[Secure-testing-commits] r4052 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Mon May 22 20:59:50 UTC 2006
Author: alec-guest
Date: 2006-05-22 20:59:47 +0000 (Mon, 22 May 2006)
New Revision: 4052
Modified:
data/CVE/list
Log:
NOT-FOR-US
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-22 20:56:56 UTC (rev 4051)
+++ data/CVE/list 2006-05-22 20:59:47 UTC (rev 4052)
@@ -29939,9 +29939,9 @@
CVE-2002-0151 (Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows ...)
NOT-FOR-US: Microsoft
CVE-2002-0150 (Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0149 (Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0148 (Cross-site scripting vulnerability in Internet Information Server ...)
TODO: check
CVE-2002-0147 (Buffer overflow in the ASP data transfer mechanism in Internet ...)
@@ -30001,7 +30001,7 @@
CVE-2002-0074 (Cross-site scripting vulnerability in Help File search facility for ...)
TODO: check
CVE-2002-0073 (The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0072 (The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET ...)
TODO: check
CVE-2002-0071 (Buffer overflow in the ism.dll ISAPI extension that implements HTR ...)
@@ -30795,9 +30795,9 @@
CVE-2001-0546 (Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security ...)
NOT-FOR-US: Microsoft
CVE-2001-0545 (IIS 4.0 with URL redirection enabled allows remote attackers to cause ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0544 (IIS 5.0 allows local users to cause a denial of service (hang) via by ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0543 (Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows ...)
NOT-FOR-US: Microsoft
CVE-2001-0541 (Buffer overflow in Microsoft Windows Media Player 7.1 and earlier ...)
@@ -30833,11 +30833,11 @@
CVE-2001-0513 (Oracle listener process on Windows NT redirects connection requests to ...)
TODO: check
CVE-2001-0508 (Vulnerability in IIS 5.0 allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0507 (IIS 5.0 uses relative paths to find system files that will run ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0506 (Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0504 (Vulnerability in authentication process for SMTP service in Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2001-0503 (Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows ...)
@@ -30993,11 +30993,11 @@
CVE-2001-0336 (The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an ...)
NOT-FOR-US: Microsoft
CVE-2001-0335 (FTP service in IIS 5.0 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0334 (FTP service in IIS 5.0 and earlier allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0333 (Directory traversal vulnerability in IIS 5.0 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0331 (Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in ...)
TODO: check
CVE-2001-0330 (Bugzilla 2.10 allows remote attackers to access sensitive information, ...)
@@ -31163,7 +31163,7 @@
CVE-2001-0152 (The password protection option for the Compressed Folders feature in ...)
TODO: check
CVE-2001-0151 (IIS 5.0 allows remote attackers to cause a denial of service via a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0150 (Internet Explorer 5.5 and earlier executes Telnet sessions using ...)
NOT-FOR-US: Microsoft
CVE-2001-0149 (Windows Scripting Host in Internet Explorer 5.5 and earlier allows ...)
@@ -31237,7 +31237,7 @@
CVE-2001-0099 (bsguest.cgi guestbook script allows remote attackers to execute ...)
TODO: check
CVE-2001-0096 (FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0095 (catman in Solaris 2.7 and 2.8 allows local users to overwrite ...)
TODO: check
CVE-2001-0094 (Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 ...)
@@ -31349,7 +31349,7 @@
CVE-2001-0005 (Buffer overflow in the parsing mechanism of the file loader in ...)
TODO: check
CVE-2001-0004 (IIS 5.0 and 4.0 allows remote attackers to read the source code for ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2001-0003 (Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and ...)
NOT-FOR-US: Microsoft
CVE-2001-0002 (Internet Explorer 5.5 and earlier allows remote attackers to obtain ...)
@@ -31629,7 +31629,7 @@
CVE-2000-0972 (HP-UX 11.00 crontab allows local users to read arbitrary files via the ...)
TODO: check
CVE-2000-0970 (IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0969 (Format string vulnerability in Half Life dedicated server build 3104 ...)
TODO: check
CVE-2000-0968 (Buffer overflow in Half Life dedicated server before build 3104 allows ...)
@@ -31661,7 +31661,7 @@
CVE-2000-0952 (global.cgi CGI program in Global 3.55 and earlier on NetBSD allows ...)
TODO: check
CVE-2000-0951 (A misconfiguration in IIS 5.0 with Index Server enabled and the Index ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0949 (Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier ...)
TODO: check
CVE-2000-0948 (GnoRPM before 0.95 allows local users to modify arbitrary files via a ...)
