[Secure-testing-commits] r4043 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Mon May 22 13:53:15 UTC 2006
Author: alec-guest
Date: 2006-05-22 13:53:11 +0000 (Mon, 22 May 2006)
New Revision: 4043
Modified:
data/CVE/list
Log:
NOT-FOR-US
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-22 11:09:21 UTC (rev 4042)
+++ data/CVE/list 2006-05-22 13:53:11 UTC (rev 4043)
@@ -894,9 +894,9 @@
CVE-2006-2072 (Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and ...)
NOT-FOR-US: DeleGate
CVE-2005-4793 (Multiple unspecified vulnerabilities in the web utility function in ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State ...)
- TODO: check
+ NOT-FOR-US: phpWebSite
CVE-2004-2659 (Opera offers an Open button to verify that a user wishes to execute a ...)
NOT-FOR-US: Opera
CVE-2006-2071 (Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass ...)
@@ -1018,7 +1018,7 @@
CVE-2005-4791 (Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 ...)
TODO: check
CVE-2005-4790 (Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and ...)
- TODO: check
+ NOT-FOR-US: SUSE-specific
CVE-2005-4789 (resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, ...)
TODO: check
CVE-2005-4788 (resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, ...)
@@ -5934,7 +5934,7 @@
CVE-2006-0060
RESERVED
CVE-2006-0059 (Heap-based buffer overflow in the ISO Transport Service over TCP (RFC ...)
- TODO: check
+ NOT-FOR-US: LiveData
CVE-2006-0058 (Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows ...)
{DSA-1015-1}
- sendmail 8.13.6-1 (bug #358440; high)
@@ -7478,7 +7478,7 @@
{DSA-943-1}
- perl 5.8.7-9 (bug #341542; medium)
CVE-2006-0034 (Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-0033
RESERVED
CVE-2006-0032
@@ -10377,9 +10377,9 @@
CVE-2005-3059 (Multiple unspecified vulnerabilities in Opera 8.50 on Linux and ...)
NOT-FOR-US: Opera
CVE-2005-3058 (Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS ...)
- TODO: check
+ NOT-FOR-US: FortiGate
CVE-2005-3057 (Unspecified vulnerability in the FTP component in FortiGate 2.8, ...)
- TODO: check
+ NOT-FOR-US: FortiGate
CVE-2005-3056 [TWiki INCLUDE function allows arbitrary shell command execution ]
RESERVED
- twiki 20040902-2 (bug #330733; high)
@@ -10682,7 +10682,7 @@
CVE-2005-2935 (Unquoted Windows search path vulnerability in Microsoft AntiSpyware ...)
NOT-FOR-US: Microsoft AntiSpyware
CVE-2005-2934 (Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 ...)
- TODO: check
+ NOT-FOR-US: SCO
CVE-2005-2933 (Buffer overflow in the mail_valid_net_parse_work function in mail.c ...)
{DSA-861-1}
- uw-imap 7:2002edebian1-12 (medium; bug #332215)
@@ -16118,7 +16118,7 @@
CVE-2005-1529
RESERVED
CVE-2005-1528 (Untrusted search path vulnerability in the crttrap command in QNX ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2005-1527 (Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, ...)
{DSA-892-1}
- awstats 6.4-1.1 (bug #322591; bug #334833; bug #336137; medium)
@@ -21627,7 +21627,7 @@
CVE-2005-0037 (The DNS implementation of DNRD before 2.10 allows remote attackers to ...)
TODO: check
CVE-2005-0036 (The DNS implementation in DeleGate 8.10.2 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: DeleGate
CVE-2005-0035 (The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and ...)
NOT-FOR-US: Adobe
CVE-2005-0034 (An "incorrect assumption" in the authvalidated validator function in ...)
@@ -29594,75 +29594,75 @@
CVE-2002-0638 (setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 ...)
TODO: check
CVE-2002-0631 (Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 ...)
- TODO: check
+ NOT-FOR-US: SGI
CVE-2002-0630 (The Telnet service for Polycom ViewStation before 7.2.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: Polycom
CVE-2002-0627 (The Web server for Polycom ViewStation before 7.2.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: Polycom
CVE-2002-0623 (Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0622 (The Office Web Components (OWC) package installer for Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0621 (Buffer overflow in the Office Web Components (OWC) package installer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0619 (The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0618 (The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0617 (The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0616 (The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0615 (The Windows Media Active Playlist in Microsoft Windows Media Player ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0613 (dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: DNSTools
CVE-2002-0605 (Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 ...)
