Author: joeyh
Date: 2005-10-19 23:52:56 +0000 (Wed, 19 Oct 2005)
New Revision: 2466
Modified:
data/CVE/list
Log:
erm, this is what I meant the last commit to be (last commit was some more
CAN references)
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-10-19 23:45:56 UTC (rev 2465)
+++ data/CVE/list 2005-10-19 23:52:56 UTC (rev 2466)
@@ -3904,7 +3904,7 @@
NOT-FOR-US: EtoShop
CVE-2005-2134 (The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2
allow ...)
NOT-FOR-US: NetBSD
-CVE-2005-2133 (DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1915.
Reason: ...)
+CVE-2005-2133 (DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CAN-2005-1915.
Reason: ...)
NOT-FOR-US: log4sh
CVE-2005-2132 (RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5,
and ...)
NOT-FOR-US: SCO UnixWare
@@ -17884,565 +17884,565 @@
CVE-2002-0655 (OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does
not ...)
{DSA-136}
TODO: check
-CVE-2002-1412
+CVE-2002-1412 (Gallery photo album package before 1.3.1 allows local and
possibly ...)
{DSA-138}
TODO: check
- gallery 1.3-3
-CVE-2004-0356
+CVE-2004-0356 (Stack-based buffer overflow in Supervisor Report Center in SL
Mail Pro ...)
NOTE: not-for-us (windows mta)
-CVE-2004-0347
+CVE-2004-0347 (Cross-site scripting (XSS) vulnerability in delhomepage.cgi in
...)
NOTE: not-for-us (juniper router)
-CVE-2004-0336
+CVE-2004-0336 (LAN SUITE Web Mail 602Pro allows remote attackers to gain
sensitive ...)
NOTE: not-for-us (windows mta)
-CVE-2004-0320
+CVE-2004-0320 (Unknown vulnerability in nCipher Hardware Security Modules (HSM)
...)
NOTE: not-for-us (ncipher hardware)
-CVE-2004-0309
+CVE-2004-0309 (Stack-based buffer overflow in the SMTP service support in
vsmon.exe ...)
NOTE: not-for-us (windows firewall)
-CVE-2004-0307
+CVE-2004-0307 (Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS
15454 ...)
NOTE: not-for-us (cisco)
-CVE-2004-0306
+CVE-2004-0306 (Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS
15454 SD ...)
NOTE: not-for-us (cisco)
-CVE-2004-0297
+CVE-2004-0297 (Buffer overflow in the Lightweight Directory Access Protocol
(LDAP) ...)
NOTE: not-for-us (windows mta)
-CVE-2004-0276
+CVE-2004-0276 (The get_real_string function in Monkey HTTP Daemon (monkeyd)
0.8.1 and ...)
NOTE: not-for-us (monkeyd, not in debian)
-CVE-2004-0274
+CVE-2004-0274 (Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can
...)
- eggdrop 1.6.17
-CVE-2004-0273
+CVE-2004-0273 (Directory traversal vulnerability in RealOne Player, RealOne
Player ...)
NOTE: not-for-us (realone player)
-CVE-2004-0270
+CVE-2004-0270 (libclamav in Clam AntiVirus 0.65 allows remote attackers to
cause a ...)
- libclamav1 0.80
-CVE-2004-0263
+CVE-2004-0263 (PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak
global ...)
- libapache-mod-php4 4.3.9
-CVE-2004-0261
+CVE-2004-0261 (oj.cgi in OpenJournal 2.0 through 2.0.5 allows remote attackers
to ...)
NOTE: not-for-us (openjournal, not in debian)
-CVE-2004-0257
+CVE-2004-0257 (OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to
cause a ...)
NOTE: not-for-us (open/netbsd)
-CVE-2004-0256
+CVE-2004-0256 (GNU libtool before 1.5.2, during compile time, allows local
users to ...)
- libtool 1.5.6
-CVE-2004-0194
+CVE-2004-0194 (Stack-based buffer overflow in the OutputDebugString function
for ...)
NOTE: not-for-us (acroread)
-CVE-2004-0193
+CVE-2004-0193 (Heap-based buffer overflow in the ISS Protocol Analysis Module
(PAM), ...)
NOTE: not-for-us (realsecure/blackice)
-CVE-2004-0191
+CVE-2004-0191 (Mozilla before 1.4.2 executes Javascript events in the context
of a ...)
- mozilla-browser 2:1.7.3
TODO: test
-CVE-2004-0190
+CVE-2004-0190 (Symantec FireWall/VPN Appliance model 200 records a cleartext
...)
NOTE: not-for-us (symantec)
-CVE-2004-0189
+CVE-2004-0189 (The "%xx" URL decoding function in Squid
2.5STABLE4 and earlier allows ...)
{DSA-474}
-CVE-2004-0188 [calife: buffer overflow with long passwords]
+CVE-2004-0188 (Heap-based buffer overflow in Calife 2.8.5 and earlier may allow
local ...)
{DSA-461}
- calife 2.8.6-1 (bug #235157)
-CVE-2004-0186
+CVE-2004-0186 (smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid,
...)
{DSA-463}
-CVE-2004-0185
+CVE-2004-0185 (Buffer overflow in the skey_challenge function in ftpd.c for
wu-ftp ...)
{DSA-457}
- wu-ftpd 2.6.2-17.2
-CVE-2004-0173
+CVE-2004-0173 (Directory traversal vulnerability in Apache 1.3.29 and earlier,
and ...)
NOTE: not-for-us (apache/cygwin)
-CVE-2004-0171
+CVE-2004-0171 (FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows
remote ...)
NOTE: not-for-us (freebsd/os x)
-CVE-2004-0169
+CVE-2004-0169 (QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows
remote ...)
NOTE: not-for-us (os x)
-CVE-2004-0167
+CVE-2004-0167 (DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly
...)
NOTE: not-for-us (os x)
-CVE-2004-0165
+CVE-2004-0165 (Format string vulnerability in Point-to-Point Protocol (PPP)
daemon ...)
NOTE: not-for-us (os x)
-CVE-2004-0160
+CVE-2004-0160 (Synaesthesia 2.2 and earlier allows local users to execute
arbitrary ...)
{DSA-446}
-CVE-2004-0159
+CVE-2004-0159 (Format string vulnerability in hsftp 1.11 allows remote
authenticated ...)
{DSA-447}
-CVE-2004-0150
+CVE-2004-0150 (Buffer overflow in the getaddrinfo function in Python 2.2 before
...)
{DSA-458-2 DSA-458}
-CVE-2004-0148
+CVE-2004-0148 (wu-ftpd 2.6.2 and earlier, with the restricted-gid option
enabled, ...)
{DSA-457}
- wu-ftpd 2.6.2-17.2
-CVE-2004-0131
+CVE-2004-0131 (The rad_print_request function in logger.c for GNU Radius daemon
...)
NOTE: not-for-us (gnu radiusd, not in debian)
-CVE-2004-0129
+CVE-2004-0129 (Directory traversal vulnerability in export.php in phpMyAdmin
2.5.5 ...)
- phpmyadmin 2:2.6.0-pl2
-CVE-2004-0128
+CVE-2004-0128 (PHP remote code injection vulnerability in the GEDCOM
configuration ...)
NOTE: not-for-us (phpgedview, not in debian)
-CVE-2004-0126
+CVE-2004-0126 (The jail_attach system call in FreeBSD 5.1 and 5.2 changes the
...)
NOTE: not-for-us (freebsd)
-CVE-2004-0122
+CVE-2004-0122 (Microsoft MSN Messenger 6.0 and 6.1 does not properly handle
certain ...)
NOTE: not-for-us (microsoft)
-CVE-2004-0121
+CVE-2004-0121 (Argument injection vulnerability in Microsoft Outlook 2002 does
not ...)
NOTE: not-for-us (microsoft)
-CVE-2004-0115
+CVE-2004-0115 (VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through
6.1 ...)
NOTE: not-for-us (microsoft)
-CVE-2004-0114
+CVE-2004-0114 (The shmat system call in the System V Shared Memory interface
for ...)
NOTE: not-for-us (bsd)
-CVE-2004-0113
+CVE-2004-0113 (Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before
2.0.49 ...)
- apache2 2.0.52
-CVE-2004-0111
+CVE-2004-0111 (gdk-pixbuf before 0.20 allows attackers to cause a denial of
service ...)
{DSA-464}
-CVE-2004-0108
+CVE-2004-0108 (The isag utility, which processes sysstat data, allows local
users to ...)
{DSA-460}
-CVE-2004-0099
+CVE-2004-0099 (mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag
when ...)
NOTE: not-for-us (freebsd)
-CVE-2004-0096
+CVE-2004-0096 (Unknown vulnerability in mod_python 2.7.9 allows remote
attackers to ...)
- libapache-mod-python 2:2.7.10
-CVE-2004-0095
+CVE-2004-0095 (McAfee ePolicy Orchestrator agent allows remote attackers to
cause a ...)
NOTE: not-for-us (mcafee)
-CVE-2004-0094
+CVE-2004-0094 (Integer signedness errors in XFree86 4.1.0 allow remote
attackers to ...)
{DSA-443}
-CVE-2004-0093
+CVE-2004-0093 (XFree86 4.1.0 allows remote attackers to cause a denial of
service and ...)
{DSA-443}
-CVE-2004-0089
+CVE-2004-0089 (Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and
10.2.x ...)
NOTE: not-for-us (os x)
-CVE-2004-0082
+CVE-2004-0082 (The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and
...)
- samba 3.0.7
TODO: test
-CVE-2004-0080
+CVE-2004-0080 (The login program in util-linux 2.11 and earlier uses a pointer
after ...)
NOTE: not-for-us (debian uses different login)
-CVE-2004-0078
+CVE-2004-0078 (Buffer overflow in the index menu code (menu_pad_string of
menu.c) for ...)
- mutt 1.5.6-20040722+1
TODO: test
-CVE-2004-0077
+CVE-2004-0077 (The do_mremap function for the mremap system call in Linux 2.2
to ...)
{DSA-514 DSA-475 DSA-470 DSA-466 DSA-456 DSA-454 DSA-453 DSA-450 DSA-444
DSA-442 DSA-441 DSA-440 DSA-439 DSA-438}
-CVE-2004-0075
+CVE-2004-0075 (The Vicam USB driver in Linux before 2.4.25 does not use the
...)
- kernel-source-2.4.24 2.4.24-3
NOTE: fixed in 2.4.26-pre3
TODO: test
-CVE-2004-0070
+CVE-2004-0070 (PHP remote code injection vulnerability in module.php for
ezContents ...)
NOTE: not-for-us (ezcontents, commercial)
-CVE-2004-0068
+CVE-2004-0068 (PHP remote code injection vulnerability in config.php for PhpDig
1.6.5 ...)
NOTE: not-for-us (phpdig, not in debian)
-CVE-2004-0063
+CVE-2004-0063 (The SPP_VerifyPVV function in nCipher payShield SPP library
1.3.12, ...)
NOTE: not-for-us (ncipher hsm)
-CVE-2004-0049
+CVE-2004-0049 (Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote
...)
NOTE: not-for-us (real helix)
-CVE-2004-0045
+CVE-2004-0045 (Buffer overflow in the ARTpost function in art.c in the control
...)
- inn2 2.4.1+20040820
TODO: test
-CVE-2004-0044
+CVE-2004-0044 (Cisco Personal Assistant 1.4(1) and 1.4(2) disables password
...)
NOTE: not-for-us (cisco)
-CVE-2004-0040
+CVE-2004-0040 (Stack-based buffer overflow in Check Point VPN-1 Server 4.1
through ...)
NOTE: not-for-us (checkpoint)
-CVE-2004-0036
+CVE-2004-0036 (SQL injection vulnerability in calendar.php for vBulletin Forum
2.3.x ...)
NOTE: not-for-us (vbulletin, commercial)
-CVE-2004-0035
+CVE-2004-0035 (SQL injection vulnerability in register.php for Phorum 3.4.5 and
...)
NOTE: not-for-us (phorum, not in debian)
-CVE-2004-0033
+CVE-2004-0033 (admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain
...)
