From 6b57371d4b01374b4326232286887e67b0c9c43e Mon Sep 17 00:00:00 2001 From: Alec Berryman Date: Mon, 22 May 2006 20:47:05 +0000 Subject: NOT-FOR-US git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4049 e39458fd-73e7-0310-bf30-c45bca0a0e42 --- data/CVE/2001.list | 212 ++++++++++++++++++++++++++--------------------------- 1 file changed, 106 insertions(+), 106 deletions(-) (limited to 'data/CVE/2001.list') diff --git a/data/CVE/2001.list b/data/CVE/2001.list index 315ed18a85..f566037b1e 100644 --- a/data/CVE/2001.list +++ b/data/CVE/2001.list @@ -400,7 +400,7 @@ CVE-2001-1350 (Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 CVE-2001-1349 (Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local ...) TODO: check CVE-2001-1347 (Windows 2000 allows local users to cause a denial of service and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1345 (bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied ...) TODO: check CVE-2001-1342 (Apache before 1.3.20 on Windows and OS/2 systems allows remote ...) @@ -416,7 +416,7 @@ CVE-2001-1322 (xinetd 2.1.8 and earlier runs with a default umask of 0, which co CVE-2001-1303 (The default configuration of SecuRemote for Check Point Firewall-1 ...) TODO: check CVE-2001-1302 (The change password option in the Windows Security interface for ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1301 (rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions ...) TODO: check CVE-2001-1299 (Zorbat Zorbstats PHP script before 0.9 allows remote attackers to ...) @@ -468,13 +468,13 @@ CVE-2001-1203 (Format string vulnerability in gpm-root in gpm 1.17.8 through 1.1 CVE-2001-1201 (Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users ...) TODO: check CVE-2001-1200 (Microsoft Windows XP allows local users to bypass a locked screen and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1199 (Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through ...) TODO: check CVE-2001-1193 (Directory traversal vulnerability in EFTP 2.0.8.346 allows local users ...) TODO: check CVE-2001-1186 (Microsoft IIS 5.0 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1185 (Some AIO operations in FreeBSD 4.4 may be delayed until after a call ...) TODO: check CVE-2001-1183 (PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers ...) @@ -542,7 +542,7 @@ CVE-2001-1103 (FTP Voyager ActiveX control before 8.0, when it is marked as safe CVE-2001-1100 (sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, ...) TODO: check CVE-2001-1099 (The default configuration of Norton AntiVirus for Microsoft Exchange ...) - TODO: check + NOT-FOR-US: Norton CVE-2001-1098 (Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in ...) TODO: check CVE-2001-1096 (Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a ...) @@ -552,7 +552,7 @@ CVE-2001-1095 (Buffer overflow in uuq in AIX 4 could alllow local users to execu CVE-2001-1089 (libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to ...) TODO: check CVE-2001-1088 (Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1085 (Lmail 2.7 and earlier allows local users to overwrite arbitrary files ...) TODO: check CVE-2001-1084 (Cross-site scripting vulnerability in Allaire JRun 3.1 and earlier ...) @@ -588,7 +588,7 @@ CVE-2001-1059 (VMWare creates a temporary file vmware-log.USERNAME with insecure CVE-2001-1056 (IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows ...) TODO: check CVE-2001-1055 (The Microsoft Windows network stack allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1054 (PHPAdsNew PHP script allows remote attackers to include arbitrary ...) TODO: check CVE-2001-1053 (AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to ...) @@ -672,7 +672,7 @@ CVE-2001-0959 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7 CVE-2001-0954 (Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows ...) TODO: check CVE-2001-0951 (Windows 2000 allows remote attackers to cause a denial of service (CPU ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0946 (apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create ...) TODO: check CVE-2001-0940 (Buffer overflow in the GUI authentication code of Check Point ...) @@ -696,7 +696,7 @@ CVE-2001-0914 (Linux kernel before 2.4.11pre3 in multiple Linux distributions al CVE-2001-0912 (Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect ...) TODO: check CVE-2001-0909 (Buffer overflow in helpctr.exe program in Microsoft Help Center for ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0907 (Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows ...) TODO: check CVE-2001-0906 (teTeX filter before 1.0.7 allows local users to gain privileges via a ...) @@ -704,7 +704,7 @@ CVE-2001-0906 (teTeX filter before 1.0.7 allows local users to gain privileges v CVE-2001-0905 (Race condition