@@ -31759,9 +31759,9 @@
CVE-2000-0887 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a ...)
TODO: check
CVE-2000-0886 (IIS 5.0 allows remote attackers to execute arbitrary commands via a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0884 (IIS 4.0 and 5.0 allows remote attackers to read documents outside of ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0883 (The default configuration of mod_perl for Apache as installed on ...)
TODO: check
CVE-2000-0878 (The mailto CGI script allows remote attacker to execute arbitrary ...)
@@ -31893,7 +31893,7 @@
CVE-2000-0779 (Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote ...)
TODO: check
CVE-2000-0778 (IIS 5.0 allows remote attackers to obtain source code for .ASP files ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0777 (The password protection feature of Microsoft Money can store the ...)
NOT-FOR-US: Microsoft
CVE-2000-0776 (Mediahouse Statistics Server 5.02x allows remote attackers to execute ...)
@@ -31903,7 +31903,7 @@
CVE-2000-0771 (Microsoft Windows 2000 allows local users to cause a denial of service ...)
NOT-FOR-US: Microsoft
CVE-2000-0770 (IIS 4.0 and 5.0 does not properly restrict access to certain types of ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0768 (A function in Internet Explorer 4.x and 5.x does not properly verify ...)
NOT-FOR-US: Microsoft
CVE-2000-0767 (The ActiveX control for invoking a scriptlet in Internet Explorer 4.x ...)
@@ -32089,9 +32089,9 @@
CVE-2000-0632 (Buffer overflow in the web archive component of L-Soft Listserv 1.8d ...)
TODO: check
CVE-2000-0631 (An administrative script from IIS 3.0, later included in IIS 4.0 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0630 (IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0628 (The source.asp example script in the Apache ASP module Apache::ASP ...)
TODO: check
CVE-2000-0627 (BlackBoard CourseInfo 4.0 does not properly authenticate users, which ...)
@@ -32345,7 +32345,7 @@
CVE-2000-0458 (The MSWordView application in IMP creates world-readable files in the ...)
TODO: check
CVE-2000-0457 (ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0456 (NetBSD 1.4.2 and earlier allows local users to cause a denial of ...)
TODO: check
CVE-2000-0455 (Buffer overflow in xlockmore xlock program version 4.16 and earlier ...)
@@ -32419,7 +32419,7 @@
CVE-2000-0409 (Netscape 4.73 and earlier follows symlinks when it imports a new ...)
TODO: check
CVE-2000-0408 (IIS 4.05 and 5.0 allow remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0407 (Buffer overflow in Solaris netpr program allows local users to execute ...)
TODO: check
CVE-2000-0406 (Netscape Communicator before version 4.73 and Navigator 4.07 do not ...)
@@ -32649,7 +32649,7 @@
CVE-2000-0260 (Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 ...)
NOT-FOR-US: Microsoft
CVE-2000-0258 (IIS 4.0 and 5.0 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0257 (Buffer overflow in the NetWare remote web administration utility ...)
TODO: check
CVE-2000-0255 (The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a ...)
@@ -32667,7 +32667,7 @@
CVE-2000-0247 (Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain ...)
TODO: check
CVE-2000-0246 (IIS 4.0 and 5.0 does not properly perform ISAPI extension processing ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0245 (Vulnerability in SGI IRIX objectserver daemon allows remote attackers ...)
TODO: check
CVE-2000-0243 (AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to ...)
@@ -32697,7 +32697,7 @@
CVE-2000-0228 (Microsoft Windows Media License Manager allows remote attackers to ...)
NOT-FOR-US: Microsoft
CVE-2000-0226 (IIS 4.0 allows attackers to cause a denial of service by requesting a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0225 (The Pocsag POC32 program does not properly prevent remote users from ...)
TODO: check
CVE-2000-0224 (ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root ...)
@@ -32937,9 +32937,9 @@
CVE-2000-0026 (Buffer overflow in UnixWare i2odialogd daemon allows remote attackers ...)
TODO: check
CVE-2000-0025 (IIS 4.0 and Site Server 3.0 allow remote attackers to read source code ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0024 (IIS does not properly canonicalize URLs, potentially allowing remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0023 (Buffer overflow in Lotus Domino HTTP server allows remote attackers to ...)
TODO: check
CVE-2000-0022 (Lotus Domino HTTP server does not properly disable anonymous access ...)
