ...) NOT-FOR-US: Posadis CVE-2002-0497 (Buffer overflow in mtr 0.46 and earlier, when installed setuid root, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0495 (csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to ...) NOT-FOR-US: csSearch CVE-2002-0494 (Cross-site scripting vulnerability in WebSight Directory System 0.1 ...) NOT-FOR-US: WebSight CVE-2002-0493 (Apache Tomcat may be started without proper security settings if ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0490 (Instant Web Mail before 0.60 does not properly filter CR/LF sequences, ...) NOT-FOR-US: Instant Web Mail CVE-2002-0488 (Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote ...) NOT-FOR-US: Linux Directory Penguin CVE-2002-0484 (move_uploaded_file in PHP does not does not check for the base ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0473 (db.php in phBB 2.0 (aka phBB2) RC-3 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0464 (Directory traversal vulnerability in Hosting Controller 1.4.1 and ...) NOT-FOR-US: Hosting Controller CVE-2002-0463 (home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote ...) @@ -3500,7 +3500,7 @@ CVE-2002-0463 (home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows re CVE-2002-0462 (bigsam_guestbook.php for Big Sam (Built-In Guestbook Stand-Alone ...) NOT-FOR-US: Big Sam CVE-2002-0454 (Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0451 (filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote ...) NOT-FOR-US: PHProjekt CVE-2002-0445 (article.php in PHP FirstPost 0.1 allows allows remote attackers to ...) @@ -3510,40 +3510,40 @@ CVE-2002-0444 (Microsoft Windows 2000 running the Terminal Server 90-day trial . CVE-2002-0443 (Microsoft Windows 2000 allows local users to bypass the policy that ...) NOT-FOR-US: Windows CVE-2002-0442 (Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0441 (Directory traversal vulnerability in imlist.php for Php Imglist allows ...) NOT-FOR-US: PHP Imglist CVE-2002-0437 (Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0435 (Race condition in the recursive (1) directory deletion and (2) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0431 (XTux allows remote attackers to cause a denial of service (CPU ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0429 (The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 ...) {DSA-442 DSA-336 DSA-332 DSA-312 DSA-311} - kernel-source-2.2.20 <removed> CVE-2002-0425 (mIRC DCC server protocol allows remote attackers to gain sensitive ...) NOT-FOR-US: mIRC CVE-2002-0424 (efingerd 1.61 and earlier, when configured without the -u option, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0423 (Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0414 (KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0412 (Format string vulnerability in TraceEvent function for ntop before 2.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0406 (Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to cause ...) NOT-FOR-US: SPHERE CVE-2002-0404 (Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0403 (DNS dissector in Ethereal before 0.9.3 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0402 (Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0401 (SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0400 (ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0398 (Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to ...) NOT-FOR-US: Red-M CVE-2002-0397 (Red-M 1050 (Bluetooth Access Point) publicizes its name, IP address, ...) @@ -3564,26 +3564,26 @@ CVE-2002-0391 (Integer overflow in xdr_array function in RPC servers for operati - krb5 1.2.5-2 - openafs 1.2.6-1 CVE-2002-0389 (Pipermail in Mailman stores private mail messages with predictable ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0387 (Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module ...) NOT-FOR-US: Sun CVE-2002-0384 (Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0382 (XChat IRC client allows remote attackers to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0381 (The TCP implementation in various BSD operating systems (tcp_input.c) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0380 (Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers ...) {DSA-255} - tcpdump 3.7.1-1.2 CVE-2002-0379 (Buffer overflow in University of Washington imap server (uw-imapd) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0377 (Gaim 0.57 stores sensitive information in world-readable and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0376 (Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote ...) NOT-FOR-US: Apple CVE-2002-0374 (Format string vulnerability in the logging function for the pam_ldap ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0373 (The Windows Media Device Manager (WMDM) Service in Microsoft Windows ...) NOT-FOR-US: Microsoft CVE-2002-0372 (Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player ...) @@ -3599,7 +3599,7 @@ CVE-2002-0366 (Buffer overflow in Remote Access Service (RAS) phonebook for Wind CVE-2002-0364 (Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 ...) NOT-FOR-US: Microsoft CVE-2002-0363 (ghostscript before 6.53 allows attackers to execute arbitrary commands ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0362 (Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows ...) NOT-FOR-US: AOL CVE-2002-0359 (xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which ...) @@ -3607,9 +3607,9 @@ CVE-2002-0359 (xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which CVE-2002-0358 (MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows ...) NOT-FOR-US: MediaMail CVE-2002-0357 (Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0356 (Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0355 (netstat in SGI IRIX before 6.5.12 allows local users to determine the ...) NOT-FOR-US: SGI CVE-2002-0339 (Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) ...) @@ -3619,7 +3619,7 @@ CVE-2002-0330 (Cross-site scripting vulnerability