in signal handling of procmail 3.20 and earlier, when ...) TODO: check CVE-2001-0902 (Microsoft IIS 5.0 allows remote attackers to spoof web log entries via ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0901 (Hypermail allows remote attackers to execute arbitrary commands on a ...) TODO: check CVE-2001-0900 (Directory traversal vulnerability in modules.php in Gallery before ...) @@ -732,13 +732,13 @@ CVE-2001-0884 (Cross-site scripting vulnerability in Mailman email archiver befo CVE-2001-0879 (Format string vulnerability in the C runtime functions in SQL Server ...) TODO: check CVE-2001-0877 (Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0876 (Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0875 (Internet Explorer 5.5 and 6.0 allows remote attackers to cause the ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0874 (Internet Explorer 5.5 and 6.0 allow remote attackers to read certain ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0873 (uuxqt in Taylor UUCP package does not properly remove dangerous long ...) TODO: check CVE-2001-0872 (OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly ...) @@ -760,7 +760,7 @@ CVE-2001-0862 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does n CVE-2001-0861 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier ...) TODO: check CVE-2001-0860 (Terminal Services Manager MMC in Windows 2000 and XP trusts the Client ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0859 (2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets ...) TODO: check CVE-2001-0857 (Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 ...) @@ -870,21 +870,21 @@ CVE-2001-0730 (split-logfile in Apache 1.3.20 allows remote attackers to overwri CVE-2001-0728 (Buffer overflow in Compaq Management Agents before 5.2, included in ...) TODO: check CVE-2001-0727 (Internet Explorer 6.0 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0726 (Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0724 (Internet Explorer 5.5 allows remote attackers to bypass security ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0723 (Internet Explorer 5.5 and 6.0 allows remote attackers to read and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0722 (Internet Explorer 5.5 and 6.0 allows remote attackers to read and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0720 (Internet Explorer 5.1 for Macintosh on Mac OS X allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0719 (Buffer overflow in Microsoft Windows Media Player 6.4 allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0718 (Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0717 (Format string vulnerability in ToolTalk database server ...) TODO: check CVE-2001-0716 (Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service ...) @@ -922,29 +922,29 @@ CVE-2001-0677 (Eudora 5.0.2 allows a remote attacker to read arbitrary files via CVE-2001-0676 (Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f ...) TODO: check CVE-2001-0675 (Rit Research Labs The Bat! 1.51 for Windows allows a remote attacker ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0670 (Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various ...) TODO: check CVE-2001-0668 (Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 ...) TODO: check CVE-2001-0667 (Internet Explorer 6 and earlier, when used with the Telnet client in ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0666 (Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0665 (Internet Explorer 6 and earlier allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0664 (Internet Explorer 5.5 and 5.01 allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0663 (Terminal Server in Windows NT and Windows 2000 allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0662 (RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0660 (Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0659 (Buffer overflow in IrDA driver providing infrared data exchange on ...) TODO: check CVE-2001-0658 (Cross-site scripting (CSS) vulnerability in Microsoft Internet ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0653 (Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to ...) TODO: check CVE-2001-0652 (Heap overflow in xlock in Solaris 2.6 through 8 allows local users to ...) @@ -958,7 +958,7 @@ CVE-2001-0646 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote att CVE-2001-0644 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in ...) TODO: check CVE-2001-0643 (A type-check flaw in Internet Explorer 5.5 does not display the Class ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0641 (Buffer overflow in man program in various distributions of Linux ...) TODO: check CVE-2001-0635 (Red Hat Linux 7.1 sets insecure permissions on swap files created ...) @@ -972,7 +972,7 @@ CVE-2001-0630 (Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allo CVE-2001-0629 (HP Event Correlation Service (ecsd) as included with OpenView Network Node ...) TODO: check CVE-2001-0628 (Microsoft Word 2000 does not check AutoRecovery (.asd) files for ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0627 (vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker ...) TODO: check CVE-2001-0626 (O'Reilly Website Professional 2.5.4 and earlier allows remote ...) @@ -1040,21 +1040,21 @@ CVE-2001-0549 (Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a CVE-2001-0548 (Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to ...) TODO: check CVE-2001-0547 (Memory leak in the proxy service in Microsoft Internet Security and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0546 (Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0545 (IIS 4.0 with URL redirection enabled allows remote attackers to cause ...) TODO: check CVE-2001-0544 (IIS 5.0 allows local users to cause a denial of service (hang) via by ...) TODO: check CVE-2001-0543 (Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0541 (Buffer overflow in Microsoft Windows Media Player 7.1 and earlier ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0540 (Memory leak in Terminal servers in Windows NT and Windows 2000 allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0538 (Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0537 (HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass ...) TODO: check CVE-2001-0533 (Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows ...) @@ -1088,13 +1088,13 @@ CVE-2001-0507 (IIS 5.0 uses relative paths to find system files that will run .. CVE-2001-0506 (Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to ...) TODO: check CVE-2001-0504 (Vulnerability in authentication process for SMTP service in Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0503 (Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0502 (Running Windows 2000 LDAP Server over SSL, a function does not ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0501 (Microsoft Word 2002 and earlier allows attackers to automatically ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0500 (Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and ...) TODO: check CVE-2001-0497 (dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 ...) @@ -1204,7 +1204,7 @@ CVE-2001-0377 (Infradig Inframail prior to 3.98a allows a remote attacker to cre CVE-2001-0375 (Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa ...) TODO: check CVE-2001-0373 (The default configuration of the Dr. Watson program in Windows NT and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0371 (Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and ...) TODO: check CVE-2001-0368 (Directory traversal vulnerability in BearShare 2.2.2 and earlier ...) @@ -1220,27 +1220,27 @@ CVE-2001-0361 (Implementations of SSH version 1.5, including (1) OpenSSH up to . CVE-2001-0353 (Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and ...) TODO: check CVE-2001-0351 (Microsoft Windows 2000 telnet service allows a local user to make a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0348 (Microsoft Windows 2000 telnet service allows attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0347 (Information disclosure vulnerability in Microsoft Windows 2000 telnet ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0346 (Handle leak in Microsoft Windows 2000 telnet service allows attackers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0345 (Microsoft Windows 2000 telnet service allows attackers to prevent idle ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0344 (An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0341 (Buffer overflow in Microsoft Visual Studio RAD Support sub-component ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0340 (An interaction between the Outlook Web Access (OWA) service in ...) TODO: check CVE-2001-0339 (Internet Explorer 5.5 and earlier allows remote attackers to display a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0338 (Internet Explorer 5.5 and earlier does not properly validate digital ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0336 (The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0335 (FTP service in IIS 5.0 and earlier allows remote attackers to ...) TODO: check CVE-2001-0334 (FTP service in IIS 5.0 and earlier allows remote attackers to cause a ...) @@ -1314,21 +1314,21 @@ CVE-2001-0259 (ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local CVE-2001-0252 (iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote ...) TODO: check CVE-2001-0245 (Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0244 (Buffer overflow in Microsoft Index Server 2.0 allows remote