From 29978a0f74f30949328deb800ea0fda3d675a632 Mon Sep 17 00:00:00 2001 From: Alec Berryman Date: Mon, 22 May 2006 20:59:47 +0000 Subject: NOT-FOR-US git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4052 e39458fd-73e7-0310-bf30-c45bca0a0e42 --- data/CVE/1999.list | 58 +++++++++++++++++++++++++++--------------------------- 1 file changed, 29 insertions(+), 29 deletions(-) (limited to 'data/CVE/1999.list') diff --git a/data/CVE/1999.list b/data/CVE/1999.list index 6f3bd2727c..bfe67e0d48 100644 --- a/data/CVE/1999.list +++ b/data/CVE/1999.list @@ -44,7 +44,7 @@ CVE-1999-1550 (bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attacke CVE-1999-1542 (RPMMail before 1.4 allows remote attackers to execute commands via an ...) TODO: check CVE-1999-1537 (IIS 3.x and 4.x does not distinguish between pages requiring ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-1535 (Buffer overflow in AspUpload.dll in Persits Software AspUpload before ...) TODO: check CVE-1999-1531 (Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a ...) @@ -104,7 +104,7 @@ CVE-1999-1407 (ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allow CVE-1999-1402 (The access permissions for a UNIX domain socket are ignored in Solaris ...) TODO: check CVE-1999-1397 (Index Server 2.0 on IIS 4.0 stores physical path information in the ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-1386 (Perl 5.004_04 and earlier follows symbolic links when running with the ...) TODO: check CVE-1999-1385 (Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local ...) @@ -209,11 +209,11 @@ CVE-1999-1246 (Direct Mailer feature in Microsoft Site Server 3.0 saves user dom CVE-1999-1243 (SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local ...) TODO: check CVE-1999-1233 (IIS 4.0 does not properly restrict access for the initial session ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-1226 (Netscape Communicator 4.7 and earlier allows remote attackers to cause ...) TODO: check CVE-1999-1223 (IIS 3.0 allows remote attackers to cause a denial of service via a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-1222 (Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to ...) TODO: check CVE-1999-1217 (The PATH in Windows NT includes the current working directory (.), ...) @@ -275,7 +275,7 @@ CVE-1999-1157 (Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to CVE-1999-1156 (BisonWare FTP Server 4.1 and earlier allows remote attackers to cause ...) TODO: check CVE-1999-1148 (FTP service in IIS 4.0 and earlier allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-1147 (Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows ...) TODO: check CVE-1999-1146 (Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x ...) @@ -371,7 +371,7 @@ CVE-1999-1044 (Vulnerability in Advanced File System Utility (advfs) in Digital CVE-1999-1037 (rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary ...) TODO: check CVE-1999-1035 (IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-1034 (Vulnerability in login in AT&T System V Release 4 allows local users ...) TODO: check CVE-1999-1032 (Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 ...) @@ -610,7 +610,7 @@ CVE-1999-0876 (Buffer overflow in Internet Explorer 4.0 via EMBED tag. ...) CVE-1999-0875 (DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow ...) TODO: check CVE-1999-0874 (Buffer overflow in IIS 4.0 allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0873 (Buffer overflow in Skyfull mail server via MAIL FROM command. ...) TODO: check CVE-1999-0871 (Internet Explorer 4.0 and 4.01 allow a remote attacker to read files ...) @@ -622,7 +622,7 @@ CVE-1999-0869 (Internet Explorer 3.x to 4.01 allows a remote attacker to insert CVE-1999-0868 (ucbmail allows remote attackers to execute commands via shell ...) TODO: check CVE-1999-0867 (Denial of service in IIS 4.0 via a flood of HTTP requests with ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0866 (Buffer overflow in UnixWare xauto program allows local users to gain ...) TODO: check CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP ...) @@ -630,7 +630,7 @@ CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP . CVE-1999-0864 (UnixWare programs that dump core allow a local user to ...) TODO: check CVE-1999-0861 (Race condition in the SSL ISAPI filter in IIS and other servers may ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0859 (Solaris arp allows local users to read files via the -f parameter, ...) TODO: check CVE-1999-0858 (Internet Explorer 5 allows a remote attacker to modify the IE client's ...) @@ -746,7 +746,7 @@ CVE-1999-0779 (Denial of service in HP-UX SharedX recserv program. ...) CVE-1999-0778 (Buffer overflow in Xi Graphics Accelerated-X server allows local ...) TODO: check CVE-1999-0777 (IIS FTP servers may allow a remote attacker to read or delete files on ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0775 (Cisco Gigabit Switch routers running IOS allow remote attackers to ...) NOT-FOR-US: Cisco CVE-1999-0774 (Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via ...) @@ -830,7 +830,7 @@ CVE-1999-0727 (A kernel leak in the OpenBSD kernel allows IPsec packets to be se CVE-1999-0726 (An attacker can conduct a denial of service in Windows NT by executing ...) TODO: check CVE-1999-0725 (When IIS is run with a default language of Chinese, Korean, or ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0724 (Buffer overflow in OpenBSD procfs and fdescfs file systems via ...) TODO: check CVE-1999-0723 (The Windows NT Client Server Runtime Subsystem (CSRSS) can be ...) @@ -999,9 +999,9 @@ CVE-1999-0458 (L0phtcrack 2.5 used temporary files in the system TEMP directory CVE-1999-0457 (Linux ftpwatch program allows local users to gain root privileges. ...) TODO: check CVE-1999-0449 (Denial of service in IIS 4 with scripts from the ExAir sample site. ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0448 (IIS 4.0 and Apache log HTTP request methods, regardless of how long ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0447 (Local users can gain privileges using the debug utility in the MPE/iX ...) TODO: check CVE-1999-0446 (Local users can perform a denial of service in NetBSD 1.3.3 and ...) @@ -1055,7 +1055,7 @@ CVE-1999-0414 (In Linux before version 2.0.36, remote attackers can spoof a TCP CVE-1999-0413 (A buffer overflow in the SGI X server allows local users to gain root ...) TODO: check CVE-1999-0412 (In IIS and other web servers, an attacker can attack commands as ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0410 (The cancel command in Solaris 2.6 (i386) has a buffer overflow that ...) TODO: check CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local users to ...) @@ -1063,7 +1063,7 @@ CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local user CVE-1999-0408 (Files created from interactive shell sessions in Cobalt RaQ ...) TODO: check CVE-1999-0407 (By default, IIS 4.0 has a virtual directory /IISADMPWD which contains ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0405 (A buffer overflow in lsof allows local users to obtain root ...) TODO: check CVE-1999-0404 (Buffer overflow in the Mail-Max SMTP server for Windows systems allows ...) @@ -1145,9 +1145,9 @@ CVE-1999-0351 (FTP PASV "Pizza Thief" denial of service and unauthoriz CVE-1999-0350 (Race condition in the db_loader program in ClearCase gives local ...) TODO: check CVE-1999-0349 (A buffer overflow in the FTP list (ls) command in IIS allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0348 (IIS ASP caching problem releases sensitive information when two ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0346 (CGI PHP mlog script allows an attacker to read any file on the target ...) TODO: check CVE-1999-0344 (NT users can gain debug-level access on a system process using the ...) @@ -1247,13 +1247,13 @@ CVE-1999-0289 (The Apache web server for Win32 may provide access to restricted CVE-1999-0288 (Denial of service in WINS with malformed data to port 137 (NETBIOS ...) TODO: check CVE-1999-0281 (Denial of service in IIS using long URLs. ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0280 (Remote command execution in Microsoft Internet Explorer using .lnk and ...) NOT-FOR-US: Microsoft CVE-1999-0279 (Excite for Web Servers (EWS) allows remote command execution via ...) TODO: check CVE-1999-0278 (In IIS, remote attackers can obtain source code for ASP files by appending ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0277 (The WorkMan program can be used to overwrite any file to get root access. ...) TODO: check CVE-1999-0276 (mSQL v2.0.1 and below allows remote execution through a buffer overflow. ...) @@ -1311,7 +1311,7 @@ CVE-1999-0236 (ScriptAlias directory in NCSA and Apache httpd allowed attackers CVE-1999-0234 (Bash treats any character with a value of 255 as a command separator. ...) TODO: check CVE-1999-0233 (IIS allows users to execute arbitrary commands using .bat or .cmd ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0230 (Buffer overflow in Cisco 7xx routers through the telnet service. ...) NOT-FOR-US: Cisco CVE-1999-0228 (Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. ...) @@ -1365,7 +1365,7 @@ CVE-1999-0194 (Denial of service in in.comsat allows attackers to generate messa CVE-1999-0192 (Buffer overflow in telnet daemon tgetent routing allows remote ...) TODO: check CVE-1999-0191 (IIS newdsn.exe CGI script allows remote users to overwrite files. ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0190 (Solaris rpcbind can be exploited to overwrite arbitrary files and gain ...) TODO: check CVE-1999-0189 (Solaris rpcbind listens on a high numbered UDP port, which may not be ...) @@ -1738,7 +1738,7 @@ CVE-1999-1540 (shell-lock in Cactus Software Shell Lock uses weak encryption (tr CVE-1999-1539 (Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions ...) TODO: check CVE-1999-1538 (When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-1536 (.sbstart startup script in AcuShop Salesbuilder is world writable, ...) TODO: check CVE-1999-1534 (Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia ...) @@ -1872,7 +1872,7 @@ CVE-1999-1454 (Macromedia "The Matrix" screen saver on Windows 95 with CVE-1999-1453 (Internet Explorer 4 allows remote attackers (malicious web site ...) NOT-FOR-US: Microsoft CVE-1999-1451 (The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-1450 (Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX ...) TODO: check CVE-1999-1449 (SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial ...) @@ -1988,7 +1988,7 @@ CVE-1999-1378 (dbmlparser.exe CGI guestbook program does not perform a chroot .. CVE-1999-1377 (Matt Wright's download.cgi 1.0 allows remote attackers to read ...) TODO: check CVE-1999-1376 (Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-1375 (FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) ...) TODO: check CVE-1999-1374 (perlshop.cgi shopping cart program stores sensitive customer ...) @@ -2572,13 +2572,13 @@ CVE-1999-0748 (Buffer overflows in Red Hat net-tools package. ...) CVE-1999-0741 (QMS CrownNet Unix Utilities for 2060 allows root to log on without a ...) TODO: check CVE-1999-0739 (The codebrws.asp sample file in IIS and Site Server allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0738 (The code.asp sample file in IIS and Site Server allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0737 (The viewcode.asp sample file in IIS and Site Server allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0736 (The showcode.asp sample file in IIS and Site Server allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0712 (A vulnerability in Caldera Open Administration System (COAS) allows ...) TODO: check CVE-1999-0698 (Denial of service in IP protocol logger (ippl) on Red Hat and Debian ...) @@ -2784,7 +2784,7 @@ CVE-1999-0564 (An attacker can force a printer to print arbitrary documents (e.g CVE-1999-0562 (The registry in Windows NT can be accessed remotely by users who are ...) TODO: check CVE-1999-0561 (IIS has the #exec function enabled for Server Side Include (SSI) files. ...) - TODO: check + NOT-FOR-US: Microsoft CVE-1999-0560 (A system-critical Windows NT file or directory has inappropriate ...) TODO: check CVE-1999-0559 (A system-critical Unix file or directory has inappropriate ...) -- cgit v1.2.3