NOTE: not-for-us (phpgedview, not in debian)
-CVE-2004-0032
+CVE-2004-0032 (Cross-site scripting (XSS) vulnerability in search.php in
PHPGEDVIEW ...)
NOTE: not-for-us (phpgedview, not in debian)
-CVE-2004-0031
+CVE-2004-0031 (PHPGEDVIEW 2.61 allows remote attackers to reinstall the
software and ...)
NOTE: not-for-us (phpgedview, not in debian)
-CVE-2004-0028
+CVE-2004-0028 (jitterbug 1.6.2 does not properly sanitize inputs, which allows
remote ...)
{DSA-420}
-CVE-2004-0016
+CVE-2004-0016 (The calendar module for phpgroupware 0.9.14 does not enforce the
"save ...)
{DSA-419}
-CVE-2004-0015
+CVE-2004-0015 (vbox3 0.1.8 and earlier does not properly drop privileges before
...)
{DSA-418}
-CVE-2004-0013
+CVE-2004-0013 (jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not
properly ...)
{DSA-414}
-CVE-2004-0011
+CVE-2004-0011 (Buffer overflow in fsp before 2.81.b18 allows remote users to
execute ...)
{DSA-416}
-CVE-2004-0009
+CVE-2004-0009 (Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to
1 or 3 ...)
- apache-ssl 1.3.31
TODO: test
-CVE-2004-0004
+CVE-2004-0004 (The libCheckSignature function in crypto-utils.lib for OpenCA
0.9.1.6 ...)
NOTE: not-for-us (openca, not in debian)
-CVE-2004-0001
+CVE-2004-0001 (Unknown vulnerability in the eflags checking in the 32-bit
ptrace ...)
- kernel-image-2.6.8-9-amd64-generic
TODO: what version?
TODO: test?
-CVE-2003-1328
+CVE-2003-1328 (The showHelp() function in Microsoft Internet Explorer 5.01,
5.5, and ...)
NOTE: not-for-us (windows)
-CVE-2003-1326
+CVE-2003-1326 (Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers
...)
NOTE: not-for-us (windows)
-CVE-2003-1022
+CVE-2003-1022 (Directory traversal vulnerability in fsp before 2.81.b18 allows
remote ...)
{DSA-416}
- fsp 2.81.b18-1
-CVE-2003-0994
+CVE-2003-0994 (The GUI functionality for an interactive session in Symantec
...)
NOTE: not-for-us (norton)
-CVE-2003-0993
+CVE-2003-0993 (mod_access in Apache 1.3 before 1.3.30, when running big-endian
64-bit ...)
- apache 1.3.29.0.2-4
-CVE-2003-0991
+CVE-2003-0991 (Unknown vulnerability in the mail command handler in Mailman
before ...)
{DSA-436}
- mailman 2.1-1
NOTE: I have mailed Tollef Fog Heen <tfheen@debian.org> about this.
NOTE: Tollef Fog Heen reply to me that 2.1 versions are not vulnerable
-CVE-2003-0988
+CVE-2003-0988 (Buffer overflow in the VCF file information reader for KDE
Personal ...)
- kdepim 4:3.1.5-1
-CVE-2003-0985
+CVE-2003-0985 (The mremap system call (do_mremap) in Linux kernel 2.4.x before
2.4.21 ...)
{DSA-475 DSA-470 DSA-450 DSA-442 DSA-440 DSA-439 DSA-427 DSA-423 DSA-417
DSA-413}
NOTE: fixed in 2.4.24-rc1
-CVE-2003-0969
+CVE-2003-0969 (mpg321 0.2.10 allows remote attackers to overwrite memory and
possibly ...)
{DSA-411}
- mpg321 0.2.10.3
-CVE-2003-0966
+CVE-2003-0966 (Buffer overflow in the frm command in elm 2.5.6 and earlier, and
...)
NOTE: not-for-us (elm)
-CVE-2003-0924
+CVE-2003-0924 (netpbm 9.25 and earlier does not properly create temporary
files, ...)
{DSA-426}
- netpbm-free 2:9.25-9
-CVE-2003-0905
+CVE-2003-0905 (Unknown vulnerability in Windows Media Station Service and
Windows ...)
NOTE: not-for-us (microsoft)
-CVE-2003-0903
+CVE-2003-0903 (Buffer overflow in a component of Microsoft Data Access
Components ...)
NOTE: not-for-us (microsoft)
-CVE-2003-0825
+CVE-2003-0825 (The Windows Internet Naming Service (WINS) for Microsoft Windows
...)
NOTE: not-for-us (microsoft)
-CVE-2003-0145
+CVE-2003-0145 (Unknown vulnerability in tcpdump before 3.7.2 related to an
inability ...)
{DSA-261}
- tcpdump 3.7.2-1
-CVE-2003-0143
+CVE-2003-0143 (The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not
null ...)
{DSA-259}
- qpopper 4.0.4-9
-CVE-2003-0125
+CVE-2003-0125 (Buffer overflow in the web interface for SOHO Routefinder 550
before ...)
NOTE: not-for-us (SOHO Routefinder)
-CVE-2003-0124
+CVE-2003-0124 (man before 1.51 allows attackers to execute arbitrary code via a
...)
NOTE: not-for-us (man before 1.51)
-CVE-2003-0123
+CVE-2003-0123 (Buffer overflow in Web Retriever client for Lotus Notes/Domino
R4.5 ...)
NOTE: not-for-us (lotus notes)
-CVE-2003-0122
+CVE-2003-0122 (Buffer overflow in Notes server before Lotus Notes R4, R5 before
...)
NOTE: not-for-us (lotus notes)
-CVE-2003-0120
+CVE-2003-0120 (adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows
local ...)
{DSA-256}
- mhc 0.25+20030224-1
-CVE-2003-0108
+CVE-2003-0108 (isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote
attackers ...)
{DSA-255}
- tcpdump 3.7.1-1.2
-CVE-2003-0107
+CVE-2003-0107 (Buffer overflow in the gzprintf function in zlib 1.1.4, when
zlib is ...)
- zlib 1:1.1.4-10
-CVE-2003-0104
+CVE-2003-0104 (Directory traversal vulnerability in PeopleTools 8.10 through
8.18, ...)
NOTE: not-for-us (peopletools)
-CVE-2003-0103
+CVE-2003-0103 (Format string vulnerability in Nokia 6210 handset allows remote
...)
NOTE: not-for-us (nokia handset)
-CVE-2003-0102
+CVE-2003-0102 (Buffer overflow in tryelf() in readelf.c of the file command
allows ...)
{DSA-260}
- file 3.40-1.1
-CVE-2003-0100
+CVE-2003-0100 (Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote
attackers ...)
NOTE: not-for-us (cisco)
-CVE-2003-0097
+CVE-2003-0097 (Unknown vulnerability in CGI module for PHP 4.3.0 allows
attackers to ...)
- php4 4:4.3.2+rc3-1
-CVE-2003-0095
+CVE-2003-0095 (Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i,
...)
NOTE: not-for-us (oracle)
-CVE-2003-0094
+CVE-2003-0094 (A patch for mcookie in the util-linux package for Mandrake Linux
8.2 ...)
NOTE: not-for-us (mandrake specific)
-CVE-2003-0093
+CVE-2003-0093 (The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote
...)
{DSA-261}
- tcpdump 3.7.1-1
-CVE-2003-0088
+CVE-2003-0088 (TruBlueEnvironment for MacOS 10.2.3 and earlier allows local
users to ...)
NOTE: not-for-us (macosX)
-CVE-2003-0087
+CVE-2003-0087 (Buffer overflow in libIM library (libIM.a) for National Language
...)
NOTE: not-for-us (AIX)
-CVE-2003-0081
+CVE-2003-0081 (Format string vulnerability in packet-socks.c of the SOCKS
dissector ...)
{DSA-258}
- ethereal 0.9.9-2
-CVE-2003-0079
+CVE-2003-0079 (The DEC UDK processing feature in the hanterm (hanterm-xf)
terminal ...)
NOTE: not-for-us (hanterm before 2.0.5)
-CVE-2003-0078
+CVE-2003-0078 (ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6
before ...)
{DSA-253}
- openssl 0.9.7a-1
-CVE-2003-0077
+CVE-2003-0077 (The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier,
and ...)
NOTE: not-for-us (hanterm before 2.0.5)
-CVE-2003-0075
+CVE-2003-0075 (Integer signedness error in the myFseek function of samplein.c
for ...)
NOTE: not-for-us (blade encoder not in Debian)
-CVE-2003-0073
+CVE-2003-0073 (Double-free vulnerability in mysqld for MySQL before 3.23.55
allows ...)
{DSA-303}
- mysql 4.0.12-2
-CVE-2003-0071
+CVE-2003-0071 (The DEC UDK processing feature in the xterm terminal emulator in
...)
{DSA-380}
- xfree86 4.2.1-11
-CVE-2003-0070
+CVE-2003-0070 (VTE, as used by default in gnome-terminal terminal emulator 2.2
and as ...)
- vte 1:0.11.10-1
-CVE-2003-0069
+CVE-2003-0069 (The PuTTY terminal emulator 0.53 allows attackers to modify the
window ...)
- putty 0.54-1
-CVE-2003-0068
+CVE-2003-0068 (The Eterm terminal emulator 0.9.1 and earlier allows attackers
to ...)
{DSA-496}
- eterm 0.9.2-6
-CVE-2003-0067
+CVE-2003-0067 (The aterm terminal emulator 0.42 allows attackers to modify the
window ...)
NOTE: I have mailed Goran Weinholt <weinholt@debian.org> about this.
NOTE: Goran Weinholt <weinholt@debian.org> tell me that aterm 0.4.2 was
NOTE: never vulnerable to the problem described.
NOTE: this CVE is bogus.
-CVE-2003-0066
+CVE-2003-0066 (The rxvt terminal emulator 2.7.8 and earlier allows attackers to
...)
- rxvt 1:2.6.4-6.1 (bug #244810)
NOTE: woody version is still vulnerable
-CVE-2003-0065
+CVE-2003-0065 (The uxterm terminal emulator allows attackers to modify the
window ...)
NOTE: not-for-us (uxterm not in Debian)
-CVE-2003-0064
+CVE-2003-0064 (The dtterm terminal emulator allows attackers to modify the
window ...)
NOTE: not-for-us (dtterm not in Debian)
-CVE-2003-0063
+CVE-2003-0063 (The xterm terminal emulator in XFree86 4.2.0 and earlier allows
...)
{DSA-380}
- xfree86 4.2.1-11
-CVE-2003-0062
+CVE-2003-0062 (Buffer overflow in Eset Software NOD32 for UNIX before 1.013
allows ...)
NOTE: not-for-us (NOD32 not in Debian)
-CVE-2003-0059
+CVE-2003-0059 (Unknown vulnerability in the chk_trans.c of the libkrb5 library
for ...)
- krb5 1.2.5-1
-CVE-2003-0058
+CVE-2003-0058 (MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5
allows ...)
- krb5 1.2.5-1
-CVE-2003-0055
+CVE-2003-0055 (Buffer overflow in the MP3 broadcasting module of Apple Darwin
...)
NOTE: not-for-us (apple)
-CVE-2003-0054
+CVE-2003-0054 (Apple Darwin Streaming Administration Server 4.1.2 and QuickTime
...)
NOTE: not-for-us (apple)
-CVE-2003-0053
+CVE-2003-0053 (Cross-site scripting (XSS) vulnerability in parse_xml.cgi in
Apple ...)
NOTE: not-for-us (apple)
-CVE-2003-0052
+CVE-2003-0052 (parse_xml.cgi in Apple Darwin Streaming Administration Server
4.1.2 ...)
NOTE: not-for-us (apple)
-CVE-2003-0051
+CVE-2003-0051 (parse_xml.cgi in Apple Darwin Streaming Administration Server
4.1.2 ...)
NOTE: not-for-us (apple)
-CVE-2003-0050
+CVE-2003-0050 (parse_xml.cgi in Apple Darwin Streaming Administration Server
4.1.2 ...)