in codeparse.php of Open Bulle CVE-2002-0329 (Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and ...) NOT-FOR-US: Snitz CVE-2002-0318 (FreeRADIUS RADIUS server allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0313 (Buffer overflow in Essentia Web Server 2.1 allows remote attackers to ...) NOT-FOR-US: Essentia CVE-2002-0309 (SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the ...) @@ -3627,27 +3627,27 @@ CVE-2002-0309 (SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes t CVE-2002-0302 (The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops ...) NOT-FOR-US: Symantec CVE-2002-0300 (gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0299 (CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code ...) NOT-FOR-US: CatchUp CVE-2002-0292 (Cross-site scripting vulnerability in Slash before 2.2.5, as used in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0290 (Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows ...) NOT-FOR-US: WebNews CVE-2002-0287 (pforum 1.14 and earlier does not explicitly enable PHP magic quotes, ...) NOT-FOR-US: pforum CVE-2002-0276 (Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0275 (Falcon web server 2.0.0.1020 and earlier allows remote attackers to ...) NOT-FOR-US: Falcon CVE-2002-0274 (Exim 3.34 and earlier may allow local users to gain privileges via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0267 (preferences.php in Simple Internet Publishing System (SIPS) before ...) NOT-FOR-US: SIPS CVE-2002-0265 (Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file ...) NOT-FOR-US: Sawmill CVE-2002-0251 (Buffer overflow in licq 1.0.4 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0250 (Web configuration utility in HP AdvanceStack hubs J3200A through ...) NOT-FOR-US: HP CVE-2002-0246 (Format string vulnerability in the message catalog library functions ...) @@ -3679,51 +3679,51 @@ CVE-2002-0190 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attac CVE-2002-0188 (Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to ...) NOT-FOR-US: Microsoft CVE-2002-0187 (Cross-site scripting vulnerability in the SQLXML component of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0186 (Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server ...) NOT-FOR-US: Microsoft CVE-2002-0185 (mod_python version 2.7.6 and earlier allows a module indirectly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0184 (Heap-based buffer overflow in sudo before 1.6.6 may allow local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0181 (Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0179 (Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0178 (uudecode, as available in the sharutils package before 4.2.1, does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0176 (The printf wrappers in libsafe 2.0-11 and earlier do not properly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0175 (libsafe 2.0-11 and earlier allows attackers to bypass protection ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0174 (nsd on SGI IRIX before 6.5.11 allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0173 (Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0172 (/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0171 (IRISconsole 2.0 may allow users to log into the icadmin account with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0170 (Zope 2.2.0 through 2.5.1 does not properly verify the access for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0169 (The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0168 (Vulnerability in Imlib before 1.9.13 allows attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0167 (Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0166 (Cross-site scripting vulnerability in analog before 5.22 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0163 (Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0160 (The administration function in Cisco Secure Access Control Server ...) NOT-FOR-US: Cisco CVE-2002-0159 (Format string vulnerability in the administration function in Cisco ...) NOT-FOR-US: Cisco CVE-2002-0158 (Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0157 (Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0155 (Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN ...) NOT-FOR-US: Microsoft CVE-2002-0153 (Internet Explorer 5.1 for Macintosh allows remote attackers to bypass ...) @@ -3737,93 +3737,93 @@ CVE-2002-0150 (Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, an CVE-2002-0149 (Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 ...) NOT-FOR-US: Microsoft CVE-2002-0148 (Cross-site scripting vulnerability in Internet Information Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0147 (Buffer overflow in the ASP data transfer mechanism in Internet ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0146 (fetchmail email client before 5.9.10 does not properly limit the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0143 (Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0139 (Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0128 (cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0123 (MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and earlier, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0121 (PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0120 (Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0117 (Cross-site scripting vulnerability in Yet Another Bulletin Board ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0115 (Snort 1.8.3 does not properly define the minimum ICMP header size, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0111 (Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0107 (Web administration interface in CacheFlow CacheOS 4.0.13 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0098 (Buffer overflow in index.cgi administration interface for Boozt! ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0097 (Geeklog 1.3 allows remote attackers to hijack user accounts, including ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0096 (The installation of Geeklog 1.3 creates an extra group_assignments ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0095 (The default configuration of BSCW (Basic Support for Cooperative Work) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0094 (config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0092 (CVS before 1.10.8 does not properly initialize a global variable, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0090 (Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0083 (Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0082 (The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0081 (Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0080 (rsync, when running in daemon mode, does not properly call setgroups ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0079 (Buffer overflow in the chunked encoding transfer mechanism in Internet ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0078 (The zone determination function in Microsoft Internet Explorer 5.5 and ...) NOT-FOR-US: Microsoft CVE-2002-0076 (Java Runtime Environment (JRE) Bytecode Verifier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0075 (Cross-site scripting vulnerability for Internet Information Server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0074 (Cross-site scripting vulnerability in Help File search facility for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0073 (The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 ...) NOT-FOR-US: Microsoft CVE-2002-0072 (The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0071 (Buffer overflow in the ism.dll ISAPI extension that implements HTR ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0070 (Buffer overflow in Windows Shell (used as the Windows Desktop) allows ...) NOT-FOR-US: Microsoft CVE-2002-0069 (Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0068 (Squid 2.4 STABLE3 and earlier allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0067 (Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0066 (Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0065 (Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0064 (Funk Software Proxy Host 3.x is installed with insecure permissions ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0063 (Buffer overflow in ippRead function of CUPS before 1.1.14 may allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0062 (Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0061 (Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0060 (IRC connection tracking helper module in the netfilter subsystem for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0059 (The decompression algorithm in zlib 1.1.3 and earlier, as used in many ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0057 (XMLHTTP control in Microsoft XML Core Services 2.6 and later does not ...) NOT-FOR-US: Microsoft CVE-2002-0055 (SMTP service in Microsoft Windows 2000, Windows XP Professional, and ...) @@ -3839,29 +3839,29 @@ CVE-2002-0050 (Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce CVE-2002-0049 (Microsoft Exchange Server 2000 System Attendant gives "Everyone" group ...) NOT-FOR-US: Microsoft CVE-2002-0047 (CIPE VPN package before 1.3.0-3 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0046 (Linux kernel, and possibly other operating systems, allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0045 (slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0044 (GNU Enscript 1.6.1 and earlier allows local users to overwrite ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0043 (sudo 1.6.0 through 1.6.3p7 does not properly clear the environment ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0042 (Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0040 (Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0038 (Vulnerability in the cache-limiting function of the unified name ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0036 (Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0033 (Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0032 (Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0028 (Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0027 (Internet Explorer 5.5 and 6.0 allows remote attackers to read certain ...) NOT-FOR-US: Microsoft CVE-2002-0026 (Internet Explorer 5.5 and 6.0 allows remote attackers to bypass ...) @@ -3873,7 +3873,7 @@ CVE-2002-0024 (File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows a CVE-2002-0023 (Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read ...) NOT-FOR-US: Microsoft CVE-2002-0022 (Buffer overflow in the implementation of an HTML directive in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0021 (Network Product Identification (PID) Checker in Microsoft Office v. X ...) NOT-FOR-US: Microsoft CVE-2002-0020 (Buffer overflow in telnet server in Windows 2000 and Interix 2.2 ...) @@ -3881,25 +3881,25 @@ CVE-2002-0020 (Buffer overflow in telnet server in Windows 2000 and Interix 2.2 CVE-2002-0018 (In Microsoft Windows NT and Windows 2000, a trusting domain that ...) NOT-FOR-US: Microsoft CVE-2002-0017 (Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0014 (URL-handling code in Pine 4.43 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0011 (Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0009 (show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0007 (CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0006 (XChat 1.8.7 and earlier, including default configurations of 1.4.2 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0005 (Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0004 (Heap corruption vulnerability in the "at" program allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0003 (Buffer overflow in the preprocessor in groff 1.16 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0002 (Format string vulnerability in stunnel before 3.22 when used in client ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0654 (Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote ...) - apache2 2.0.40 CVE-2002-0652 (xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute ...) @@ -3961,13 +3961,13 @@ CVE-2002-0603 (Snapgear Lite+ firewall 1.5.3 allows remote attackers to cause a CVE-2002-0602 (Snapgear Lite+ firewall 1.5.4 and 1.5.3 allows remote attackers to ...) NOT-FOR-US: Snapgear CVE-2002-0600 (Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0596 (WebTrends Reporting Center 4.0d allows remote attackers to determine ...) NOT-FOR-US: WebTrends CVE-2002-0595 (Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends ...) NOT-FOR-US: WebTrends CVE-2002-0593 (Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0592 (AOL Instant Messenger (AIM) allows remote attackers to steal files ...) NOT-FOR-US: AOL CVE-2002-0591 (Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 ...) @@ -3979,9 +3979,9 @@ CVE-2002-0589 (PVote before 1.9 allows remote attackers to change the administra CVE-2002-0588 (PVote before 1.9 does not authenticate users for restricted ...) NOT-FOR-US: PVote CVE-2002-0587 (Buffer overflow in Ns_PdLog function for the external database driver ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0586 (Format string vulnerability in Ns_PdLog function for the external ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0585 (Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches ...) NOT-FOR-US: HP-UX CVE-2002-0584 (WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets ...) @@ -4003,7 +4003,7 @@ CVE-2002-0577 (Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local us CVE-2002-0572 (FreeBSD 4.5 and earlier, and possibly other BSD-based operating ...) NOT-FOR-US: FreeBSD CVE-2002-0570 (The encrypted loop device in Linux kernel 2.4.10 and earlier does not ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0568 (Oracle 9i Application Server stores XSQL and SOAP configuration files ...) NOT-FOR-US: Oracle CVE-2002-0566 (PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows ...) @@ -4057,7 +4057,7 @@ CVE-2002-0535 (Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earli CVE-2002-0534 (PostBoard 2.0.1 and earlier with BBcode allows remote attackers to ...) NOT-FOR-US: PostBoard CVE-2002-0533 (phpBB 1.4.4 and earlier with BBcode allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0530 (Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows ...) NOT-FOR-US: Novell CVE-2002-0529 (HP Photosmart printer driver for Mac OS X installs the ...) @@ -4067,9 +4067,9 @@ CVE-2002-0528 (Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP CVE-2002-0527 (Watchguard SOHO firewall before 5.0.35 allows remote attackers to ...) NOT-FOR-US: Watchguard CVE-2002-0526 (Vulnerability in (1) inews or (2) rnews for INN 2.2.3 and earlier, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0525 (Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0524 (ASP-Nuke RC2 and earlier allows remote attackers to determine the ...) NOT-FOR-US: ASP-Nuke CVE-2002-0523 (ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in ...) @@ -4083,13 +4083,13 @@ CVE-2002-0520 (Cross-site scripting vulnerability in functions-inc.asp for ASP-N CVE-2002-0518 (The SYN cache (syncache) and SYN cookie (syncookie) mechanism in ...) NOT-FOR-US: FreeBSD CVE-2002-0517 (Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0515 (IPFilter 3.4.25 and earlier sets a different TTL when a port is being ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0514 (PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the ...) NOT-FOR-US: OpenBSD CVE-2002-0510 (The UDP implementation in Linux 2.4.x kernels keeps the IP ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0509 (Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 ...) NOT-FOR-US: Oracle CVE-2002-0508 (wwwisis 3.45 and earlier allows remote attackers to execute arbitrary ...) @@ -4105,428 +4105,428 @@ CVE-2002-0502 (Citrix NFuse 1.6 may allow remote attackers to list applications CVE-2002-0500 (Internet Explorer 5.0 through 6.0 allows remote attackers to determine ...) NOT-FOR-US: Microsoft CVE-2002-0499 (The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0498 (Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0496 (The HTTP server for SouthWest Talker server 1.0.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0492 (dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0491 (admin.php in AlGuest 1.0 guestbook checks for the existence of the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0489 (Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0487 (Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0486 (Intellisol Xpede 4.1 uses weak encryption to store authentication ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0485 (Norton Anti-Virus (NAV) allows remote attackers to bypass content ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0483 (index.php for PHP-Nuke 5.4 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0482 (Directory traversal vulnerability in PCI Netsupport Manager before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0481 (An interaction between Windows Media Player (WMP) and Outlook 2002 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0480 (ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0479 (Gravity Storm Service Pack Manager 2000 creates a hidden share ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0478 (The default configuration of Foundry Networks EdgeIron 4802F allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0477 (Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0476 (Standalone Macromedia Flash Player 5.0 allows remote attackers to save ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0475 (Cross-site scripting vulnerability in phpBB 1.4.4 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0474 (Cross-site scripting vulnerability in ZeroForum allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0472 (MSN Messenger Service 3.6, and possibly other