@@ -32985,7 +32985,7 @@
CVE-1999-1542 (RPMMail before 1.4 allows remote attackers to execute commands via an ...)
TODO: check
CVE-1999-1537 (IIS 3.x and 4.x does not distinguish between pages requiring ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-1535 (Buffer overflow in AspUpload.dll in Persits Software AspUpload before ...)
TODO: check
CVE-1999-1531 (Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a ...)
@@ -33045,7 +33045,7 @@
CVE-1999-1402 (The access permissions for a UNIX domain socket are ignored in Solaris ...)
TODO: check
CVE-1999-1397 (Index Server 2.0 on IIS 4.0 stores physical path information in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-1386 (Perl 5.004_04 and earlier follows symbolic links when running with the ...)
TODO: check
CVE-1999-1385 (Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local ...)
@@ -33150,11 +33150,11 @@
CVE-1999-1243 (SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local ...)
TODO: check
CVE-1999-1233 (IIS 4.0 does not properly restrict access for the initial session ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-1226 (Netscape Communicator 4.7 and earlier allows remote attackers to cause ...)
TODO: check
CVE-1999-1223 (IIS 3.0 allows remote attackers to cause a denial of service via a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-1222 (Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to ...)
TODO: check
CVE-1999-1217 (The PATH in Windows NT includes the current working directory (.), ...)
@@ -33216,7 +33216,7 @@
CVE-1999-1156 (BisonWare FTP Server 4.1 and earlier allows remote attackers to cause ...)
TODO: check
CVE-1999-1148 (FTP service in IIS 4.0 and earlier allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-1147 (Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows ...)
TODO: check
CVE-1999-1146 (Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x ...)
@@ -33312,7 +33312,7 @@
CVE-1999-1037 (rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary ...)
TODO: check
CVE-1999-1035 (IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-1034 (Vulnerability in login in AT&T System V Release 4 allows local users ...)
TODO: check
CVE-1999-1032 (Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 ...)
@@ -33551,7 +33551,7 @@
CVE-1999-0875 (DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow ...)
TODO: check
CVE-1999-0874 (Buffer overflow in IIS 4.0 allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0873 (Buffer overflow in Skyfull mail server via MAIL FROM command. ...)
TODO: check
CVE-1999-0871 (Internet Explorer 4.0 and 4.01 allow a remote attacker to read files ...)
@@ -33563,7 +33563,7 @@
CVE-1999-0868 (ucbmail allows remote attackers to execute commands via shell ...)
TODO: check
CVE-1999-0867 (Denial of service in IIS 4.0 via a flood of HTTP requests with ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0866 (Buffer overflow in UnixWare xauto program allows local users to gain ...)
TODO: check
CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP ...)
@@ -33571,7 +33571,7 @@
CVE-1999-0864 (UnixWare programs that dump core allow a local user to ...)
TODO: check
CVE-1999-0861 (Race condition in the SSL ISAPI filter in IIS and other servers may ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0859 (Solaris arp allows local users to read files via the -f parameter, ...)
TODO: check
CVE-1999-0858 (Internet Explorer 5 allows a remote attacker to modify the IE client's ...)
@@ -33687,7 +33687,7 @@
CVE-1999-0778 (Buffer overflow in Xi Graphics Accelerated-X server allows local ...)
TODO: check
CVE-1999-0777 (IIS FTP servers may allow a remote attacker to read or delete files on ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0775 (Cisco Gigabit Switch routers running IOS allow remote attackers to ...)
NOT-FOR-US: Cisco
CVE-1999-0774 (Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via ...)
@@ -33771,7 +33771,7 @@
CVE-1999-0726 (An attacker can conduct a denial of service in Windows NT by executing ...)
TODO: check
CVE-1999-0725 (When IIS is run with a default language of Chinese, Korean, or ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0724 (Buffer overflow in OpenBSD procfs and fdescfs file systems via ...)
TODO: check
CVE-1999-0723 (The Windows NT Client Server Runtime Subsystem (CSRSS) can be ...)
@@ -33940,9 +33940,9 @@
CVE-1999-0457 (Linux ftpwatch program allows local users to gain root privileges. ...)
TODO: check
CVE-1999-0449 (Denial of service in IIS 4 with scripts from the ExAir sample site. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0448 (IIS 4.0 and Apache log HTTP request methods, regardless of how long ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0447 (Local users can gain privileges using the debug utility in the MPE/iX ...)
TODO: check
CVE-1999-0446 (Local users can perform a denial of service in NetBSD 1.3.3 and ...)