NOTE: not-for-us (apple)
-CVE-2003-0045
+CVE-2003-0045 (Jakarta Tomcat before 3.3.1a on certain Windows systems may
allow ...)
NOTE: not-for-us (windows)
-CVE-2003-0043
+CVE-2003-0043 (Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or
earlier, ...)
{DSA-246}
- tomcat 3.3.1a-1
-CVE-2003-0040
+CVE-2003-0040 (SQL injection vulnerability in the PostgreSQL auth module for
courier ...)
{DSA-247}
- courier-ssl 0.40.2-3
-CVE-2003-0039
+CVE-2003-0039 (ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other
...)
{DSA-245}
- dhcp3 1.1.2-1
-CVE-2003-0033
+CVE-2003-0033 (Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x
before ...)
{DSA-297}
- snort 2.0.0-1
-CVE-2003-0032
+CVE-2003-0032 (Memory leak in libmcrypt before 2.5.5 allows attackers to cause
a ...)
{DSA-228}
- libmcrypt 2.5.5-1
-CVE-2003-0027
+CVE-2003-0027 (Directory traversal vulnerability in Sun Kodak Color Management
System ...)
NOTE: not-for-us (sun)
-CVE-2003-0024
+CVE-2003-0024 (The menuBar feature in aterm 0.42 allows attackers to modify
menu ...)
NOTE: I have mailed Goran Weinholt <weinholt@debian.org> about this.
NOTE: Goran Weinholt <weinholt@debian.org> tell me that aterm 0.4.2 was
NOTE: never vulnerable to the problem described.
NOTE: this CVE is bogus.
-CVE-2003-0023
+CVE-2003-0023 (The menuBar feature in rxvt 2.7.8 allows attackers to modify
menu ...)
- rxvt 1:2.6.4-6.1
-CVE-2003-0022
+CVE-2003-0022 (The "screen dump" feature in rxvt 2.7.8 allows
attackers to overwrite ...)
- rxvt 1:2.6.4-6.1
-CVE-2003-0021
+CVE-2003-0021 (The "screen dump" feature in Eterm 0.9.1 and
earlier allows attackers ...)
- eterm 0.9.2-1
NOTE: According to upstream changelog and
http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2
NOTE: this is fixed in eterm 0.9.2
-CVE-2003-0020
+CVE-2003-0020 (Apache does not filter terminal escape sequences from its error
logs, ...)
- apache2 2.0.49
- apache 1.3.29.0.2-4
-CVE-2003-0019
+CVE-2003-0019 (uml_net in the kernel-utils package for Red Hat Linux 8.0 has
...)
NOTE: not-for-us (redhat 8.0 only)
-CVE-2003-0018
+CVE-2003-0018 (Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle
the ...)
{DSA-423 DSA-358}
NOTE: fixed after 2.6/2.4.21 kernel
-CVE-2003-0017
+CVE-2003-0017 (Apache 2.0 before 2.0.44 on Windows platforms allows remote
attackers ...)
NOTE: not-for-us (apache on windows)
-CVE-2003-0016
+CVE-2003-0016 (Apache before 2.0.44, when running on unpatched Windows 9x and
Me ...)
NOTE: not-for-us (apache on windows)
-CVE-2003-0015
+CVE-2003-0015 (Double-free vulnerabiity in CVS 1.11.4 and earlier allows remote
...)
{DSA-233}
- cvs 1.11.2-5.1
-CVE-2003-0013
+CVE-2003-0013 (The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5,
...)
{DSA-230}
- bugzilla 2.16.2-1
-CVE-2003-0012
+CVE-2003-0012 (The data collection script for Bugzilla 2.14.x before 2.14.5,
2.16.x ...)
{DSA-230}
- bugzilla 2.16.2-1
-CVE-2003-0009
+CVE-2003-0009 (Cross-site scripting (XSS) vulnerability in Help and Support
Center ...)
NOTE: not-for-us (windows)
-CVE-2003-0007
+CVE-2003-0007 (Microsoft Outlook 2002 does not properly handle requests to
encrypt ...)
NOTE: not-for-us (windows)
-CVE-2003-0004
+CVE-2003-0004 (Buffer overflow in the Windows Redirector function in Microsoft
...)
NOTE: not-for-us (windows)
-CVE-2003-0003
+CVE-2003-0003 (Buffer overflow in the RPC Locator service for Microsoft Windows
NT ...)
NOTE: not-for-us (windows)
-CVE-2003-0002
+CVE-2003-0002 (Cross-site scripting vulnerability (XSS) in ManualLogin.asp
script for ...)
NOTE: not-for-us (windows)
-CVE-2002-1574
+CVE-2002-1574 (Buffer overflow in the ixj telephony card driver in Linux before
...)
NOTE: fixed after 2.6/2.4.20 kernel
-CVE-2002-1560
+CVE-2002-1560 (index.php in gBook 1.4 allows remote attackers to bypass ...)
NOTE: not-for-us (gbook not in Debian)
-CVE-2002-1552
+CVE-2002-1552 (Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows
users ...)
NOTE: not-for-us (novell)
-CVE-2002-1550
+CVE-2002-1550 (dump_smutil.sh in IBM AIX allows local users to overwrite
arbitrary ...)
NOTE: not-for-us (AIX)
-CVE-2002-1549
+CVE-2002-1549 (Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote
attackers to ...)
NOTE: not-for-us (lhttpd not in Debian)
-CVE-2002-1548
+CVE-2002-1548 (Unknown vulnerability in autofs on AIX 4.3.0, when using
executable ...)
NOTE: not-for-us (AIX)
-CVE-2002-1547
+CVE-2002-1547 (Netscreen running ScreenOS 4.0.0r6 and earlier allows remote
attackers ...)
NOTE: not-for-us (Netscreen)
-CVE-2002-1543
+CVE-2002-1543 (Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local
users ...)
NOTE: not-for-us (NetBSD)
-CVE-2002-1541
+CVE-2002-1541 (BadBlue 1.7 allows remote attackers to bypass password
protections for ...)
NOTE: not-for-us (BadBlue not in Debian)
-CVE-2002-1540
+CVE-2002-1540 (The client for Symantec Norton AntiVirus Corporate Edition 7.5.x
...)
NOTE: not-for-us (norton)
-CVE-2002-1538
+CVE-2002-1538 (Acuma Acusend 4, and possibly earlier versions, allows remote
...)
NOTE: not-for-us (acusend not in Debian)
-CVE-2002-1537
+CVE-2002-1537 (admin_ug_auth.php in phpBB 2.0.0 allows local users to gain ...)
- phpbb2 2.0.6c-1
NOTE: according to http://www.securityfocus.com/archive/1/297419
NOTE: phpBB versions above 2.0.0 are not vulnerable.
-CVE-2002-1534
+CVE-2002-1534 (Macromedia Flash Player allows remote attackers to read
arbitrary ...)
NOTE: Don''t know if macromedia flash player is still vulnerable
NOTE: see: http://www.securityfocus.com/archive/1/294206
TODO: check
-CVE-2002-1532
+CVE-2002-1532 (The administrative web interface (STEMWADM) for SurfControl
SuperScout ...)
NOTE: not-for-us (surfcontrol)
-CVE-2002-1531
+CVE-2002-1531 (The administrative web interface (STEMWADM) for SurfControl
SuperScout ...)
NOTE: not-for-us (surfcontrol)
-CVE-2002-1530
+CVE-2002-1530 (The administrative web interface (STEMWADM) for SurfControl
SuperScout ...)
NOTE: not-for-us (surfcontrol)
-CVE-2002-1529
+CVE-2002-1529 (Cross-site scripting (XSS) vulnerability in msgError.asp for the
...)
NOTE: not-for-us (surfcontrol)
-CVE-2002-1528
+CVE-2002-1528 (MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain
the ...)
NOTE: not-for-us (mondosearch)
-CVE-2002-1524
+CVE-2002-1524 (Buffer overflow in XML parser in wsabi.dll of Winamp 3
(1.0.0.488) ...)
NOTE: not-for-us (winamp)
-CVE-2002-1521
+CVE-2002-1521 (Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the
Ws4d.4DD ...)
NOTE: not-for-us (webserver 4D)
-CVE-2002-1520
+CVE-2002-1520 (The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier,
and ...)
NOTE: not-for-us (WatchGuard)
-CVE-2002-1519
+CVE-2002-1519 (Format string vulnerability in the CLI interface for WatchGuard
...)
NOTE: not-for-us (WatchGuard)
-CVE-2002-1518
+CVE-2002-1518 (mv in IRIX 6.5 creates a directory with world-writable
permissions ...)
NOTE: not-for-us (IRIX)
-CVE-2002-1517
+CVE-2002-1517 (fsr_efs in IRIX 6.5 allows local users to conduct unauthorized
file ...)
NOTE: not-for-us (IRIX)
-CVE-2002-1516
+CVE-2002-1516 (rpcbind in SGI IRIX, when using the -w command line switch,
allows ...)
NOTE: not-for-us (IRIX)
-CVE-2002-1514
+CVE-2002-1514 (gds_lock_mgr in Borland InterBase allows local users to
overwrite ...)
NOTE: not-for-us (interbase)
-CVE-2002-1513
+CVE-2002-1513 (The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through
5.3 ...)
NOTE: not-for-us (OpenVMS)
-CVE-2002-1511
+CVE-2002-1511 (The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand()
...)
- vnc 3.3.3r2-21
-CVE-2002-1510
+CVE-2002-1510 (xdm, with the authComplain variable set to false, allows
arbitrary ...)
- xfree86 4.1.0-7
-CVE-2002-1509
+CVE-2002-1509 (A patch for shadow-utils 20000902 causes the useradd command to
create ...)
NOTE: not-for-us (redhat and mandrake only)
-CVE-2002-1505
+CVE-2002-1505 (SQL injection vulnerability in board.php for WoltLab Burning
Board ...)
NOTE: not-for-us (WoltLab Burning Board not in Debian)
-CVE-2002-1502
+CVE-2002-1502 (Symbolic link vulnerability in xbreaky before 0.5.5 allows local
users ...)
NOTE: not-for-us (xbreaky not in Debian)
-CVE-2002-1501
+CVE-2002-1501 (The MPS functionality in Enterasys SSR8000 (Smart Switch Router)
...)
NOTE: not-for-us (Enterasys)
-CVE-2002-1497
+CVE-2002-1497 (Cross-site scripting (XSS) vulnerability in Null HTTP Server
0.5.0 and ...)
NOTE: not-for-us (Null HTTP Server not in Debian)
-CVE-2002-1496
+CVE-2002-1496 (Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier
...)
NOTE: not-for-us (Null HTTP Server not in Debian)
-CVE-2002-1494
+CVE-2002-1494 (Cross-site scripting (XSS) vulnerabilities in Aestiva HTML/OS
allows ...)
NOTE: not-for-us (Aestiva)
-CVE-2002-1493
+CVE-2002-1493 (Cross-site scripting (XSS) vulnerability in Lycos HTMLGear
guestbook ...)
NOTE: not-for-us (Lycos)
-CVE-2002-1491
+CVE-2002-1491 (The Cisco VPN 5000 Client for MacOS before 5.2.2 records the
most ...)
NOTE: not-for-us (Cisco VPN 5000 Client for MacOS)
-CVE-2002-1490
+CVE-2002-1490 (NetBSD 1.4 through 1.6 beta allows local users to cause a denial
of ...)
NOTE: not-for-us (NetBSD)
-CVE-2002-1479
+CVE-2002-1479 (Cacti before 0.6.8 stores a MySQL username and password in
plaintext ...)
- cacti 0.6.8-1
-CVE-2002-1478
+CVE-2002-1478 (Cacti before 0.6.8 allows attackers to execute arbitrary
commands via ...)
{DSA-164}
- cacti 0.6.8a-2
-CVE-2002-1477
+CVE-2002-1477 (graphs.php in Cacti before 0.6.8 allows remote authenticated
Cacti ...)
{DSA-164}
- cacti 0.6.8a-2
-CVE-2002-1476
+CVE-2002-1476 (Buffer overflow in setlocale in libc on NetBSD 1.4.x through
1.6, and ...)