versions, uses weak ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0471 (PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0470 (PHPNetToolpack 0.1 relies on its environment's PATH to find and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0469 (Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0468 (Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0467 (Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0466 (Hosting Controller 1.4.1 and earlier allows remote attackers to browse ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0465 (Directory traversal vulnerability in filemanager.asp for Hosting ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0461 (Internet Explorer 5.01 through 6 allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-2002-0460 (Bitvise WinSSHD before 2002-03-16 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0459 (Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0458 (Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0457 (Cross-site scripting vulnerability in signgbook.php for BG GuestBook ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0456 (Eudora 5.1 and earlier versions stores attachments in a directory with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0455 (IncrediMail stores attachments in a directory with a fixed name, which ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0453 (The account lockout capability in Oblix NetPoint 5.2 and earlier only ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0452 (Foundry Networks ServerIron switches do not decode URIs when applying ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0450 (Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0449 (Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0448 (Xerver Free Web Server 2.10 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0447 (Directory traversal vulnerability in Xerver Free Web Server 2.10 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0446 (categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0440 (Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0439 (Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0438 (ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0436 (sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0434 (Marcus S. Xenakis directory.php script allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0433 (Pi3Web 2.0.0 allows remote attackers to view restricted files via an ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0432 (Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0430 (MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0428 (Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0427 (Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0426 (VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0422 (IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-2002-0421 (IIS 4.0 allows local users to bypass the "User cannot change password" ...) NOT-FOR-US: Microsoft CVE-2002-0420 (Vulnerability in PureTLS before 0.9b2 related to injection attacks, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0419 (Information leaks in IIS 4 through 5.1 allow remote attackers to ...) NOT-FOR-US: Microsoft CVE-2002-0418 (Directory traversal vulnerability in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0417 (Directory traversal vulnerability in Endymion MailMan before 3.1 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0416 (Buffer overflow in SH39 MailServer 1.21 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0415 (Directory traversal vulnerability in the web server used in RealPlayer ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0413 (Cross-site scripting vulnerability in ReBB allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0411 (Cross-site scripting vulnerability in message.php for AeroMail before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0410 (send_message.php in AeroMail before 1.45 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0409 (orderdetails.aspx, as made available to Microsoft .NET developers as ...) NOT-FOR-US: Microsoft CVE-2002-0408 (htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0407 (htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0405 (Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0399 (Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0393 (Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0390 RESERVED CVE-2002-0388 (Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow ...) {DSA-147} - mailman 2.0.12-1 CVE-2002-0386 (The administration module for Oracle Web Cache in Oracle9iAS (9i ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0385 (Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0383 RESERVED CVE-2002-0378 (The default configuration of LPRng print spooler in Red Hat Linux 7.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0375 (Cross-site scripting vulnerability in sgdynamo.exe for Sgdynamo allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0371 (Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 ...) NOT-FOR-US: Microsoft CVE-2002-0370 (Buffer overflow in the ZIP capability for multiple products allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0365 RESERVED CVE-2002-0361 RESERVED CVE-2002-0360 (Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0354 (The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0353 (The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0352 (Phorum 3.3.2 allows remote attackers to determine the email addresses ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0351 (Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0350 (HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0349 (Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0348 (service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0347 (Directory traversal vulnerability in Cobalt RAQ 4 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0346 (Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0345 (Symantec Ghost 7.0 