- TODO: check
+ NOT-FOR-US: Flash
CVE-2002-0601 (ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: ISS
CVE-2002-0599 (Blahz-DNS 0.2 and earlier allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: Blahz
CVE-2002-0598 (Format string vulnerability in Foundstone FScan 1.12 with banner ...)
- TODO: check
+ NOT-FOR-US: Foundstone
CVE-2002-0597 (LANMAN service on Microsoft Windows 2000 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0594 (Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to ...)
TODO: check
CVE-2002-0576 (ColdFusion 5.0 and earlier on Windows systems allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: ColdFusion
CVE-2002-0575 (Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with ...)
TODO: check
CVE-2002-0574 (Memory leak in FreeBSD 4.5 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2002-0573 (Format string vulnerability in RPC wall daemon (rpc.rwalld) for ...)
TODO: check
CVE-2002-0571 (Oracle Oracle9i database server 9.0.1.x allows local users to access ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2002-0569 (Oracle 9i Application Server allows remote attackers to bypass access ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2002-0567 (Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2002-0553 (Cross-site scripting vulnerability in SunShop 2.5 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: SunShop
CVE-2002-0546 (Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 ...)
- TODO: check
+ NOT-FOR-US: Winamp
CVE-2002-0545 (Cisco Aironet before 11.21 with Telnet enabled allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2002-0543 (Directory traversal vulnerability in Aprelium Abyss Web Server ...)
- TODO: check
+ NOT-FOR-US: Aprelium
CVE-2002-0542 (mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in ...)
TODO: check
CVE-2002-0539 (Demarc PureSecure 1.05 allows remote attackers to gain administrative ...)
- TODO: check
+ NOT-FOR-US: Demarc
CVE-2002-0538 (FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2002-0536 (PHPGroupware 0.9.12 and earlier, when running with the ...)
TODO: check
CVE-2002-0532 (EMU Webmail allows local users to execute arbitrary programs via a .. ...)
- TODO: check
+ NOT-FOR-US: EMU
CVE-2002-0531 (Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x ...)
- TODO: check
+ NOT-FOR-US: EMU
CVE-2002-0516 (SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users ...)
TODO: check
CVE-2002-0513 (The PHP administration script in popper_mod 1.2.1 and earlier relies ...)
@@ -29674,13 +29674,13 @@
CVE-2002-0506 (Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 ...)
TODO: check
CVE-2002-0505 (Memory leak in the Call Telephony Integration (CTI) Framework ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2002-0501 (Format string vulnerability in log_print() function of Posadis DNS ...)
- TODO: check
+ NOT-FOR-US: Posadis
CVE-2002-0497 (Buffer overflow in mtr 0.46 and earlier, when installed setuid root, ...)
TODO: check
CVE-2002-0495 (csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: csSearch
CVE-2002-0494 (Cross-site scripting vulnerability in WebSight Directory System 0.1 ...)
TODO: check
CVE-2002-0493 (Apache Tomcat may be started without proper security settings if ...)
@@ -38962,7 +38962,7 @@
CVE-1999-0476 (A weak encryption algorithm is used for passwords in SCO TermVision, ...)
TODO: check
CVE-1999-0469 (Internet Explorer 5.0 allows window spoofing, allowing a remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0467 (The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a ...)
TODO: check
CVE-1999-0465 (Remote attackers can crash Lynx and Internet Explorer using an IMG tag ...)
@@ -38980,41 +38980,41 @@
CVE-1999-0454 (A remote attacker can sometimes identify the operating system of a ...)
TODO: check
CVE-1999-0453 (An attacker can identify a CISCO device by sending a SYN packet to ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-1999-0452 (A service or application has a backdoor password that was placed there ...)
TODO: check
CVE-1999-0451 (Denial of service in Linux 2.0.36 allows local users to prevent ...)
TODO: check
CVE-1999-0450 (In IIS, an attacker could determine a real path using a request for a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0444 (Remote attackers can perform a denial of service in Windows machines ...)
TODO: check
CVE-1999-0443 (Patrol management software allows a remote attacker to conduct a ...)
TODO: check
CVE-1999-0435 (MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain ...)
- TODO: check
+ NOT-FOR-US: HP-UX
CVE-1999-0434 (XFree86 xfs command is vulnerable to a symlink attack, allowing ...)