NOTE: not-for-us (NetBSD)
-CVE-2002-1472
+CVE-2002-1472 (libX11.so in xfree86, when used in setuid or setgid programs,
allows ...)
- xfree86 4.2.1-1
NOTE: Accordong to http://www.securityfocus.com/bid/5735/info/
NOTE: woody is still vulnerable
NOTE: open bug #280872
-CVE-2002-1471
+CVE-2002-1471 (The camel component for Ximian Evolution 1.0.x and earlier does
not ...)
- evolution 1.2.0-1
NOTE: woody seems to be still vulnerable
NOTE: open bug #280883
-CVE-2002-1469
+CVE-2002-1469 (scponly does not properly verify the path when finding the (1)
scp or ...)
- scponly 3.8-1
NOTE: according to http://sublimation.org/scponly/ (scponly home page)
NOTE: only versions of scponly older than scponly-2.4 are affected
-CVE-2002-1468
+CVE-2002-1468 (Buffer overflow in errpt in AIX 4.3.3 allows local users to
execute ...)
NOTE: not-for-us (AIX)
-CVE-2002-1463
+CVE-2002-1463 (Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall
6.5.2 and ...)
NOTE: not-for-us (symantec)
-CVE-2002-1448
+CVE-2002-1448 (An undocumented SNMP read/write community string
(''NoGaH$@!'') in Avaya ...)
NOTE: not-for-us (Avaya P330, P130, and M770-ATM Cajun products)
-CVE-2002-1447
+CVE-2002-1447 (Buffer overflow in the vpnclient program for UNIX VPN Client
before ...)
NOTE: not-for-us (Cisco vpn client for UNIX)
-CVE-2002-1446
+CVE-2002-1446 (The error checking routine used for the C_Verify call on a
symmetric ...)
NOTE: not-for-us (nCipher PKCS#11 library)
-CVE-2002-1443
+CVE-2002-1443 (The Google toolbar 1.1.58 and earlier allows remote web sites to
...)
NOTE: not-for-us (Google toolbar)
-CVE-2002-1438
+CVE-2002-1438 (The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare
6 ...)
NOTE: not-for-us (Perl on Novell)
-CVE-2002-1437
+CVE-2002-1437 (Directory traversal vulnerability in the web handler for Perl
5.003 on ...)
NOTE: not-for-us (Perl on Novell)
-CVE-2002-1436
+CVE-2002-1436 (The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare
6 ...)
NOTE: not-for-us (Perl on Novell)
-CVE-2002-1435
+CVE-2002-1435 (class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1,
except ...)
NOTE: not-for-us (Achievo not in Debian)
-CVE-2002-1430
+CVE-2002-1430 (Unknown vulnerability in Sympoll 1.2 allows remote attackers to
read ...)
NOTE: not-for-us (Sympoll not in Debian)
-CVE-2002-1425
+CVE-2002-1425 (Directory traversal vulnerability in munpack in mpack 1.5 and
earlier ...)
{DSA-141}
- mpack 1.5-9
-CVE-2002-1424
+CVE-2002-1424 (Buffer overflow in munpack in mpack 1.5 and earlier allows
remote ...)
- mpack 1.5-9
-CVE-2002-1420
+CVE-2002-1420 (Integer signedness error in select() on OpenBSD 3.1 and earlier
allows ...)
NOTE: not-for-us (OpenBSD)
-CVE-2002-1419
+CVE-2002-1419 (The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16
changes ...)
NOTE: not-for-us (IRIX on Origin)
-CVE-2002-1418
+CVE-2002-1418 (Buffer overflow in the interpreter for Novell NetBasic Scripting
...)
NOTE: not-for-us (Novell NetBasic Scripting Server)
-CVE-2002-1417
+CVE-2002-1417 (Directory traversal vulnerability in Novell NetBasic Scripting
Server ...)
NOTE: not-for-us (Novell NetBasic Scripting Server)
-CVE-2002-1414
+CVE-2002-1414 (Buffer overflow in qmailadmin allows local users to gain
privileges ...)
- qmailadmin 1.0.6-1
-CVE-2002-1413
+CVE-2002-1413 (RCONAG6 for Novell Netware SP2, while running RconJ in secure
mode, ...)
NOTE: not-for-us (RCONAG6 for Novell Netware SP2)
-CVE-2002-1407
+CVE-2002-1407 (TinySSL 1.02 and earlier does not verify the Basic Constraints
for an ...)
NOTE: not-for-us (TinySSL not in Debian)
-CVE-2002-1405
+CVE-2002-1405 (CRLF injection vulnerability in Lynx 2.8.4 and earlier allows
remote ...)
{DSA-210}
- lynx 2.8.4.1b-4
- lynx-ssl 1:2.8.4.1b-3.1
-CVE-2002-1403
+CVE-2002-1403 (dhcpcd DHCP client daemon 1.3.22 and earlier allows local users
to ...)
{DSA-219}
- dhcpcd 1:1.3.22pl2-2
NOTE: Debian sarge uses dhcp >= 2.0
-CVE-2002-1396
+CVE-2002-1396 (Heap-based buffer overflow in the wordwrap function in PHP after
4.1.2 ...)
- php4 4:4.3.2+rc3-1
NOTE: according to http://www.securityfocus.com/bid/6488
NOTE: woody is not vulnerable
-CVE-2002-1394
+CVE-2002-1394 (Apache Tomcat 4.0.5 and earlier, when using both the invoker
servlet ...)
{DSA-225}
- tomcat4 4.1.9-1
NOTE: no problem in sarge packages
-CVE-2002-1392
+CVE-2002-1392 (faxspool in mgetty before 1.1.29 uses a world-writable spool
directory ...)
- mgetty 1.1.30-1
NOTE: woody version seems to be vulnerable see bug #199351
-CVE-2002-1391
+CVE-2002-1391 (Buffer overflow in cnd-program for mgetty before 1.1.29 allows
remote ...)
- mgetty 1.1.30-1
NOTE: woody version seems to be vulnerable see bug #199351
-CVE-2002-1390
+CVE-2002-1390 (The daemon for GeneWeb before 4.09 does not properly handle
requested ...)
{DSA-223}
- geneweb 4.09-1
-CVE-2002-1389
+CVE-2002-1389 (Buffer overflow in typespeed 0.4.2 and earlier allows local
users to ...)
{DSA-217}
- typespeed 0.4.2-2
-CVE-2002-1388
+CVE-2002-1388 (Cross-site scripting (XSS) vulnerability in MHonArc before
2.5.14 ...)
{DSA-221}
- mhonarc 2.5.14-1
-CVE-2002-1385
+CVE-2002-1385 (openwebmail_init in Open WebMail 1.81 and earlier allows local
users ...)
- openwebmail 1.90-1
-CVE-2002-1384
+CVE-2002-1384 (Integer overflow in pdftops, as used in Xpdf 2.01 and earlier,
xpdf-i, ...)
{DSA-232 DSA-226 DSA-222}
- xpdf-i 2.01-2
- xpdf 2.01-2
- cupsys 1.1.18-1
-CVE-2002-1382
+CVE-2002-1382 (Macromedia Flash Player before 6.0.65.0 allows remote attackers
to ...)
- flashplugin-nonfree 6.0.69-1
-CVE-2002-1381
+CVE-2002-1381 (Format string vulnerability in daemon.c for Exim 4.x through
4.10, and ...)
- exim4 4.11-0.0.1
- exim 3.36-14
-CVE-2002-1380
+CVE-2002-1380 (Linux kernel 2.2.x allows local users to cause a denial of
service ...)
{DSA-336}
- kernel-source-2.2.25 2.2.25-2
-CVE-2002-1377
+CVE-2002-1377 (vim 6.0 and 6.1, and possibly other versions, allows attackers
to ...)
- vim 6.1.263-1
NOTE: woody seems to be still vulnerable
NOTE: according to bug #178102 a fixed package was uploaded to the security
team in January 2003
@@ -18450,3198 +18450,3198 @@
NOTE: I''ve mailed maintainer Luca Filipozzi
<lfilipoz@debian.org> about this.
NOTE: No response from maintainer, I have mailed security team.
NOTE: Martin Schulze don''t consider this as an issue for updating
woody.
-CVE-2002-1375
+CVE-2002-1375 (The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x
to ...)
{DSA-212}
- mysql-dfsg 4.0.7.gamma-1
NOTE: bug in mysql 3, sarge uses mysql 4
-CVE-2002-1374
+CVE-2002-1374 (The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x
...)
{DSA-212}
- mysql-dfsg 4.0.7.gamma-1
NOTE: bug in mysql 3, sarge uses mysql 4
-CVE-2002-1373
+CVE-2002-1373 (Signed integer vulnerability in the COM_TABLE_DUMP package for
MySQL ...)
{DSA-212}
- mysql-dfsg 4.0.7.gamma-1
NOTE: bug in mysql 3, sarge uses mysql 4
-CVE-2002-1372
+CVE-2002-1372 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does
not ...)
{DSA-232}
- cupsys 1.1.18-1
-CVE-2002-1371
+CVE-2002-1371 (filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14
...)
{DSA-232}
- cupsys 1.1.18-1
-CVE-2002-1369
+CVE-2002-1369 (jobs.c in Common Unix Printing System (CUPS) 1.1.14 through
1.1.17 ...)
{DSA-232}
- cupsys 1.1.18-1
-CVE-2002-1367
+CVE-2002-1367 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows
remote ...)
{DSA-232}
- cupsys 1.1.18-1
-CVE-2002-1366
+CVE-2002-1366 (Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows
local ...)
{DSA-232}
- cupsys 1.1.18-1
-CVE-2002-1365
+CVE-2002-1365 (Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does
not ...)
{DSA-216}
- fetchmail 6.2.0-1
-CVE-2002-1364
+CVE-2002-1364 (Buffer overflow in the get_origin function in traceroute-nanog
allows ...)
{DSA-254}
- traceroute-nanog 6.3.0-1
-CVE-2002-1363
+CVE-2002-1363 (Portable Network Graphics (PNG) library libpng 1.2.5 and earlier
does ...)
{DSA-213}
- libpng 1.0.12-7
- libpng3 1.2.5-8
-CVE-2002-1362
+CVE-2002-1362 (mICQ 0.4.9 and earlier allows remote attackers to cause a denial
of ...)
{DSA-211}
- micq 0.4.9.4-1
NOTE: micq not in sarge
-CVE-2002-1361
+CVE-2002-1361 (overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP
(Security ...)
NOTE: not-for-us (sun)
-CVE-2002-1350
+CVE-2002-1350 (The BGP decoding routines in tcpdump 3.6.x before 3.7 do not
properly ...)
{DSA-206}
- tcpdump 3.7.1-1
NOTE: 3.7.1-1.2 fixes a different issue.
NOTE: The fix from 3.6.2-2.2 was not upload to unstable.
-CVE-2002-1349
+CVE-2002-1349 (Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and
2003 ...)
NOTE: not-for-us (PC-cillin)
-CVE-2002-1348
+CVE-2002-1348 (w3m before 0.3.2.2 does not properly escape HTML tags in the ALT
...)
{DSA-251 DSA-250 DSA-249}
- w3mmee 0.3.p24.17-3
-CVE-2002-1337
+CVE-2002-1337 (Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote
attackers to ...)
{DSA-257}
- sendmail 8.13.0.PreAlpha4-0
NOTE: sendmail-wide not in testing/unstable
NOTE: problem in sendmail 8.12, sarge uses 8.13
-CVE-2002-1336
+CVE-2002-1336 (TightVNC before 1.2.6 generates the same challenge string for
multiple ...)
- tightvnc 1.2.6-1
-CVE-2002-1327
+CVE-2002-1327 (Buffer overflow in the Windows Shell function in Microsoft
Windows XP ...)
NOTE: not-for-us (windows)
-CVE-2002-1325
+CVE-2002-1325 (Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows
...)
NOTE: not-for-us (windows)
-CVE-2002-1323
+CVE-2002-1323 (Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier,
may ...)