stores usernames and passwords in plaintext in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0344 (Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0343 (Hotline Client 1.8.5 stores sensitive user information, including ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0342 (Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0341 (GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0340 (Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0338 (The Bat! 1.53d and 1.54beta, and possibly other versions, allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0337 (RealPlayer 8 allows remote attackers to cause a denial of service (CPU ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0336 (Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0335 (Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0334 (xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0333 (Directory traversal vulnerability in xtell (xtelld) 1.91.1 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0332 (Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0331 (Directory traversal vulnerability in the HTTP server for BPM Studio ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0328 (Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0327 (Buffer overflow in Century Software TERM allows local users to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0326 (Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0325 (Directory traversal vulnerability in BadBlue before 1.6.1 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0324 (Greymatter 1.21c and earlier with the Bookmarklet feature enabled ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0323 (comment2.jse in ScriptEase:WebServer allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0322 (Yahoo! Messenger 4.0 sends user passwords in cleartext, which could ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0321 (Yahoo! Messenger 5.0 allows remote attackers to spoof other users by ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0320 (Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0319 (Cross-site scripting vulnerability in edituser.php for pforum 1.14 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0317 (Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0316 (Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0315 (fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0314 (fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0312 (Directory traversal vulnerability in Essentia Web Server 2.1 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0311 (Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0310 (Netwin WebNews 1.1k CGI program includes several default usernames and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0308 (admin.asp in AdMentor 2.11 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0307 (Directory traversal vulnerability in ans.pl in Avenger's News System ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0306 (ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0305 (Zero One Tech (ZOT) P100s print server does not properly disable the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0304 (Lil HTTP Server 2.1 allows remote attackers to read password-protected ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0303 (GroupWise 6, when using LDAP authentication and when Post Office has a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0301 (Citrix NFuse 1.6 allows remote attackers to bypass authentication and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0298 (ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0297 (Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0296 (The installation of Tarantella Enterprise 3 allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0295 (Alcatel OmniPCX 4400 installs files with world-writable permissions, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0294 (Alcatel 4400 installs the /chetc/shutdown command with setgid ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0293 (FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0291 (Dino's Webserver 1.2 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0289 (Buffer overflow in Phusion web server 1.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0288 (Directory traversal vulnerability in Phusion web server 1.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0286 (The GetPassword function in function.php of SiteNews 0.10 and 0.11 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0285 (Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0284 (Winamp 2.78 and 2.77, when opening a wma file that requires a license, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0283 (Windows XP with port 445 open allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0282 (DCP-Portal 3.7 through 4.5 allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0281 (Cross-site scripting vulnerability in DCP-Portal 4.2 and earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0280 (Buffer overflow in CodeBlue 4 and earlier, and possibly other ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0279 (The kernel in HP-UX 11.11 does not properly provide arguments for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0278 (Directory traversal vulnerability in Add2it Mailman Free 1.73 and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0277 (Add2it Mailman Free 1.73 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0273 (Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0272 (Buffer overflows in mpg321 before 0.2.9 allows local and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0271 (Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0270 (Opera, when configured with the "Determine action by MIME type" option ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0269 (Internet Explorer 5.x and 6 interprets an object as an HTML document ...) NOT-FOR-US: Microsoft CVE-2002-0268 (Identix BioLogon 3 allows users with physical access to the system