Author: alec-guest
Date: 2006-05-22 16:01:28 +0000 (Mon, 22 May 2006)
New Revision: 4044
Modified:
data/CVE/list
Log:
NOT-FOR-US
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-05-22 13:53:11 UTC (rev 4043)
+++ data/CVE/list 2006-05-22 16:01:28 UTC (rev 4044)
@@ -1016,7 +1016,7 @@
CVE-2006-2019 (Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions
allows ...)
NOT-FOR-US: Apple
CVE-2005-4791 (Multiple untrusted search path vulnerabilities in SUSE Linux
10.0 ...)
- TODO: check
+ NOT-FOR-US: SUSE-specific
CVE-2005-4790 (Multiple untrusted search path vulnerabilities in SUSE Linux 9.3
and ...)
NOT-FOR-US: SUSE-specific
CVE-2005-4789 (resmgr in SUSE Linux 9.2 and 9.3, and possibly other
distributions, ...)
@@ -4815,7 +4815,7 @@
CVE-2005-4682 (Cross-site scripting (XSS) vulnerability in error.asp in
AudienceView ...)
NOT-FOR-US: AudienceView
CVE-2005-4681 (** DISPUTED ** Buffer overflow in mIRC 5.91, 6.03, 6.12, and
6.16 ...)
- TODO: check
+ NOT-FOR-US: mIRC
CVE-2005-4680 (Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before
4.6.9, ...)
NOT-FOR-US: Sophos Anti-Virus
CVE-2005-4679 (Internet Explorer 6 for Windows XP Service Pack 2 allows remote
...)
@@ -7879,7 +7879,7 @@
{DSA-1018-1 DSA-1017-1}
- linux-2.6 2.6.14-3 (medium)
CVE-2005-3782 (Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the
"Name and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2004-2606 (The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version
3, with ...)
NOT-FOR-US: Linksys hardware
CVE-2004-2605 (aStats 1.6.5 allows local users to overwrite arbitrary files via
a ...)
@@ -9949,7 +9949,7 @@
CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP
Server ...)
NOT-FOR-US: Qualcomm WorldMail IMAP Server
CVE-2005-3188 (Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: Winamp
CVE-2005-3187 (The listening daemon in Blue Coat Systems Inc. WinProxy before
6.1a ...)
NOT-FOR-US: WinProxy
CVE-2005-3186 (Integer overflow in the GTK+ gdk-pixbuf XPM image rendering
library in ...)
@@ -11171,13 +11171,13 @@
CVE-2005-2715 (Format string vulnerability in the Java user interface service
...)
NOT-FOR-US: VERITAS NetBackup Data and Business Center
CVE-2005-2714 (passwd in Directory Services in Mac OS X 10.3.x before 10.3.9
and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2005-2713 (passwd in Directory Services in Mac OS X 10.3.x before 10.3.9
and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2005-2712 (The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1,
6.5.5, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2005-2711 (ISS BlackIce 3.6, as used in multiple products including
BlackICE PC ...)
- TODO: check
+ NOT-FOR-US: ISS
CVE-2005-2710 (Format string vulnerability in Real HelixPlayer and RealPlayer
10 ...)
{DSA-826-1}
NOTE: see http://www.open-security.org/advisories/13
@@ -11550,9 +11550,9 @@
CVE-2005-2620 (grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores
the ...)
NOT-FOR-US: Novell GroupWise
CVE-2005-2619 (Directory traversal vulnerability in kvarcve.dll in Autonomy
(formerly ...)
- TODO: check
+ NOT-FOR-US: Autonomy
CVE-2005-2618 (Multiple stack-based buffer overflows in Autonomy (formerly
Verity) ...)
- TODO: check
+ NOT-FOR-US: Autonomy
CVE-2004-2434 (Microsoft Internet Explorer 6.0 SP1 allows remote attackers to
cause a ...)
NOT-FOR-US: MS IE
CVE-2004-2433 (Buffer overflow in the IsValidFile function in the ADM ActiveX
control ...)
@@ -29666,7 +29666,7 @@
CVE-2002-0516 (SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail
users ...)
TODO: check
CVE-2002-0513 (The PHP administration script in popper_mod 1.2.1 and earlier
relies ...)
- TODO: check
+ NOT-FOR-US: popper_mod
CVE-2002-0512 (startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the
...)
TODO: check
CVE-2002-0511 (The default configuration of Name Service Cache Daemon (nscd) in
...)
@@ -29682,37 +29682,37 @@
CVE-2002-0495 (csSearch.cgi in csSearch 2.3 and earlier allows remote attackers
to ...)
NOT-FOR-US: csSearch
CVE-2002-0494 (Cross-site scripting vulnerability in WebSight Directory System
0.1 ...)
- TODO: check
+ NOT-FOR-US: WebSight
CVE-2002-0493 (Apache Tomcat may be started without proper security settings if
...)
TODO: check
CVE-2002-0490 (Instant Web Mail before 0.60 does not properly filter CR/LF
sequences, ...)