{DSA-208}
- perl 5.8.0-14
-CVE-2002-1320
+CVE-2002-1320 (Pine 4.44 and earlier allows remote attackers to cause a denial
of ...)
NOTE: not-for-us (pine not in Debian)
-CVE-2002-1319
+CVE-2002-1319 (The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on
x86 ...)
NOTE: fixed after 2.4.20 kernel (2.6 not vulnerable)
-CVE-2002-1318
+CVE-2002-1318 (Buffer overflow in samba 2.2.2 through 2.2.6 allows remote
attackers ...)
{DSA-200}
- samba 2.99.cvs.20020713-1
NOTE: Problem in Samba 2, sarge uses Samba 3.
-CVE-2002-1317
+CVE-2002-1317 (Buffer overflow in Dispatch() routine for XFS font server
(fs.auto) on ...)
NOTE: not-for-us (solaris)
-CVE-2002-1313
+CVE-2002-1313 (nullmailer 1.00RC5 and earlier allows local users to cause a
denial of ...)
{DSA-198}
- nullmailer 1.00RC5-17
-CVE-2002-1311
+CVE-2002-1311 (Courier sqwebmail before 0.40.0 does not quickly drop privileges
after ...)
{DSA-197}
- courier 0.40.0-1
-CVE-2002-1308
+CVE-2002-1308 (Heap-based buffer overflow in Netscape and Mozilla allows remote
...)
- mozilla 2:1.2-1
NOTE: woody is vulnerable see #237422
-CVE-2002-1307
+CVE-2002-1307 (Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and
earlier ...)
{DSA-199}
- mhonarc 2.5.13-1
-CVE-2002-1296
+CVE-2002-1296 (Directory traversal vulnerability in priocntl system call in
Solaris ...)
NOTE: not-for-us (Solaris)
-CVE-2002-1284
+CVE-2002-1284 (The wizard in KGPG 0.6 through 0.8.2 does not properly provide
the ...)
- kdeutils 4:3.2.1-1
-CVE-2002-1278
+CVE-2002-1278 (The mailconf module in Linuxconf 1.24, and other versions before
1.28, ...)
NOTE: Linuxconf not in testing/unstable
-CVE-2002-1277
+CVE-2002-1277 (Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may
allow ...)
{DSA-190}
- wmaker 0.80.1-1
-CVE-2002-1272
+CVE-2002-1272 (Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains
a ...)
NOTE: not-for-us (Alcatel)
-CVE-2002-1271
+CVE-2002-1271 (The Mail::Mailer Perl module in the perl-MailTools package 1.47
and ...)
{DSA-386}
- libmailtools-perl 1.51
-CVE-2002-1270
+CVE-2002-1270 (Mac OS X 10.2.2 allows local users to read files that only allow
write ...)
NOTE: not-for-us (Mac OS X)
-CVE-2002-1268
+CVE-2002-1268 (Mac OS X 10.2.2 allows local users to gain privileges via a
mounted ...)
NOTE: not-for-us (Mac OS X)
-CVE-2002-1267
+CVE-2002-1267 (Mac OS X 10.2.2 allows remote attackers to cause a denial of
service ...)
NOTE: not-for-us (Mac OS X)
-CVE-2002-1266
+CVE-2002-1266 (Mac OS X 10.2.2 allows local users to gain privileges by
mounting a ...)
NOTE: not-for-us (Mac OS X)
-CVE-2002-1265
+CVE-2002-1265 (The Sun RPC functionality in multiple libc implementations does
not ...)
NOTE: don''t know which version of glibc fix this
NOTE: I''ve mailed maintainers.
TODO: check
-CVE-2002-1264
+CVE-2002-1264 (Buffer overflow in Oracle iSQL*Plus web application of the
Oracle 9 ...)
NOTE: not-for-us (oracle)
-CVE-2002-1260
+CVE-2002-1260 (The Java Database Connectivity (JDBC) APIs in Microsoft Virtual
...)
NOTE: not-for-us (Microsoft JVM)
-CVE-2002-1257
+CVE-2002-1257 (Microsoft Virtual Machine (VM) up to and including build
5.0.3805 ...)
NOTE: not-for-us (Microsoft JVM)
-CVE-2002-1256
+CVE-2002-1256 (The SMB signing capability in the Server Message Block (SMB)
protocol ...)
NOTE: not-for-us (Microsoft Windows)
-CVE-2002-1255
+CVE-2002-1255 (Microsoft Outlook 2002 allows remote attackers to cause a denial
of ...)
NOTE: not-for-us (Microsoft Outlook)
-CVE-2002-1253
+CVE-2002-1253 (Abuse 2.00 and earlier allows local users to gain privileges via
...)
NOTE: not-for-us (Abuse 2.00 not in Debian)
-CVE-2002-1252
+CVE-2002-1252 (The Application Messaging Gateway for PeopleTools 8.1x before
8.19, as ...)
NOTE: not-for-us (PeopleSoft)
-CVE-2002-1251
+CVE-2002-1251 (Buffer overflow in log2mail before 0.2.5.1 allows remote
attackers to ...)
{DSA-186}
- log2mail 0.2.6-1
-CVE-2002-1250
+CVE-2002-1250 (Buffer overflow in Abuse 2.00 and earlier allows local users to
gain ...)
NOTE: not-for-us (Abuse 2.00 not in Debian)
-CVE-2002-1248
+CVE-2002-1248 (Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and
other ...)
NOTE: not-for-us (Xeneo Web Server)
-CVE-2002-1245
+CVE-2002-1245 (Maped in LuxMan 0.41 uses the user-provided search path to find
and ...)
{DSA-189}
- luxman 0.41-19
-CVE-2002-1244
+CVE-2002-1244 (Format string vulnerability in Pablo FTP Server 1.5, 1.3, and
possibly ...)
NOTE: not-for-us (Pablo FTP Server)
-CVE-2002-1242
+CVE-2002-1242 (SQL injection vulnerability in PHP-Nuke before 6.0 allows remote
...)
NOTE: not-for-us (PHP-Nuke not in Debian)
-CVE-2002-1239
+CVE-2002-1239 (QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to
find and ...)
NOTE: not-for-us (QNX)
-CVE-2002-1236
+CVE-2002-1236 (The remote management web server for Linksys BEFSR41 EtherFast
...)
NOTE: not-for-us (Linksys)
-CVE-2002-1232
+CVE-2002-1232 (Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the
NIS ...)
{DSA-180}
- nis 3.9-6.2
-CVE-2002-1231
+CVE-2002-1231 (SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to
cause a ...)
NOTE: not-for-us (SCO)
-CVE-2002-1230
+CVE-2002-1230 (NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition,
Windows ...)
NOTE: not-for-us (Windows NT)
-CVE-2002-1227
+CVE-2002-1227 (PAM 0.76 treats a disabled password as if it were an empty
(null) ...)
{DSA-177}
- pam 0.76-6
-CVE-2002-1224
+CVE-2002-1224 (Directory traversal vulnerability in kpf for KDE 3.0.1 through
KDE ...)
- kdenetwork 4:3.1.0-1
-CVE-2002-1223
+CVE-2002-1223 (Buffer overflow in DSC 3.0 parser from GSview, as used in
KGhostView ...)
- kdegraphics 4:3.1.0-1
-CVE-2002-1222
+CVE-2002-1222 (Buffer overflow in the embedded HTTP server for Cisco Catalyst
...)
NOTE: not-for-us (CISCO)
-CVE-2002-1221
+CVE-2002-1221 (BIND 8.x through 8.3.3 allows remote attackers to cause a denial
of ...)
{DSA-196}
- bind 1:8.3.3-3
-CVE-2002-1220
+CVE-2002-1220 (BIND 8.3.x through 8.3.3 allows remote attackers to cause a
denial of ...)
{DSA-196}
- bind 1:8.3.3-3
-CVE-2002-1219
+CVE-2002-1219 (Buffer overflow in named in BIND 4 versions 4.9.10 and earlier,
and 8 ...)
{DSA-196}
- bind 1:8.3.3-3
-CVE-2002-1214
+CVE-2002-1214 (Buffer overflow in Microsoft PPTP Service on Windows XP and
Windows ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1211
+CVE-2002-1211 (Prometheus 6.0 and earlier allows remote attackers to execute
...)
NOTE: not-for-us (Prometheus not in Debian)
-CVE-2002-1200
+CVE-2002-1200 (Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20,
when ...)
{DSA-175}
- syslog-ng 1.5.21-1
-CVE-2002-1199
+CVE-2002-1199 (The getdbm procedure in ypxfrd allows local users to read
arbitrary ...)
NOTE: not-for-us (ypxfrd not in Debian)
-CVE-2002-1198
+CVE-2002-1198 (Bugzilla 2.16.x before 2.16.1 does not properly filter
apostrophes ...)
- bugzilla 2.16.1-1
NOTE: woody seems to be vulnerable, bug #282500
-CVE-2002-1197
+CVE-2002-1197 (bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and
2.16.x ...)
- bugzilla 2.16.1-1
NOTE: woody seems to be vulnerable, bug #282501
-CVE-2002-1196
+CVE-2002-1196 (editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x
before ...)
{DSA-173}
- bugzilla 2.16.0-2.1
-CVE-2002-1195
+CVE-2002-1195 (Cross-site scripting vulnerability (XSS) in the PHP interface
for ...)
{DSA-169}
- php3 3:3.0.18-23.2
- php4 4:4.2.3-3
-CVE-2002-1193
+CVE-2002-1193 (tkmail before 4.0beta9-8.1 allows local users to create or
overwrite ...)
{DSA-172}
NOTE: tkmail not in testing/unstable
-CVE-2002-1189
+CVE-2002-1189 (The default configuration of Cisco Unity 2.x and 3.x does not
block ...)
NOTE: not-for-us (CISCO)
-CVE-2002-1188
+CVE-2002-1188 (Internet Explorer 5.01 through 6.0 allows remote attackers to
identify ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1187
+CVE-2002-1187 (Cross-site scripting vulnerability (XSS) in Internet Explorer
5.01 ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1186
+CVE-2002-1186 (Internet Explorer 5.01 through 6.0 does not properly perform
security ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1185
+CVE-2002-1185 (Internet Explorer 5.01 through 6.0 does not properly check
certain ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1184
+CVE-2002-1184 (The system root folder of Microsoft Windows 2000 has default
...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1183
+CVE-2002-1183 (Microsoft Windows 98 and Windows NT 4.0 do not properly verify
the ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1182
+CVE-2002-1182 (IIS 5.0 and 5.1 allows remote attackers to cause a denial of
service ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1180
+CVE-2002-1180 (A typographical error in the script source access permissions
for ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1179
+CVE-2002-1179 (Buffer overflow in the S/MIME Parsing capability in Microsoft
Outlook ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1178
+CVE-2002-1178 (Directory traversal vulnerability in the CGIServlet for Jetty
HTTP ...)
- jetty 4.1.0
-CVE-2002-1170
+CVE-2002-1170 (The handle_var_requests function in snmp_agent.c for the SNMP
daemon ...)
- net-snmp 5.0.6
-CVE-2002-1169
+CVE-2002-1169 (IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before
...)
NOTE: not-for-us (IBM Web Traffic Express Caching Proxy Server)
-CVE-2002-1160
+CVE-2002-1160 (The default configuration of the pam_xauth module forwards ...)
NOTE: not-for-us (pam_xauth)
-CVE-2002-1159
+CVE-2002-1159 (Canna 3.6 and earlier does not properly validate requests, which
...)
{DSA-224}
-CVE-2002-1158
+CVE-2002-1158 (Buffer overflow in the irw_through function for Canna 3.5b2 and
...)
{DSA-224}
-CVE-2002-1157
+CVE-2002-1157 (Cross-site scripting vulnerability in the mod_ssl Apache module
2.8.9 ...)
{DSA-181}
-CVE-2002-1156
+CVE-2002-1156 (Apache 2.0.42 allows remote attackers to view the source code of
a CGI ...)
- apache2 2.0.43
-CVE-2002-1154
+CVE-2002-1154 (anlgform.pl in Analog before 5.23 does not restrict access to
the ...)