to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0266 (Thunderstone Texis CGI script allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0264 (PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0263 (Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0262 (Directory traversal vulnerability in netget for Sybex E-Trainer web ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0261 (Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0260 (Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0259 (InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0258 (Merak Mail IceWarp Web Mail uses a static identifier as a user session ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0257 (Cross-site scripting vulnerability in auction.pl of MakeBid Auction ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0256 (The telnet port in Arescom NetDSL 1000 router allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0255 (The default configuration of Arescom NetDSL 800 does not require ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0254 (ICQ 2001b Build 3659 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0253 (PHP, when not configured with the "display_errors = Off" setting in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0252 (Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0249 (PHP for Windows, when installed on Apache 2.0.28 beta as a standalone ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0248 (wmtv 0.6.5 and earlier allows local users to modify arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0247 (Buffer overflows in wmtv 0.6.5 and earlier may allow local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0245 (Lotus Domino server 5.0.8 with NoBanner enabled allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0244 (Directory traversal vulnerability in chroot function in AtheOS 0.3.7 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0243 (Cross-site scripting vulnerability in Opera 6.0 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0242 (Cross-site scripting vulnerability in Internet Explorer 6 earlier ...) NOT-FOR-US: Microsoft CVE-2002-0240 (PHP, when installed with Apache and configured to search for index.php ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0239 (Buffer overflow in hanterm 3.3.1 and earlier allows local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0238 (Cross-site scripting vulnerability in web administration interface for ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0236 (Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0235 (Castelle FaxPress, possibly 6.3 and other versions, when configured to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0234 (NetScreen ScreenOS before 2.6.1 does not support a maximum number of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0233 (Directory traversal vulnerability in eshare Expressions 4 Web server ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0232 (Directory traversal vulnerability in Multi Router Traffic Grapher ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0231 (Buffer overflow in mIRC 5.91 and earlier allows a remote server to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0230 (Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0229 (Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0228 (Microsoft MSN Messenger allows remote attackers to use Javascript that ...) NOT-FOR-US: Microsoft CVE-2002-0227 (KICQ 2.0.0b1 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0225 (tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, ...) NOT-FOR-US: Cisco CVE-2002-0224 (The MSDTC (Microsoft Distributed Transaction Service Coordinator) for ...) NOT-FOR-US: Microsoft CVE-2002-0223 (Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0222 (Etype Eserv 2.97 allows remote attackers to to redirect traffic to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0221 (Etype Eserv 2.97 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0220 (phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0219 (Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0218 (Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0217 (Cross-site scripting (CSS) vulnerabilities in the Private Message ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0216 (userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0215 (Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0214 (Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0212 (The login for Hosting Controller 1.1 through 1.4.1 returns different ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0210 (setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0208 (PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0206 (index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0205 (Cross-site scripting (CSS) vulnerability in error.asp for Plumtree ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0204 (Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0203 (ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0202 (PaintBBS 1.2 installs certain files and directories with insecure ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0201 (Cyberstop Web Server for Windows 0.1 allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0200 (Cyberstop Web Server for Windows 0.1 allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0199 (Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0198 (Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0195 RESERVED CVE-2002-0194 @@ -4538,134 +4538,134 @@ CVE-2002-0189 (Cross-site scripting vulnerability in Internet Explorer 6.0 allow CVE-2002-0182 RESERVED CVE-2002-0180 (Buffer overflow in Webalizer 2.01-06, when configured to use reverse ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0177 (Buffer overflows in icecast 1.3.11 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0165 (LogWatch 2.5 allows local users to gain root privileges via a symlink ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0164 (Vulnerability in the MIT-SHM