attackers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0243 (Windows Media Player 7 and earlier stores Internet shortcuts in a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0241 (Buffer overflow in Internet Printing ISAPI extension in Windows 2000 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0240 (Microsoft Word before Word 2002 allows attackers to automatically ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0239 (Microsoft Internet Security and Acceleration (ISA) Server 2000 Web ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0238 (Microsoft Data Access Component Internet Publishing Provider ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0237 (Memory leak in Microsoft 2000 domain controller allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0236 (Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows ...) TODO: check CVE-2001-0235 (Vulnerability in crontab allows local users to read crontab files of ...) @@ -1406,7 +1406,7 @@ CVE-2001-0156 (VShell SSH gateway 1.0.1 and earlier has a default port forwardin CVE-2001-0155 (Format string vulnerability in VShell SSH gateway 1.0.1 and earlier ...) TODO: check CVE-2001-0154 (HTML e-mail feature in Internet Explorer 5.5 and earlier allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0153 (Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual ...) TODO: check CVE-2001-0152 (The password protection option for the Compressed Folders feature in ...) @@ -1414,13 +1414,13 @@ CVE-2001-0152 (The password protection option for the Compressed Folders feature CVE-2001-0151 (IIS 5.0 allows remote attackers to cause a denial of service via a ...) TODO: check CVE-2001-0150 (Internet Explorer 5.5 and earlier executes Telnet sessions using ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0149 (Windows Scripting Host in Internet Explorer 5.5 and earlier allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0148 (The WMP ActiveX Control in Windows Media Player 7 allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0147 (Buffer overflow in Windows 2000 event viewer snap-in allows attackers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0144 (CORE SDI SSH1 CRC-32 compensation attack detector allows remote ...) TODO: check CVE-2001-0143 (vpop3d program in linuxconf 1.23r and earlier allows local users to ...) @@ -1436,7 +1436,7 @@ CVE-2001-0139 (inn 2.2.3 allows local users to overwrite arbitrary files via a . CVE-2001-0138 (privatepw program in wu-ftpd before 2.6.1-6 allows local users to ...) TODO: check CVE-2001-0137 (Windows Media Player 7 allows remote attackers to execute malicious ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0136 (Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a ...) TODO: check CVE-2001-0130 (Buffer overflow in HTML parser of the Lotus R5 Domino Server before ...) @@ -1492,17 +1492,17 @@ CVE-2001-0095 (catman in Solaris 2.7 and 2.8 allows local users to overwrite ... CVE-2001-0094 (Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 ...) TODO: check CVE-2001-0092 (A function in Internet Explorer 5.0 through 5.5 does not properly ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0091 (The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0090 (The Print Templates feature in Internet Explorer 5.5 executes ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0089 (Internet Explorer 5.0 through 5.5 allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0085 (Buffer overflow in Kermit communications software in HP-UX 11.0 and ...) TODO: check CVE-2001-0083 (Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0081 (swinit in nCipher does not properly disable the Operator Card Set ...) TODO: check CVE-2001-0080 (Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to ...) @@ -1570,15 +1570,15 @@ CVE-2001-0021 (MailMan Webmail 3.0.25 and earlier allows remote attackers to exe CVE-2001-0020 (Directory traversal vulnerability in Arrowpoint (aka Cisco Content ...) TODO: check CVE-2001-0018 (Windows 2000 domain controller in Windows 2000 Server, Advanced ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0017 (Memory leak in PPTP server in Windows NT 4.0 allows remote attackers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0016 (NTLM Security Support Provider (NTLMSSP) service does not properly ...) TODO: check CVE-2001-0015 (Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0014 (Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0013 (Format string vulnerability in nslookupComplain function in BIND 4 ...) TODO: check CVE-2001-0012 (BIND 4 and BIND 8 allow remote attackers to access sensitive ...) @@ -1594,15 +1594,15 @@ CVE-2001-0008 (Backdoor account in Interbase database server allows remote attac CVE-2001-0007 (Buffer overflow in NetScreen Firewall WebUI allows remote attackers to ...) TODO: check CVE-2001-0006 (The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0005 (Buffer overflow in the parsing mechanism of the file loader in ...) TODO: check CVE-2001-0004 (IIS 5.0 and 4.0 allows remote attackers to read the source code for ...) TODO: check CVE-2001-0003 (Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0002 (Internet Explorer 5.5 and earlier allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0001 (cookiedecode function in PHP-Nuke 4.4 allows users to bypass ...) TODO: check CVE-2001-1413 (Stack-based buffer overflow in the comprexx function for ncompress ...) @@ -1616,7 +1616,7 @@ CVE-2001-1412 (nidump on MacOS X before 10.3 allows local users to read the encr CVE-2001-1411 (Format string vulnerability in gm4 (aka m4) on Mac OS X may allow ...) TODO: check CVE-2001-1410 (Internet Explorer 6 and earlier allows remote attackers to create ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1409 (dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with ...) TODO: check CVE-2001-1408 (Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in ...) @@ -1728,7 +1728,7 @@ CVE-2001-1329 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to ga CVE-2001-1326 (Eudora 5.1 allows remote attackers to execute arbitrary code when the ...) TODO: check CVE-2001-1325 (Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1324 (cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not ...) TODO: check CVE-2001-1323 (Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows ...) @@ -1738,7 +1738,7 @@ CVE-2001-1321 (Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote CVE-2001-1320 (Network Associates PGP Keyserver 7.0 allows remote attackers to cause ...) TODO: check CVE-2001-1319 (Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1318 (Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote ...) TODO: check CVE-2001-1317 (Teamware Office Enterprise Directory allows remote attackers to cause ...) @@ -1856,7 +1856,7 @@ CVE-2001-1245 (Opera 5.0 for Linux does not properly handle malformed HTTP heade CVE-2001-1244 (Multiple TCP implementations could allow remote attackers to cause a ...) TODO: check CVE-2001-1243 (Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1242 (Directory traversal vulnerability in Un-CGI 1.9 and earlier allows ...) TODO: check CVE-2001-1241 (Un-CGI 1.9 and earlier does not verify that a CGI script has the ...) @@ -1890,9 +1890,9 @@ CVE-2001-1221 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point CVE-2001-1220 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point ...) TODO: check CVE-2001-1219 (Microsoft Internet Explorer 6.0 and earlier allows malicious website ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1218 (Microsoft Internet Explorer for Unix 5.0SP1 allows local users to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-1217 (Directory traversal vulnerability in PL/SQL Apache module in Oracle ...) TODO: check CVE-2001-1216 (Buffer overflow in PL/SQL Apache module in Oracle 9i Application ...) @@ -2173,7 +2173,7 @@ CVE-2001-0989 (Buffer overflows in Pileup before 1.2 allows local users to gain CVE-2001-0988 (Arkeia backup server 4.2.8-2 and earlier creates its database files ...) TODO: check CVE-2001-0986 (SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0985 (shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote ...) TODO: check CVE-2001-0984 (Password Safe 1.7(1) leaves cleartext passwords in memory when a user ...) @@ -2262,7 +2262,7 @@ CVE-2001-0923 (RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to . CVE-2001-0922 (ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier ...) TODO: check CVE-2001-0919 (Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0916 (Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier ...) TODO: check CVE-2001-0915 (Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 ...) @@ -2276,7 +2276,7 @@ CVE-2001-0910 (Legato Networker before 6.1 allows remote attackers to bypass acc CVE-2001-0908 (CITRIX Metaframe 1.8 logs the Client Address (IP address) that is ...) TODO: check CVE-2001-0904 (Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0903 (Linear key exchange process in High-bandwidth Digital Content ...) TODO: check CVE-2001-0898 (Opera 6.0 and earlier allows remote attackers to access sensitive ...) @@ -2374,7 +2374,7 @@ CVE-2001-0809 (Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in CVE-2001-0808 (gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers ...) TODO: check CVE-2001-0807 (Internet Explorer 5.0, and possibly other versions, may allow remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0802 RESERVED CVE-2001-0800 (lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute ...) @@ -2473,11 +2473,11 @@ CVE-2001-0714 (Sendmail before 8.12.1, without