- analog 2:5.23
-CVE-2002-1153
+CVE-2002-1153 (IBM Websphere 4.0.3 allows remote attackers to cause a denial of
...)
NOTE: not-for-us (IBM Websphere)
-CVE-2002-1152
+CVE-2002-1152 (Konqueror in KDE 3.0 through 3.0.2 does not properly detect the
...)
- konqueror 3.03
-CVE-2002-1151
+CVE-2002-1151 (The cross-site scripting protection for Konqueror in KDE 2.2.2
and 3.0 ...)
{DSA-167}
-CVE-2002-1148
+CVE-2002-1148 (The default servlet
(org.apache.catalina.servlets.DefaultServlet) in ...)
{DSA-170}
-CVE-2002-1147
+CVE-2002-1147 (The HTTP administration interface for HP Procurve 4000M Switch
...)
NOTE: not-for-us (HP Procurve 4000M Switch firmware)
-CVE-2002-1146
+CVE-2002-1146 (The BIND 4 and BIND 8.2.x stub resolver libraries, and other
libraries ...)
NOTE: see http://www.kb.cert.org/vuls/id/AAMN-5D28K6 (glibc)
NOTE: see http://www.kb.cert.org/vuls/id/AAMN-5D287U (bind)
- libc6 2.3
- bind 1:8.3.3
-CVE-2002-1142
+CVE-2002-1142 (Heap-based buffer overflow in the Remote Data Services (RDS)
component ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1141
+CVE-2002-1141 (An input validation error in the Sun Microsystems RPC library
Services ...)
NOTE: not-for-us (Sun Microsystems RPC library Services for Unix 3.0 Interix
SD, as implemented on Microsoft Windows NT4, 2000, and XP)
-CVE-2002-1140
+CVE-2002-1140 (The Sun Microsystems RPC library Services for Unix 3.0 Interix
SD, as ...)
NOTE: not-for-us (Sun Microsystems RPC library Services for Unix 3.0 Interix
SD, as implemented on Microsoft Windows NT4, 2000, and XP)
-CVE-2002-1139
+CVE-2002-1139 (The Compressed Folders feature in Microsoft Windows 98 with
Plus! ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1138
+CVE-2002-1138 (Microsoft SQL Server 7.0 and 2000, including Microsoft Data
Engine ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1137
+CVE-2002-1137 (Buffer overflow in the Database Console Command (DBCC) that
handles ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1135
+CVE-2002-1135 (modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and
earlier, ...)
NOTE: not-for-us (phpWebSite)
-CVE-2002-1132
+CVE-2002-1132 (SquirrelMail 1.2.7 and earlier allows remote attackers to
determine ...)
{DSA-191}
-CVE-2002-1126
+CVE-2002-1126 (Mozilla 1.1 and earlier, and Mozilla-based browsers such as
Netscape ...)
- mozilla 2:1.2
-CVE-2002-1123
+CVE-2002-1123 (Buffer overflow in the authentication function for Microsoft SQL
...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1122
+CVE-2002-1122 (Buffer overflow in the parsing mechanism for ISS Internet
Scanner ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1119
+CVE-2002-1119 (os._execvpe from os.py in Python 2.2.1 and earlier creates
temporary ...)
{DSA-159}
-CVE-2002-1118
+CVE-2002-1118 (TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and
9.0.x, and ...)
NOTE: not-for-us (Oracle)
-CVE-2002-1117
+CVE-2002-1117 (Veritas Backup Exec 8.5 and earlier requires that the ...)
NOTE: not-for-us (Veritas Backup Exec)
-CVE-2002-1116
+CVE-2002-1116 (The "View Bugs" page (view_all_bug_page.php)
in Mantis 0.17.4a and ...)
{DSA-161}
-CVE-2002-1113
+CVE-2002-1113 (summary_graph_functions.php in Mantis 0.17.3 and earlier allows
remote ...)
{DSA-153}
-CVE-2002-1112
+CVE-2002-1112 (Mantis before 0.17.4 allows remote attackers to list project
bugs ...)
{DSA-153}
-CVE-2002-1111
+CVE-2002-1111 (print_all_bug_page.php in Mantis 0.17.3 and earlier does not
verify ...)
{DSA-153}
-CVE-2002-1109
+CVE-2002-1109 (securetar, as used in AMaViS shell script 0.2.1 and earlier,
allows ...)
NOTE: old amavis shell script
-CVE-2002-1108
+CVE-2002-1108 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and
3.x ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1107
+CVE-2002-1107 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and
3.x ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1106
+CVE-2002-1106 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and
3.x ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1105
+CVE-2002-1105 (Cisco Virtual Private Network (VPN) Client software 2.x.x, and
3.x ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1104
+CVE-2002-1104 (Cisco Virtual Private Network (VPN) Client software 2.x.x and
3.x ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1102
+CVE-2002-1102 (The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator
2.2.x, ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1099
+CVE-2002-1099 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows
remote ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1098
+CVE-2002-1098 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an
...)
NOTE: not-for-us (Cisco)
-CVE-2002-1097
+CVE-2002-1097 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows
...)
NOTE: not-for-us (Cisco)
-CVE-2002-1096
+CVE-2002-1096 (Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows
...)
NOTE: not-for-us (Cisco)
-CVE-2002-1095
+CVE-2002-1095 (Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption
enabled, ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1093
+CVE-2002-1093 (HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x
before ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1092
+CVE-2002-1092 (Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x,
when ...)
NOTE: not-for-us (Cisco)
-CVE-2002-1091
+CVE-2002-1091 (Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote
attackers ...)
- mozilla 2:1.0.2
-CVE-2002-1088
+CVE-2002-1088 (Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows
remote ...)
NOTE: not-for-us (Novell GroupWise)
-CVE-2002-1081
+CVE-2002-1081 (The Administration console for Abyss Web Server 1.0.3 allows
remote ...)
NOTE: not-for-us (Abyss Web Server)
-CVE-2002-1079
+CVE-2002-1079 (Directory traversal vulnerability in Abyss Web Server 1.0.3
allows ...)
NOTE: not-for-us (Abyss Web Server)
-CVE-2002-1076
+CVE-2002-1076 (Buffer overflow in the Web Messaging daemon for Ipswitch IMail
before ...)
NOTE: not-for-us (Ipswitch IMail)
-CVE-2002-1060
+CVE-2002-1060 (Cross-site scripting (XSS) vulnerability in CacheFlow CacheOS
4.1.06 ...)
NOTE: not-for-us (CacheFlow CacheOS)
-CVE-2002-1059
+CVE-2002-1059 (Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6,
and 4.x ...)
NOTE: not-for-us (Van Dyke SecureCRT SSH client)
-CVE-2002-1057
+CVE-2002-1057 (Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8
allows ...)
NOTE: not-for-us (SmartMax MailMax POP3 daemon)
-CVE-2002-1056
+CVE-2002-1056 (Microsoft Outlook 2000 and 2002, when configured to use
Microsoft Word ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-1054
+CVE-2002-1054 (Directory traversal vulnerability in Pablo FTP server 1.0 build
9 and ...)
NOTE: not-for-us (Pablo FTP server)
-CVE-2002-1053
+CVE-2002-1053 (Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy
Server ...)
NOTE: not-for-us (W3C Jigsaw Proxy Server)
-CVE-2002-1051
+CVE-2002-1051 (Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG
...)
{DSA-254}
-CVE-2002-1050
+CVE-2002-1050 (Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote
...)
{DSA-148}
TODO: check
-CVE-2002-1049
+CVE-2002-1049 (Format string vulnerability in HylaFAX faxgetty before 4.1.3
allows ...)
{DSA-148}
TODO: check
-CVE-2002-1046
+CVE-2002-1046 (Dynamic VPN Configuration Protocol service (DVCP) in Watchguard
...)
NOTE: not-for-us (Watchguard Firebox firmware)
-CVE-2002-1039
+CVE-2002-1039 (Directory traversal vulnerability in Double Choco Latte (DCL)
before ...)
- dcl 20020706
-CVE-2002-1035
+CVE-2002-1035 (Omnicron OmniHTTPd 2.09 allows remote attackers to cause a
denial of ...)
NOTE: not-for-us (Omnicron OmniHTTPd)
-CVE-2002-1031
+CVE-2002-1031 (KeyFocus (KF) web server 1.0.2 allows remote attackers to list
...)
NOTE: not-for-us (KeyFocus (KF) web server)
-CVE-2002-1030
+CVE-2002-1030 (Race condition in Performance Pack in BEA WebLogic Server and
Express ...)
NOTE: not-for-us (BEA WebLogic Server and Express)
-CVE-2002-1025
+CVE-2002-1025 (JRun 3.0 through 4.0 allows remote attackers to read JSP source
code ...)
NOTE: not-for-us (JRun)
-CVE-2002-1024
+CVE-2002-1024 (Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote
...)
NOTE: not-for-us (Cisco)
-CVE-2002-1015
+CVE-2002-1015 (RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold
...)
NOTE: not-for-us (Real)
-CVE-2002-1014
+CVE-2002-1014 (Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and
RealOne ...)
NOTE: not-for-us (Real)
-CVE-2002-1013
+CVE-2002-1013 (Buffer overflow in traffic_manager for Inktomi Traffic Server
4.0.18 ...)
NOTE: not-for-us (Inktomi)
-CVE-2002-1006
+CVE-2002-1006 (Cross-site scripting (XSS) vulnerability in BBC Education Text
to ...)
NOTE: not-for-us (Betsie)
-CVE-2002-1004
+CVE-2002-1004 (Directory traversal vulnerability in webmail feature of ArGoSoft
Mail ...)
NOTE: not-for-us (ArGoSoft Mail Server)
-CVE-2002-1002
+CVE-2002-1002 (Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote
...)
NOTE: not-for-us (Novell)
-CVE-2002-1000
+CVE-2002-1000 (Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote
...)
NOTE: not-for-us (AnalogX SimpleServer:Shout)
-CVE-2002-0995
+CVE-2002-0995 (login.php for PHPAuction allows remote attackers to gain
privileges ...)
NOTE: not-for-us (PHPAuction)
-CVE-2002-0990
+CVE-2002-0990 (The web proxy component in Symantec Enterprise Firewall (SEF)
6.5.2 ...)
NOTE: not-for-us (Symantec)
-CVE-2002-0989
+CVE-2002-0989 (The URL handler in the manual browser option for Gaim before
0.59.1 ...)
{DSA-158}
-CVE-2002-0988
+CVE-2002-0988 (Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and
UnixWare ...)
NOTE: not-for-us (Xsco)
-CVE-2002-0987
+CVE-2002-0987 (X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not
drop ...)
NOTE: not-for-us (Xsco)
-CVE-2002-0986
+CVE-2002-0986 (The mail function in PHP 4.x to 4.2.2 does not filter ASCII
control ...)
{DSA-168}
-CVE-2002-0985
+CVE-2002-0985 (Argument injection vulnerability in the mail function for PHP
4.x to ...)
{DSA-168}
-CVE-2002-0984
+CVE-2002-0984 (The IRC script included in Light 2.7.x before 2.7.30p5, and
2.8.x ...)
{DSA-156}
-CVE-2002-0981
+CVE-2002-0981 (Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open
UNIX ...)
NOTE: not-for-us (ndcfg)
-CVE-2002-0974
+CVE-2002-0974 (Help and Support Center for Windows XP allows remote attackers
to ...)
NOTE: not-for-us (Help and Support Center for Windows XP)
-CVE-2002-0970
+CVE-2002-0970 (The SSL capability for Konqueror in KDE 3.0.2 and earlier does
not ...)
{DSA-155}
-CVE-2002-0969
+CVE-2002-0969 (Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0
beta ...)
NOTE: mysql problem only affects Windows
-CVE-2002-0968
+CVE-2002-0968 (Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier
allows ...)
NOTE: not-for-us (AnalogX SimpleServer:WWW)
-CVE-2002-0967
+CVE-2002-0967 (Buffer overflow in eDonkey 2000 35.16.60 and earlier allows
remote ...)