extension of the X server on Linux ...) {DSA-380} - xfree86 4.2.1-11 CVE-2002-0162 (LogWatch before 2.5 allows local users to execute arbitrary code via a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0161 RESERVED CVE-2002-0154 (Buffer overflows in extended stored procedures for Microsoft SQL ...) NOT-FOR-US: Microsoft CVE-2002-0145 (chuid 1.2 and earlier does not properly verify the ownership of files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0144 (Directory traversal vulnerability in chuid 1.2 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0142 (CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0141 (Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0140 (Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0138 (CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0137 (CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0136 (Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages ...) NOT-FOR-US: Microsoft CVE-2002-0135 (Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0134 (Telnet proxy in Avirt Gateway Suite 4.2 does not require ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0133 (Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0132 (Buffer overflow in Chinput 3.0 allows local users to execute arbitrary ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0131 (ActivePython ActiveX control for Python in the AXScript package, when ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0130 (Buffer overflow in efax 0.9 and earlier, when installed setuid root, ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0129 (efax 0.9 and earlier, when installed setuid root, allows local users ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0127 (Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0126 (Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0125 (Buffer overflow in ClanLib library 0.5 may allow local users to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0124 (MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0122 (Siemens 3568i WAP mobile phones allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0119 (Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0118 (Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0116 (Palm OS 3.5h and possibly other versions, as used in Handspring Visor ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0114 (Legato NetWorker 6.1 stores passwords in plaintext in the daemon.log ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0113 (Legato NetWorker 6.1 stores log files in the /nsr/logs/ directory with ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0112 (Etype Eserv 2.97 allows remote attackers to view password protected ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0110 (Nevrona Designs MiraMail 1.04 and earlier stores authentication ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0109 (Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0108 (Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0106 (BEA Systems Weblogic Server 6.1 allows remote attackers to cause a ...) NOT-FOR-US: BEA WebLogic CVE-2002-0105 (CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0104 (AFTPD 5.4.4 allows remote attackers to gain sensitive information via ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0103 (An installer program for Oracle9iAS Web Cache 2.0.0.x creates ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0102 (Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0101 (Microsoft Internet Explorer 6.0 and earlier allows local users to ...) NOT-FOR-US: Microsoft CVE-2002-0100 (AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0099 (Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0093 (Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0091 (Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0089 (Buffer overflow in admintool in Solaris 2.5 through 8 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0088 (Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0087 (bindsock in Lotus Domino 5.07 on Solaris allows local users to create ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0086 (Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0085 (cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0084 (Buffer overflow in the fscache_setup function of cachefsd in Solaris ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0077 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked ...) NOT-FOR-US: Microsoft CVE-2002-0058 (Vulnerability in Java Runtime Environment (JRE) allows remote ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0056 (Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0053 (Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0048 (Multiple signedness errors (mixed signed and unsigned numbers) in the ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0041 (Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0039 (rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0037 (Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0035 RESERVED CVE-2002-0034 (The Microsoft CONVERT.EXE program, when used on Windows 2000 and ...) NOT-FOR-US: Microsoft CVE-2002-0031 (Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0030 (The digital signature mechanism for the Adobe Acrobat PDF viewer only ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0029 (Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 ...) {DSA-196} - bind9 <not-affected> @@ -4677,12 +4677,12 @@ CVE-2002-0016 CVE-2002-0015 RESERVED CVE-2002-0013 (Vulnerabilities in the SNMPv1 request handling of a large number of ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0012 (Vulnerabilities in a large number of SNMP implementations allow ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0010 (Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0008 (Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker CVE-2002-0001 (Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt ...) - TODO: check + NOT-FOR-US: Data pre-dating the Security Tracker |