- TODO: check
+ NOT-FOR-US: Instant Web Mail
CVE-2002-0488 (Linux Directory Penguin traceroute.pl CGI script 1.0 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Linux Directory Penguin
CVE-2002-0484 (move_uploaded_file in PHP does not does not check for the base
...)
TODO: check
CVE-2002-0473 (db.php in phBB 2.0 (aka phBB2) RC-3 and earlier allows remote
...)
TODO: check
CVE-2002-0464 (Directory traversal vulnerability in Hosting Controller 1.4.1
and ...)
- TODO: check
+ NOT-FOR-US: Hosting Controller
CVE-2002-0463 (home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows
remote ...)
- TODO: check
+ NOT-FOR-US: ARSC
CVE-2002-0462 (bigsam_guestbook.php for Big Sam (Built-In Guestbook Stand-Alone
...)
- TODO: check
+ NOT-FOR-US: Big Sam
CVE-2002-0454 (Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows
remote ...)
TODO: check
CVE-2002-0451 (filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote
...)
- TODO: check
+ NOT-FOR-US: PHProjekt
CVE-2002-0445 (article.php in PHP FirstPost 0.1 allows allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: PHP FirstPost
CVE-2002-0444 (Microsoft Windows 2000 running the Terminal Server 90-day trial
...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-2002-0443 (Microsoft Windows 2000 allows local users to bypass the policy
that ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-2002-0442 (Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and
5.0.6 ...)
TODO: check
CVE-2002-0441 (Directory traversal vulnerability in imlist.php for Php Imglist
allows ...)
- TODO: check
+ NOT-FOR-US: PHP Imglist
CVE-2002-0437 (Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote
...)
TODO: check
CVE-2002-0435 (Race condition in the recursive (1) directory deletion and (2)
...)
@@ -29723,7 +29723,7 @@
{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
- kernel-source-2.2.20 <removed>
CVE-2002-0425 (mIRC DCC server protocol allows remote attackers to gain
sensitive ...)
- TODO: check
+ NOT-FOR-US: mIRC
CVE-2002-0424 (efingerd 1.61 and earlier, when configured without the -u
option, ...)
TODO: check
CVE-2002-0423 (Buffer overflow in efingerd 1.5 and earlier, and possibly up to
1.61, ...)
@@ -29733,7 +29733,7 @@
CVE-2002-0412 (Format string vulnerability in TraceEvent function for ntop
before 2.1 ...)
TODO: check
CVE-2002-0406 (Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to
cause ...)
- TODO: check
+ NOT-FOR-US: SPHERE
CVE-2002-0404 (Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows
remote ...)
TODO: check
CVE-2002-0403 (DNS dissector in Ethereal before 0.9.3 allows remote attackers
to ...)
@@ -29745,15 +29745,15 @@
CVE-2002-0400 (ISC BIND 9 before 9.2.1 allows remote attackers to cause a
denial of ...)
TODO: check
CVE-2002-0398 (Red-M 1050 (Bluetooth Access Point) PPP server allows bonded
users to ...)
- TODO: check
+ NOT-FOR-US: Red-M
CVE-2002-0397 (Red-M 1050 (Bluetooth Access Point) publicizes its name, IP
address, ...)
- TODO: check
+ NOT-FOR-US: Red-M
CVE-2002-0396 (The web management server for Red-M 1050 (Bluetooth Access
Point) does ...)
- TODO: check
+ NOT-FOR-US: Red-M
CVE-2002-0395 (The TFTP server for Red-M 1050 (Bluetooth Access Point) can not
be ...)
- TODO: check
+ NOT-FOR-US: Red-M
CVE-2002-0394 (Red-M 1050 (Bluetooth Access Point) uses case insensitive
passwords, ...)
- TODO: check
+ NOT-FOR-US: Red-M
CVE-2002-0392 (Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows
remote ...)
- apache2 2.0.37
CVE-2002-0391 (Integer overflow in xdr_array function in RPC servers for
operating ...)
@@ -29766,7 +29766,7 @@
CVE-2002-0389 (Pipermail in Mailman stores private mail messages with
predictable ...)
TODO: check
CVE-2002-0387 (Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector
Module ...)
- TODO: check
+ NOT-FOR-US: Sun
CVE-2002-0384 (Buffer overflow in Jabber plug-in for Gaim client before 0.58
allows ...)
TODO: check
CVE-2002-0382 (XChat IRC client allows remote attackers to execute arbitrary
commands ...)
@@ -29781,103 +29781,103 @@
CVE-2002-0377 (Gaim 0.57 stores sensitive information in world-readable and
...)
TODO: check
CVE-2002-0376 (Buffer overflow in Apple QuickTime 5.0 ActiveX component allows
remote ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2002-0374 (Format string vulnerability in the logging function for the
pam_ldap ...)