NOTE: not-for-us (eDonkey)
-CVE-2002-0965
+CVE-2002-0965 (Buffer overflow in TNS Listener for Oracle 9i Database Server on
...)
NOTE: not-for-us (Oracle)
-CVE-2002-0964
+CVE-2002-0964 (Half-Life Server 1.1.1.0 and earlier allows remote attackers to
cause ...)
NOTE: not-for-us (Half Life)
-CVE-2002-0958
+CVE-2002-0958 (Cross-site scripting vulnerability in browse.php for
PHP(Reactor) ...)
NOTE: not-for-us (PHP Reactor)
-CVE-2002-0953
+CVE-2002-0953 (globals.php in PHP Address before 0.2f, with the PHP
allow_url_fopen ...)
NOTE: not-for-us (PHP Address)
-CVE-2002-0952
+CVE-2002-0952 (Cisco ONS15454 optical transport platform running ONS 3.1.0 to
3.2.0 ...)
NOTE: not-for-us (Cisco)
-CVE-2002-0947
+CVE-2002-0947 (Buffer overflow in rwcgi60 CGI program for Oracle Reports Server
...)
NOTE: not-for-us (Oracle)
-CVE-2002-0946
+CVE-2002-0946 (Directory traversal vulnerability in SeaNox Devwex before
1.2002.0601 ...)
NOTE: not-for-us (SeaNox Devwex)
-CVE-2002-0945
+CVE-2002-0945 (Buffer overflow in SeaNox Devwex allows remote attackers to
cause a ...)
NOTE: not-for-us (SeaNox Devwex)
-CVE-2002-0941
+CVE-2002-0941 (The ConsoleCallBack class for nCipher running under JRE 1.4.0
and ...)
NOTE: not-for-us (Java on Windows)
-CVE-2002-0938
+CVE-2002-0938 (Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows
...)
NOTE: not-for-us (Cisco)
-CVE-2002-0935
+CVE-2002-0935 (Apache Tomcat 4.0.3, and possibly other versions before 4.1.3
beta, ...)
- tomcat4 4.1.9-1
-CVE-2002-0916
+CVE-2002-0916 (Format string vulnerability in the allowuser code for the
Stellar-X ...)
- squid 2.4.7
-CVE-2002-0914
+CVE-2002-0914 (Double Precision Courier e-mail MTA allows remote attackers to
cause a ...)
- courier-mta 0.46
-CVE-2002-0911
+CVE-2002-0911 (Caldera Volution Manager 1.1 stores the Directory Administrator
...)
NOTE: not-for-us (Caldera Volution Manager)
-CVE-2002-0906
+CVE-2002-0906 (Buffer overflow in Sendmail before 8.12.5, when configured to
use a ...)
- sendmail 8.12.5
-CVE-2002-0904
+CVE-2002-0904 (SayText function in Kismet 2.2.1 and earlier allows remote
attackers ...)
- kismet 2.2.2-1
-CVE-2002-0900
+CVE-2002-0900 (Buffer overflow in pks PGP public key web server before 0.9.5
allows ...)
NOTE: not-for-us (pks)
-CVE-2002-0898
+CVE-2002-0898 (Opera 6.0.1 and 6.0.2 allows a remote web site to upload
arbitrary ...)
NOTE: not-for-us (Opera)
-CVE-2002-0897
+CVE-2002-0897 (LocalWEB2000 2.1.0 web server allows remote attackers to bypass
access ...)
NOTE: not-for-us (LocalWEB2000)
-CVE-2002-0895
+CVE-2002-0895 (Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote
...)
NOTE: not-for-us (MatuFtpServer)
-CVE-2002-0892
+CVE-2002-0892 (The default configuration of NewAtlanta ServletExec ISAPI 4.1
allows ...)
NOTE: not-for-us (NewAtlanta ServletExec ISAPI)
-CVE-2002-0891
+CVE-2002-0891 (The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8,
and ...)
NOTE: not-for-us (NetScreen ScreenOS)
-CVE-2002-0889
+CVE-2002-0889 (Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows
local ...)
- qpopper 4.0.5-1
-CVE-2002-0887
+CVE-2002-0887 (scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local
users ...)
NOTE: not-for-us (scoadmin)
-CVE-2002-0875
+CVE-2002-0875 (Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows
...)
{DSA-154}
-CVE-2002-0873
+CVE-2002-0873 (Vulnerability in l2tpd 0.67 allows remote attackers to overwrite
the ...)
{DSA-152}
-CVE-2002-0872
+CVE-2002-0872 (l2tpd 0.67 does not initialize the random number generator,
which ...)
{DSA-152}
-CVE-2002-0871
+CVE-2002-0871 (xinetd 2.3.4 leaks file descriptors for the signal pipe to
services ...)
{DSA-151}
-CVE-2002-0867
+CVE-2002-0867 (Microsoft Virtual Machine (VM) up to and including build
5.0.3805 ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0866
+CVE-2002-0866 (Java Database Connectivity (JDBC) classes in Microsoft Virtual
Machine ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0865
+CVE-2002-0865 (A certain class that supports XML (Extensible Markup Language)
in ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0864
+CVE-2002-0864 (The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows
XP ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0860
+CVE-2002-0860 (The LoadText method in the spreadsheet component in Microsoft
Office ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0859
+CVE-2002-0859 (Buffer overflow in the OpenDataSource function of the Jet engine
on ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0856
+CVE-2002-0856 (SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows
remote ...)
NOTE: not-for-us (Oracle)
-CVE-2002-0853
+CVE-2002-0853 (Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier
allows ...)
NOTE: not-for-us (Cisco)
-CVE-2002-0851
+CVE-2002-0851 (Format string vulnerability in ISDN Point to Point Protocol
(PPP) ...)
- isdnutils 1:3.2
-CVE-2002-0850
+CVE-2002-0850 (Buffer overflow in PGP Corporate Desktop 7.1.1 allows remote
attackers ...)
NOTE: not-for-us (PGP corporate desktop)
-CVE-2002-0848
+CVE-2002-0848 (Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and
earlier, ...)
NOTE: not-for-us (Cisco)
-CVE-2002-0847
+CVE-2002-0847 (tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote
attackers ...)
{DSA-145}
TODO: check
-CVE-2002-0846
+CVE-2002-0846 (The decoder for Macromedia Shockwave Flash allows remote
attackers to ...)
- flashplugin-nonfree 6.0.47
-CVE-2002-0845
+CVE-2002-0845 (Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0
allows ...)
NOTE: not-for-us (Sun ONE)
-CVE-2002-0844
+CVE-2002-0844 (Off-by-one overflow in the CVS PreservePermissions of rcs.c for
CVSD ...)
- cvs 1:1.11.2
-CVE-2002-0842
+CVE-2002-0842 (Format string vulnerability in certain third party modifications
to ...)
NOTE: mod_dav for apache not vulnerable according to
NOTE: lists.netsys.com/pipermail/full-disclosure/2003-February/003875.html
-CVE-2002-0840
+CVE-2002-0840 (Cross-site scripting (XSS) vulnerability in the default error
page of ...)
{DSA-195 DSA-188 DSA-187}
- apache2 2.0.43-1
- apache 1.3.27-0.1
-CVE-2002-0836
+CVE-2002-0836 (dvips converter for Postscript files in the tetex package calls
the ...)
{DSA-207}
-CVE-2002-0835
+CVE-2002-0835 (Preboot eXecution Environment (PXE) server allows remote
attackers to ...)
NOTE: not-for-us (RedHat/Intel PXE daemon)
NOTE: this is not the one in Debian
-CVE-2002-0831
+CVE-2002-0831 (The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows
local ...)
NOTE: not-for-us (FreeBSD)
-CVE-2002-0830
+CVE-2002-0830 (Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and
earlier, ...)
NOTE: not-for-us (BSD/NFS)
-CVE-2002-0829
+CVE-2002-0829 (Integer overflow in the Berkeley Fast File System (FFS) in
FreeBSD ...)
NOTE: not-for-us (FreeBSD)
-CVE-2002-0826
+CVE-2002-0826 (Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote
authenticated ...)
NOTE: not-for-us (WS FTP server)
-CVE-2002-0824
+CVE-2002-0824 (BSD pppd allows local users to change the permissions of
arbitrary ...)
NOTE: not-for-us (BSD/pppd)
-CVE-2002-0823
+CVE-2002-0823 (Buffer overflow in Winhlp32.exe allows remote attackers to
execute ...)
NOTE: not-for-us (Windows)
-CVE-2002-0818
+CVE-2002-0818 (wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows
remote ...)
{DSA-144}
TODO: check
-CVE-2002-0817
+CVE-2002-0817 (Format string vulnerability in super for Linux allows local
users to ...)
{DSA-139}
TODO: check
-CVE-2002-0816
+CVE-2002-0816 (Buffer overflow in su in Tru64 Unix 5.x allows local users to
gain ...)
NOTE: not-for-us (HP Tru64)
-CVE-2002-0814
+CVE-2002-0814 (Buffer overflow in VMware Authorization Service for VMware GSX
Server ...)
NOTE: not-for-us (VMware)
-CVE-2002-0813
+CVE-2002-0813 (Heap-based buffer overflow in the TFTP server capability in
Cisco IOS ...)
NOTE: not-for-us (Cisco)
-CVE-2002-0810
+CVE-2002-0810 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs
error ...)
- bugzilla 2.16.0
-CVE-2002-0809
+CVE-2002-0809 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not
...)
- bugzilla 2.16.0
-CVE-2002-0808
+CVE-2002-0808 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when
performing ...)
- bugzilla 2.16.0
-CVE-2002-0806
+CVE-2002-0806 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows
...)
- bugzilla 2.16.0
-CVE-2002-0805
+CVE-2002-0805 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1)
creates new ...)
- bugzilla 2.16.0
-CVE-2002-0804
+CVE-2002-0804 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when
configured ...)
- bugzilla 2.16.0
-CVE-2002-0802
+CVE-2002-0802 (The multibyte support in PostgreSQL 6.5.x with SQL_ASCII
encoding ...)
- postgresql 7.2
-CVE-2002-0801
+CVE-2002-0801 (Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1
allows ...)
NOTE: not-for-us (Macromedia / Windows)
-CVE-2002-0795
+CVE-2002-0795 (The rc system startup script for FreeBSD 4 through 4.5 allows
local ...)
NOTE: not-for-us (FreeBSD)
-CVE-2002-0794
+CVE-2002-0794 (The accept_filter mechanism in FreeBSD 4 through 4.5 does not
properly ...)
NOTE: not-for-us (FreeBSD)
-CVE-2002-0790
+CVE-2002-0790 (clchkspuser and clpasswdremote in AIX expose an encrypted
password in ...)
NOTE: not-for-us (AIX)
-CVE-2002-0789
+CVE-2002-0789 (Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier
allows ...)
- mnogosearch 3.1.19-3
-CVE-2002-0788
+CVE-2002-0788 (An interaction between PGP 7.0.3 with the "wipe deleted
files" option, ...)
NOTE: not-for-us (windows)
-CVE-2002-0785
+CVE-2002-0785 (AOL Instant Messenger (AIM) allows remote attackers to cause a
denial ...)
NOTE: not-for-us (AOL AIM)
-CVE-2002-0778
+CVE-2002-0778 (The default configuration of the proxy for Cisco Cache Engine
and ...)
NOTE: not-for-us (CISCO)
-CVE-2002-0777
+CVE-2002-0777 (Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and
...)
NOTE: not-for-us (Ipswitch not in Debian)
-CVE-2002-0776
+CVE-2002-0776 (getuserdesc.asp in Hosting Controller 2002 allows remote
attackers to ...)
NOTE: not-for-us (Hosting Controller 2002)
-CVE-2002-0768
+CVE-2002-0768 (Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0,
and ...)
- lukemftp 1.5-7
-CVE-2002-0766
+CVE-2002-0766 (OpenBSD 2.9 through 3.1 allows local users to cause a denial of
...)
NOTE: not-for-us (OpenBSD)
-CVE-2002-0765
+CVE-2002-0765 (sshd in OpenSSH 3.2.2, when using YP with netgroups and under
certain ...)