the RestrictQueueRun option enabl CVE-2001-0713 (Sendmail before 8.12.1 does not properly drop privileges when the -C ...) TODO: check CVE-2001-0712 (The rendering engine in Internet Explorer determines the MIME type ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0711 (Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a ...) TODO: check CVE-2001-0709 (Microsoft IIS 4.0 and before, when installed on a FAT partition, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0708 (Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a ...) TODO: check CVE-2001-0707 (Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a ...) @@ -2643,7 +2643,7 @@ CVE-2001-0552 (ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivol CVE-2001-0551 (Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users ...) TODO: check CVE-2001-0542 (Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0539 RESERVED CVE-2001-0535 (Example applications (Exampleapps) in ColdFusion Server 4.x do not ...) @@ -2669,9 +2669,9 @@ CVE-2001-0516 (Oracle listener between Oracle 9i and Oracle 8.0 allows remote .. CVE-2001-0515 (Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause ...) TODO: check CVE-2001-0509 (Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0505 (Multiple memory leaks in Microsoft Services for Unix 2.0 allow remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0499 (Buffer overflow in Transparent Network Substrate (TNS) Listener in ...) TODO: check CVE-2001-0498 (Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i ...) @@ -2839,17 +2839,17 @@ CVE-2001-0354 (TheNet CheckBO 1.56 allows remote attackers to cause a denial of CVE-2001-0352 (SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point ...) TODO: check CVE-2001-0350 (Microsoft Windows 2000 telnet service creates named pipes with ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0349 (Microsoft Windows 2000 telnet service creates named pipes with ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0343 RESERVED CVE-2001-0342 RESERVED CVE-2001-0337 (The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0332 (Internet Explorer 5.5 and earlier does not properly verify the domain ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0329 (Bugzilla 2.10 allows remote attackers to execute arbitrary commands ...) TODO: check CVE-2001-0328 (TCP implementations that use random increments for initial sequence ...) @@ -2861,7 +2861,7 @@ CVE-2001-0324 (Windows 98 and Windows 2000 Java clients allow remote attackers t CVE-2001-0323 (The ICMP path MTU (PMTU) discovery feature in various UNIX systems ...) TODO: check CVE-2001-0322 (MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0320 (bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote ...) TODO: check CVE-2001-0315 (The locking feature in mIRC 5.7 allows local users to bypass the ...) @@ -2931,7 +2931,7 @@ CVE-2001-0263 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers CVE-2001-0262 (Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers ...) TODO: check CVE-2001-0261 (Microsoft Windows 2000 Encrypted File System does not properly destroy ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0258 (The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server ...) TODO: check CVE-2001-0257 (Buffer overflow in Easycom/Safecom Print Server Web service, version ...) @@ -2955,9 +2955,9 @@ CVE-2001-0248 (Buffer overflow in FTP server in HPUX 11 allows remote attackers CVE-2001-0247 (Buffer overflows in BSD-based FTP servers allows remote attackers to ...) TODO: check CVE-2001-0246 (Internet Explorer 5.5 and earlier does not properly verify the domain ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0242 (Buffer overflows in Microsoft Windows Media Player 7 and earlier allow ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0232 (newsdesk.cgi in News Desk 1.2 allows remote attackers to read ...) TODO: check CVE-2001-0231 (Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 allows ...) @@ -3047,7 +3047,7 @@ CVE-2001-0159 CVE-2001-0158 RESERVED CVE-2001-0146 (IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0145 (Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook ...) TODO: check CVE-2001-0135 (The default installation of Ultraboard 2000 2.11 creates the Skins, ...) @@ -3123,7 +3123,7 @@ CVE-2001-0051 (IBM DB2 Universal Database version 6.1 creates an account with a CVE-2001-0049 (WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to ...) TODO: check CVE-2001-0048 (The "Configure Your Server" tool in Microsoft 2000 domain controllers ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2001-0047 (The default permissions for the MTS Package Administration registry ...) TODO: check CVE-2001-0046 (The default permissions for the SNMP Parameters registry key in ...) -- cgit v1.2.3