TODO: check
CVE-2002-0373 (The Windows Media Device Manager (WMDM) Service in Microsoft
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0372 (Microsoft Windows Media Player versions 6.4 and 7.1 and Media
Player ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0369 (Buffer overflow in ASP.NET Worker Process allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0368 (The Store Service in Microsoft Exchange 2000 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0367 (smss.exe debugging subsystem in Windows NT and Windows 2000 does
not ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0366 (Buffer overflow in Remote Access Service (RAS) phonebook for
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0364 (Buffer overflow in the chunked encoding transfer mechanism in
IIS 4.0 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0363 (ghostscript before 6.53 allows attackers to execute arbitrary
commands ...)
TODO: check
CVE-2002-0362 (Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later
allows ...)
- TODO: check
+ NOT-FOR-US: AOL
CVE-2002-0359 (xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication,
which ...)
- TODO: check
+ NOT-FOR-US: IRIX
CVE-2002-0358 (MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: MediaMail
CVE-2002-0357 (Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem
of SGI ...)
TODO: check
CVE-2002-0356 (Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI
IRIX ...)
TODO: check
CVE-2002-0355 (netstat in SGI IRIX before 6.5.12 allows local users to
determine the ...)
- TODO: check
+ NOT-FOR-US: SGI
CVE-2002-0339 (Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding
(CEF) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2002-0330 (Cross-site scripting vulnerability in codeparse.php of Open
Bulletin ...)
- TODO: check
+ NOT-FOR-US: OpenBB
CVE-2002-0329 (Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03
and ...)
- TODO: check
+ NOT-FOR-US: Snitz
CVE-2002-0318 (FreeRADIUS RADIUS server allows remote attackers to cause a
denial of ...)
TODO: check
CVE-2002-0313 (Buffer overflow in Essentia Web Server 2.1 allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Essentia
CVE-2002-0309 (SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes
the ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2002-0302 (The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x
drops ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2002-0300 (gnujsp 1.0.0 and 1.0.1 allows remote attackers to list
directories, ...)
TODO: check
CVE-2002-0299 (CNet CatchUp before 1.3.1 allows attackers to execute arbitrary
code ...)
- TODO: check
+ NOT-FOR-US: CatchUp
CVE-2002-0292 (Cross-site scripting vulnerability in Slash before 2.2.5, as
used in ...)
TODO: check
CVE-2002-0290 (Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe,
allows ...)
- TODO: check
+ NOT-FOR-US: WebNews
CVE-2002-0287 (pforum 1.14 and earlier does no explicitly enable PHP magic
quotes, ...)
- TODO: check
+ NOT-FOR-US: pforum
CVE-2002-0276 (Buffer overflow in various decoders in Ettercap 0.6.3.1 and
earlier, ...)
TODO: check
CVE-2002-0275 (Falcon web server 2.0.0.1020 and earlier allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: Falcon
CVE-2002-0274 (Exim 3.34 and earlier may allow local users to gain privileges
via a ...)
TODO: check
CVE-2002-0267 (preferences.php in Simple Internet Publishing System (SIPS)
before ...)
- TODO: check
+ NOT-FOR-US: SIPS
CVE-2002-0265 (Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword
file ...)
- TODO: check
+ NOT-FOR-US: Sawmill
CVE-2002-0251 (Buffer overflow in licq 1.0.4 and earlier allows remote
attackers to ...)
TODO: check
CVE-2002-0250 (Web configuration utility in HP AdvanceStack hubs J3200A through
...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2002-0246 (Format string vulnerability in the message catalog library
functions ...)
- TODO: check
+ NOT-FOR-US: UnixWare
CVE-2002-0241 (NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS)
3.0.1 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2002-0237 (Buffer overflow in ISS BlackICE Defender 2.9 and earlier,
BlackICE ...)
- TODO: check
+ NOT-FOR-US: ISS
CVE-2002-0226 (retrieve_password.pl in DCForum 6.x and 2000 generates
predictable new ...)
- TODO: check
+ NOT-FOR-US: DCForum
CVE-2002-0213 (xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to
read ...)
- TODO: check
+ NOT-FOR-US: Xinet
CVE-2002-0211 (Race condition in the installation script for Tarantella
Enterprise 3 ...)
- TODO: check
+ NOT-FOR-US: Tarantella
CVE-2002-0209 (Nortel Alteon ACEdirector WebOS 9.0, with the Server Load
Balancing ...)
- TODO: check
+ NOT-FOR-US: Nortel
CVE-2002-0207 (Buffer overflow in Real Networks RealPlayer 8.0 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: Real Networks
CVE-2002-0197 (psyBNC 2.3 beta and earlier allows remote attackers to spoof
...)
- TODO: check
+ NOT-FOR-US: psyBNC
CVE-2002-0196 (GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if
the ...)
- TODO: check
+ NOT-FOR-US: ACD
CVE-2002-0193 (Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0191 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0190 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0188 (Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2002-0187 (Cross-site scripting vulnerability in the SQLXML component of
...)
TODO: check
CVE-2002-0186 (Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL
Server ...)