@@ -33996,7 +33996,7 @@
CVE-1999-0413 (A buffer overflow in the SGI X server allows local users to gain root ...)
TODO: check
CVE-1999-0412 (In IIS and other web servers, an attacker can attack commands as ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0410 (The cancel command in Solaris 2.6 (i386) has a buffer overflow that ...)
TODO: check
CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local users to ...)
@@ -34004,7 +34004,7 @@
CVE-1999-0408 (Files created from interactive shell sessions in Cobalt RaQ ...)
TODO: check
CVE-1999-0407 (By default, IIS 4.0 has a virtual directory /IISADMPWD which contains ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0405 (A buffer overflow in lsof allows local users to obtain root ...)
TODO: check
CVE-1999-0404 (Buffer overflow in the Mail-Max SMTP server for Windows systems allows ...)
@@ -34086,9 +34086,9 @@
CVE-1999-0350 (Race condition in the db_loader program in ClearCase gives local ...)
TODO: check
CVE-1999-0349 (A buffer overflow in the FTP list (ls) command in IIS allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0348 (IIS ASP caching problem releases sensitive information when two ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0346 (CGI PHP mlog script allows an attacker to read any file on the target ...)
TODO: check
CVE-1999-0344 (NT users can gain debug-level access on a system process using the ...)
@@ -34188,13 +34188,13 @@
CVE-1999-0288 (Denial of service in WINS with malformed data to port 137 (NETBIOS ...)
TODO: check
CVE-1999-0281 (Denial of service in IIS using long URLs. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0280 (Remote command execution in Microsoft Internet Explorer using .lnk and ...)
NOT-FOR-US: Microsoft
CVE-1999-0279 (Excite for Web Servers (EWS) allows remote command execution via ...)
TODO: check
CVE-1999-0278 (In IIS, remote attackers can obtain source code for ASP files by appending ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0277 (The WorkMan program can be used to overwrite any file to get root access. ...)
TODO: check
CVE-1999-0276 (mSQL v2.0.1 and below allows remote execution through a buffer overflow. ...)
@@ -34252,7 +34252,7 @@
CVE-1999-0234 (Bash treats any character with a value of 255 as a command separator. ...)
TODO: check
CVE-1999-0233 (IIS allows users to execute arbitrary commands using .bat or .cmd ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0230 (Buffer overflow in Cisco 7xx routers through the telnet service. ...)
NOT-FOR-US: Cisco
CVE-1999-0228 (Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. ...)
@@ -34306,7 +34306,7 @@
CVE-1999-0192 (Buffer overflow in telnet daemon tgetent routing allows remote ...)
TODO: check
CVE-1999-0191 (IIS newdsn.exe CGI script allows remote users to overwrite files. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0190 (Solaris rpcbind can be exploited to overwrite arbitrary files and gain ...)
TODO: check
CVE-1999-0189 (Solaris rpcbind listens on a high numbered UDP port, which may not be ...)
@@ -34928,13 +34928,13 @@
CVE-2002-0426 (VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router ...)
TODO: check
CVE-2002-0422 (IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0421 (IIS 4.0 allows local users to bypass the "User cannot change password" ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0420 (Vulnerability in PureTLS before 0.9b2 related to injection attacks, ...)
TODO: check
CVE-2002-0419 (Information leaks in IIS 4 through 5.1 allow remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0418 (Directory traversal vulnerability in the ...)
TODO: check
CVE-2002-0417 (Directory traversal vulnerability in Endymion MailMan before 3.1 ...)
@@ -37033,7 +37033,7 @@
CVE-2000-1150 (Felix IRC client in BeOS r5 pro and earlier allows remote attackers to ...)
TODO: check
CVE-2000-1147 (Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-1138 (Lotus Notes R5 client R5.0.5 and earlier does not properly warn users ...)
TODO: check
CVE-2000-1134 (Multiple shell programs on various Unix systems, including (1) tcsh, ...)
@@ -37065,7 +37065,7 @@
CVE-2000-1105 (The ixsso.query ActiveX Object is marked as safe for scripting, which ...)
TODO: check
CVE-2000-1104 (Variant of the "IIS Cross-Site Scripting" vulnerability as originally ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-1103 (rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before ...)
TODO: check
CVE-2000-1102 (PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to ...)
@@ -37299,7 +37299,7 @@
CVE-2000-0748 (OpenLDAP 1.2.11 and earlier improperly installs the ud binary with ...)
TODO: check
CVE-2000-0746 (Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0736 (Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier ...)