TODO: check
CVE-1999-0431 (Linux 2.2.3 and earlier allow a remote attacker to perform an IP ...)
TODO: check
CVE-1999-0427 (Eudora 4.1 allows remote attackers to perform a denial of service by ...)
- TODO: check
+ NOT-FOR-US: Eudora
CVE-1999-0426 (The default permissions of /dev/kmem in Linux versions before 2.0.36 ...)
TODO: check
CVE-1999-0419 (When the Microsoft SMTP service attempts to send a message to a server ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0418 (Denial of service in SMTP applications such as Sendmail, when a ...)
TODO: check
CVE-1999-0411 (Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, ...)
- TODO: check
+ NOT-FOR-US: SCO
CVE-1999-0406 (Digital Unix Networker program nsralist has a buffer overflow which ...)
- TODO: check
+ NOT-FOR-US: DEC UNIX
CVE-1999-0401 (A race condition in Linux 2.2.1 allows local users to read arbitrary ...)
TODO: check
CVE-1999-0400 (Denial of service in Linux 2.2.0 running the ldd command on a core ...)
TODO: check
CVE-1999-0399 (The DCC server command in the Mirc 5.5 client doesn't filter ...)
- TODO: check
+ NOT-FOR-US: Mirc
CVE-1999-0398 (In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will ...)
TODO: check
CVE-1999-0397 (The demo version of the Quakenbush NT Password Appraiser sends ...)
@@ -39026,31 +39026,31 @@
CVE-1999-0381 (super 3.11.6 and other versions have a buffer overflow in the syslog ...)
TODO: check
CVE-1999-0370 (In Sun Solaris and SunOS, man and catman contain vulnerabilities ...)
- TODO: check
+ NOT-FOR-US: Sun
CVE-1999-0364 (Microsoft Access 97 stores a database password as plaintext in a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0361 (NetWare version of LaserFiche stores usernames and passwords ...)
- TODO: check
+ NOT-FOR-US: NetWare
CVE-1999-0360 (MS Site Server 2.0 with IIS 4 can allow users to upload content, ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0359 (ptylogin in Unix systems allows users to perform a denial of service ...)
TODO: check
CVE-1999-0356 (ControlIT v4.5 and earlier uses weak encryption to store ...)
TODO: check
CVE-1999-0354 (Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0352 (ControlIT 4.5 and earlier (aka Remotely Possible) has weak password ...)
TODO: check
CVE-1999-0347 (Internet Explorer 4.01 allows remote attackers to read local files and ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0345 (Jolt ICMP attack causes a denial of service in Windows 95 and Windows ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0336 (Buffer overflow in mstm in HP-UX allows local users to gain root ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-1999-0333 (HP OpenView Omniback allows remote execution of commands as root via ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-1999-0331 (Buffer overflow in Internet Explorer 4.0(1). ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0330 (Linux bdash game has a buffer overflow that allows local users to ...)
TODO: check
CVE-1999-0319 (Buffer overflow in xmcd 2.1 allows local users to gain access ...)
@@ -39058,19 +39058,19 @@
CVE-1999-0317 (Buffer overflow in Linux su command gives root access to local ...)
TODO: check
CVE-1999-0307 (Buffer overflow in HP-UX cstm program allows local users to gain ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-1999-0306 (buffer overflow in HP xlock program. ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-1999-0298 (ypbind with -ypset and -ypsetme options activated in Linux Slackware ...)
TODO: check
CVE-1999-0287 (Vulnerability in the Wguest CGI program. ...)
TODO: check
CVE-1999-0286 (In some NT web servers, appending a space at the end of a URL may ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0285 (Denial of service in telnet from the Windows NT Resource Kit, by ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0284 (Denial of service to NT mail servers including Ipswitch, Mdaemon, and ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0283 (The Java Web Server would allow remote users to obtain the source ...)
TODO: check
CVE-1999-0282
@@ -39086,15 +39086,15 @@
CVE-1999-0255 (Buffer overflow in ircd allows arbitrary command execution. ...)
TODO: check
CVE-1999-0254 (A hidden SNMP community string in HP OpenView allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-1999-0253 (IIS 3.0 with the iis-fix hotfix installed allows remote intruders to ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0250 (Denial of service in Qmail through long SMTP commands. ...)
TODO: check
CVE-1999-0249 (Windows NT RSHSVC program allows remote users to execute arbitrary ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0246 (HP Remote Watch allows a remote user to gain root access. ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-1999-0243 (Linux cfingerd could be exploited to gain root access. ...)
TODO: check
CVE-1999-0242 (Remote attackers can access mail files via POP3 in some Linux systems ...)
@@ -39112,21 +39112,21 @@
CVE-1999-0231 (Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 ...)
TODO: check
CVE-1999-0229 (Denial of service in Windows NT IIS server using ..\.. ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0226 (Windows NT TCP/IP processes fragmented IP packets improperly, causing ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0222 (Denial of service in Cisco IOS web server allows attackers to reboot ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-1999-0220 (Attackers can do a denial of service of IRC by crashing the server. ...)
TODO: check
CVE-1999-0216 (Denial of service of inetd on Linux through SYN and RST packets. ...)
TODO: check
CVE-1999-0213 (libnsl in Solaris allowed an attacker to perform a denial of service ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-1999-0205 (Denial of service in Sendmail 8.6.11 and 8.6.12. ...)
TODO: check
CVE-1999-0200 (Windows NT FTP server (WFTP) with the guest account enabled without a ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0198 (finger . at host on some systems may print information on some user accounts. ...)
TODO: check
CVE-1999-0197 (finger 0 at host on some systems may print information on some user accounts. ...)
@@ -39134,11 +39134,11 @@
CVE-1999-0195 (Denial of service in RPC portmapper allows attackers to register or ...)
TODO: check
CVE-1999-0193 (Denial of service in Ascend and 3com routers, which can be rebooted by ...)
- TODO: check
+ NOT-FOR-US: Ascend/3com
CVE-1999-0187
REJECTED
CVE-1999-0186 (In Solaris, an SNMP subagent has a default community string that allows remote ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-1999-0171 (Denial of service in syslog by sending it a large number of ...)
TODO: check
CVE-1999-0169 (NFS allows attackers to read and write any file on the system by ...)
@@ -39150,19 +39150,19 @@
CVE-1999-0156 (wu-ftpd FTP daemon allows any user and password combination. ...)
TODO: check
CVE-1999-0154 (IIS 2.0 and 3.0 allows remote attackers to read the source code for ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0144 (Denial of service in Qmail by specifying a large number of recipients ...)
TODO: check
CVE-1999-0140 (Denial of service in RAS/PPTP on NT systems. ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0127 (swinstall and swmodify commands in SD-UX package in HP-UX systems ...)
- TODO: check
+ NOT-FOR-US: HP-UX
CVE-1999-0123 (Race condition in Linux mailx command allows local users to ...)
TODO: check
CVE-1999-0121 (Buffer overflow in dtaction command gives root access. ...)
TODO: check
CVE-1999-0119 (Windows NT 4.0 beta allows users to read and delete shares. ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-1999-0114 (Local users can execute commands as other users, and read other users' ...)
TODO: check
CVE-1999-0110
@@ -39178,13 +39178,13 @@
CVE-1999-0098 (Buffer overflow in SMTP HELO command in Sendmail allows a remote ...)
TODO: check
CVE-1999-0092 (Various vulnerabilities in the AIX portmir command allows ...)
- TODO: check
+ NOT-FOR-US: AIX
CVE-1999-0089 (Buffer overflow in AIX libDtSvc library can allow local users ...)
- TODO: check
+ NOT-FOR-US: AIX
CVE-1999-0088 (IRIX and AIX automountd services (autofsd) allow remote users to ...)
- TODO: check
+ NOT-FOR-US: AIX
CVE-1999-0086 (AIX routed allows remote users to modify sensitive files. ...)
- TODO: check
+ NOT-FOR-US: AIX
CVE-1999-0078 (pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, ...)
TODO: check
CVE-1999-0076 (Buffer overflow in wu-ftp from PASV command causes a core dump. ...)
@@ -39194,7 +39194,7 @@
CVE-1999-0033 (Command execution in Sun systems via buffer overflow in the at ...)
TODO: check
CVE-1999-0030 (root privileges via buffer overflow in xlock command on SGI IRIX ...)
- TODO: check
+ NOT-FOR-US: SGI
CVE-1999-0020
REJECTED
CVE-1999-0015 (Teardrop IP denial of service. ...)
More information about the Secure-testing-commits
mailing list