TODO: check
CVE-2000-0735 (Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier ...)
@@ -37365,7 +37365,7 @@
CVE-2000-0653 (Microsoft Outlook Express allows remote attackers to monitor a user's ...)
NOT-FOR-US: Microsoft
CVE-2000-0649 (IIS 4.0 allows remote attackers to obtain the internal IP address of ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0648 (WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of ...)
TODO: check
CVE-2000-0647 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...)
@@ -37483,7 +37483,7 @@
CVE-2000-0415 (Buffer overflow in Outlook Express 4.x allows attackers to cause a ...)
TODO: check
CVE-2000-0413 (The shtml.exe program in the FrontPage extensions package of IIS 4.0 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0412 (The gnapster and knapster clients for Napster do not properly restrict ...)
TODO: check
CVE-2000-0401 (Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping ...)
@@ -37607,7 +37607,7 @@
CVE-2000-0173 (Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote ...)
TODO: check
CVE-2000-0167 (IIS Inetinfo.exe allows local users to cause a denial of service by ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0163 (asmon and ascpu in FreeBSD allow local users to gain root privileges ...)
TODO: check
CVE-2000-0160 (The Microsoft Active Setup ActiveX component in Internet Explorer 4.x ...)
@@ -37645,7 +37645,7 @@
CVE-2000-0129 (Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP ...)
TODO: check
CVE-2000-0126 (Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0125 (wwwthreads does not properly cleanse numeric data or table names that ...)
TODO: check
CVE-2000-0124 (surfCONTROL SuperScout does not properly asign a category to web sites ...)
@@ -37659,7 +37659,7 @@
CVE-2000-0118 (The Red Hat Linux su program does not log failed password guesses if ...)
TODO: check
CVE-2000-0115 (IIS allows local users to cause a denial of service via invalid ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0114 (Frontpage Server Extensions allows remote attackers to determine the ...)
TODO: check
CVE-2000-0110 (The WebSiteTool shopping cart application allows remote users to ...)
@@ -37703,7 +37703,7 @@
CVE-2000-0074 (PowerScripts PlusMail CGI program allows remote attackers to execute ...)
TODO: check
CVE-2000-0071 (IIS 4.0 allows a remote attacker to obtain the real pathname of the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2000-0069 (The recover program in Solstice Backup allows local users to restore ...)
TODO: check
CVE-2000-0068 (daynad program in Intel InBusiness E-mail Station does not require ...)
@@ -37806,7 +37806,7 @@
CVE-1999-1539 (Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions ...)
TODO: check
CVE-1999-1538 (When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-1536 (.sbstart startup script in AcuShop Salesbuilder is world writable, ...)
TODO: check
CVE-1999-1534 (Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia ...)
@@ -37940,7 +37940,7 @@
CVE-1999-1453 (Internet Explorer 4 allows remote attackers (malicious web site ...)
NOT-FOR-US: Microsoft
CVE-1999-1451 (The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-1450 (Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX ...)
TODO: check
CVE-1999-1449 (SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial ...)
@@ -38056,7 +38056,7 @@
CVE-1999-1377 (Matt Wright's download.cgi 1.0 allows remote attackers to read ...)
TODO: check
CVE-1999-1376 (Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-1375 (FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) ...)
TODO: check
CVE-1999-1374 (perlshop.cgi shopping cart program stores sensitive customer ...)
@@ -38640,13 +38640,13 @@
CVE-1999-0741 (QMS CrownNet Unix Utilities for 2060 allows root to log on without a ...)
TODO: check
CVE-1999-0739 (The codebrws.asp sample file in IIS and Site Server allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0738 (The code.asp sample file in IIS and Site Server allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0737 (The viewcode.asp sample file in IIS and Site Server allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0736 (The showcode.asp sample file in IIS and Site Server allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0712 (A vulnerability in Caldera Open Administration System (COAS) allows ...)
TODO: check
CVE-1999-0698 (Denial of service in IP protocol logger (ippl) on Red Hat and Debian ...)
@@ -38852,7 +38852,7 @@
CVE-1999-0562 (The registry in Windows NT can be accessed remotely by users who are ...)
TODO: check
CVE-1999-0561 (IIS has the #exec function enabled for Server Side Include (SSI) files. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-1999-0560 (A system-critical Windows NT file or directory has inappropriate ...)
TODO: check
CVE-1999-0559 (A system-critical Unix file or directory has inappropriate ...)
More information about the Secure-testing-commits
mailing list