- openssh 1:3.3p1-0.0woody1
-CVE-2002-0762
+CVE-2002-0762 (shadow package in SuSE 8.0 allows local users to destroy the
...)
NOTE: not-for-us (SUSE specific)
-CVE-2002-0761
+CVE-2002-0761 (bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and
...)
NOTE: not-for-us (FreeBSD and OpenLinux)
-CVE-2002-0760
+CVE-2002-0760 (Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier,
...)
NOTE: not-for-us (FreeBSD and OpenLinux)
-CVE-2002-0759
+CVE-2002-0759 (bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and
...)
NOTE: not-for-us (FreeBSD and OpenLinux)
-CVE-2002-0758
+CVE-2002-0758 (ifup-dhcp script in the sysconfig package for SuSE 8.0 allows
remote ...)
NOTE: not-for-us (SUSE specific)
-CVE-2002-0755
+CVE-2002-0755 (Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify
that a ...)
NOTE: not-for-us (FreeBSD)
-CVE-2002-0754
+CVE-2002-0754 (Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the
getlogin ...)
NOTE: not-for-us (FreeBSD)
-CVE-2002-0748
+CVE-2002-0748 (LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to
cause ...)
NOTE: not-for-us (Labview)
-CVE-2002-0741
+CVE-2002-0741 (psyBNC 2.3 allows remote attackers to cause a denial of service
(CPU ...)
NOTE: not-for-us (psyBNC)
-CVE-2002-0738
+CVE-2002-0738 (MHonArc 2.5.2 and earlier does not properly filter Javascript
from ...)
{DSA-163}
-CVE-2002-0737
+CVE-2002-0737 (Sambar web server before 5.2 beta 1 allows remote attackers to
obtain ...)
NOTE: not-for-us (Sambar web server)
-CVE-2002-0736
+CVE-2002-0736 (Microsoft BackOffice 4.0 and 4.5, when configured to be
accessible by ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0734
+CVE-2002-0734 (b2edit.showposts.php in B2 2.0.6pre2 and earlier does not
properly ...)
NOTE: not-for-us (B2)
-CVE-2002-0733
+CVE-2002-0733 (Cross-site scripting vulnerability in thttpd 2.20 and earlier
allows ...)
- thttpd 2.21
-CVE-2002-0729
+CVE-2002-0729 (Microsoft SQL Server 2000 allows remote attackers to cause a
denial of ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0727
+CVE-2002-0727 (The Host function in Microsoft Office Web Components (OWC) 2000
and ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0726
+CVE-2002-0726 (Buffer overflow in Microsoft Terminal Services Advanced Client
(TSAC) ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0722
+CVE-2002-0722 (Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote
attackers ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0720
+CVE-2002-0720 (A handler routine for the Network Connection Manager (NCM) in
Windows ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0719
+CVE-2002-0719 (SQL injection vulnerability in the function that services for
...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0718
+CVE-2002-0718 (Web authoring command in Microsoft Content Management Server
(MCMS) ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0716
+CVE-2002-0716 (Format string vulnerability in crontab for SCO OpenServer 5.0.5
and ...)
NOTE: not-for-us (SCO OpenServer)
-CVE-2002-0714
+CVE-2002-0714 (FTP proxy in Squid before 2.4.STABLE6 does not compare the IP
...)
- squid 2.4.6
-CVE-2002-0710
+CVE-2002-0710 (Directory traversal vulnerability in sendform.cgi 1.44 and
earlier ...)
NOTE: not-for-us (sendform.cgi)
-CVE-2002-0704
+CVE-2002-0704 (The Network Address Translation (NAT) capability for Netfilter
...)
NOTE: kernel netfilter bug, not in user space
NOTE: this is fixed in kernel 2.4.20
TODO: check
- kernel-image-2.4.18-i386 (bug #152152; unimportant)
-CVE-2002-0703
+CVE-2002-0703 (An interaction between the Perl MD5 module (perl-Digest-MD5) and
Perl ...)
- perl 5.8.0-7
NOTE: woody seems to be vulnerable, bug #282527
-CVE-2002-0701
+CVE-2002-0701 (ktrace in BSD-based operating systems allows the owner of a
process ...)
NOTE: not-for-us (BSD)
-CVE-2002-0700
+CVE-2002-0700 (Buffer overflow in a system function that performs user
authentication ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0698
+CVE-2002-0698 (Buffer overflow in Internet Mail Connector (IMC) for Microsoft
...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0697
+CVE-2002-0697 (Microsoft Metadirectory Services (MMS) 2.2 allows remote
attackers to ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0696
+CVE-2002-0696 (Microsoft Visual FoxPro 6.0 does not register its associated
files ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0695
+CVE-2002-0695 (Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component
of ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0694
+CVE-2002-0694 (The HTML Help facility in Microsoft Windows 98, 98 Second
Edition, ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0692
+CVE-2002-0692 (Buffer overflow in SmartHTML Interpreter (shtml.dll) in
Microsoft ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0691
+CVE-2002-0691 (Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers
to ...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0688
+CVE-2002-0688 (ZCatalog plug-in index support capability for Zope 2.4.0 through
2.5.1 ...)
{DSA-490}
-CVE-2002-0687
+CVE-2002-0687 (The "through the web code" capability for Zope
2.0 through 2.5.1 b1 ...)
- zope 2.5.1b2
-CVE-2002-0685
+CVE-2002-0685 (Heap-based buffer overflow in the message decoding functionality
for ...)
NOTE: not-for-us (PGP Outlook Encryption Plug-In)
-CVE-2002-0682
+CVE-2002-0682 (Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows
...)
- tomcat 4.0.4
-CVE-2002-0679
+CVE-2002-0679 (Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC
...)
NOTE: not-for-us (CDE)
-CVE-2002-0678
+CVE-2002-0678 (CDE ToolTalk database server (ttdbserver) allows local users to
...)
NOTE: not-for-us (CDE ToolTalk)
-CVE-2002-0676
+CVE-2002-0676 (SoftwareUpdate for MacOS 10.1.x does not use authentication when
...)
NOTE: not-for-us (MacOS)
-CVE-2002-0674
+CVE-2002-0674 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through
1.2.7.4 ...)
NOTE: not-for-us (Pingtel xpressa SIP-based voice-over-IP phone)
-CVE-2002-0673
+CVE-2002-0673 (The enrollment process for Pingtel xpressa SIP-based
voice-over-IP ...)
NOTE: not-for-us (Pingtel xpressa SIP-based voice-over-IP phone)
-CVE-2002-0672
+CVE-2002-0672 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through
1.2.7.4 ...)
NOTE: not-for-us (Pingtel xpressa SIP-based voice-over-IP phone)
-CVE-2002-0671
+CVE-2002-0671 (Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through
1.2.7.4 ...)
NOTE: not-for-us (Pingtel xpressa SIP-based voice-over-IP phone)
-CVE-2002-0668
+CVE-2002-0668 (The web interface for Pingtel xpressa SIP-based voice-over-IP
phone ...)
NOTE: not-for-us (Pingtel xpressa SIP-based voice-over-IP phone)
-CVE-2002-0665
+CVE-2002-0665 (Macromedia JRun Administration Server allows remote attackers to
...)
NOTE: not-for-us (Microsoft)
-CVE-2002-0663
+CVE-2002-0663 (Buffer overflow in HTTP Proxy for Symantec Norton Personal
Internet ...)
NOTE: not-for-us (Norton)
-CVE-2002-0662
+CVE-2002-0662 (scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local
users ...)
{DSA-160}
-CVE-2002-0658
+CVE-2002-0658 (OSSP mm library (libmm) before 1.2.0 allows the local Apache
user to ...)
{DSA-137}
TODO: check
-CVE-2002-0653
+CVE-2002-0653 (Off-by-one buffer overflow in rewrite_command hook for mod_ssl
Apache ...)
TODO: check
STOP: this is approximatly the release of woody, so we can stop here
-CVE-2002-0651
-CVE-2002-0650
-CVE-2002-0648
-CVE-2002-0647
-CVE-2002-0642
-CVE-2002-0640
-CVE-2002-0639
-CVE-2002-0638
-CVE-2002-0631
-CVE-2002-0630
-CVE-2002-0627
-CVE-2002-0623
-CVE-2002-0622
-CVE-2002-0621
-CVE-2002-0619
-CVE-2002-0618
-CVE-2002-0617
-CVE-2002-0616
-CVE-2002-0615
-CVE-2002-0613
-CVE-2002-0605
-CVE-2002-0601
-CVE-2002-0599
-CVE-2002-0598
-CVE-2002-0597
-CVE-2002-0594
-CVE-2002-0576
-CVE-2002-0575
-CVE-2002-0574
-CVE-2002-0573
-CVE-2002-0571
-CVE-2002-0569
-CVE-2002-0567
-CVE-2002-0553
-CVE-2002-0546
-CVE-2002-0545
-CVE-2002-0543
-CVE-2002-0542
-CVE-2002-0539
-CVE-2002-0538
-CVE-2002-0536
-CVE-2002-0532
-CVE-2002-0531
-CVE-2002-0516
-CVE-2002-0513
-CVE-2002-0512
-CVE-2002-0511
-CVE-2002-0506
-CVE-2002-0505
-CVE-2002-0501
-CVE-2002-0497
-CVE-2002-0495
-CVE-2002-0494
-CVE-2002-0493
-CVE-2002-0490
-CVE-2002-0488
-CVE-2002-0484
-CVE-2002-0473
-CVE-2002-0464
-CVE-2002-0463
-CVE-2002-0462
-CVE-2002-0454
-CVE-2002-0451
-CVE-2002-0445
-CVE-2002-0444
-CVE-2002-0443
-CVE-2002-0442
-CVE-2002-0441
-CVE-2002-0437
-CVE-2002-0435
-CVE-2002-0431
-CVE-2002-0429
+CVE-2002-0651 (Buffer overflow in the DNS resolver code used in libc, glibc,
and ...)
+CVE-2002-0650 (The keep-alive mechanism for Microsoft SQL Server 2000 allows
remote ...)
+CVE-2002-0648 (The legacy <script> data-island capability for XML
in Microsoft ...)
+CVE-2002-0647 (Buffer overflow in a legacy ActiveX control used to display
specially ...)
+CVE-2002-0642 (The registry key containing the SQL Server service account
information ...)
+CVE-2002-0640 (Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow
remote ...)
+CVE-2002-0639 (Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows
remote ...)
+CVE-2002-0638 (setpwnam.c in the util-linux package, as included in Red Hat
Linux 7.3 ...)
+CVE-2002-0631 (Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX
6.5 ...)
+CVE-2002-0630 (The Telnet service for Polycom ViewStation before 7.2.4 allows
remote ...)
+CVE-2002-0627 (The Web server for Polycom ViewStation before 7.2.4 allows
remote ...)
+CVE-2002-0623 (Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce
...)
+CVE-2002-0622 (The Office Web Components (OWC) package installer for Microsoft
...)
+CVE-2002-0621 (Buffer overflow in the Office Web Components (OWC) package
installer ...)
+CVE-2002-0619 (The Mail Merge Tool in Microsoft Word 2002 for Windows, when
Microsoft ...)
+CVE-2002-0618 (The Macro Security Model in Microsoft Excel 2000 and 2002 for
Windows ...)
+CVE-2002-0617 (The Macro Security Model in Microsoft Excel 2000 and 2002 for
Windows ...)
+CVE-2002-0616 (The Macro Security Model in Microsoft Excel 2000 and 2002 for
Windows ...)
+CVE-2002-0615 (The Windows Media Active Playlist in Microsoft Windows Media
Player ...)
+CVE-2002-0613 (dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote
...)
+CVE-2002-0605 (Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23
...)
+CVE-2002-0601 (ISS RealSecure Network Sensor 5.x through 6.5 allows remote
attackers ...)
+CVE-2002-0599 (Blahz-DNS 0.2 and earlier allows remote attackers to bypass ...)
+CVE-2002-0598 (Format string vulnerability in Foundstone FScan 1.12 with banner
...)
+CVE-2002-0597 (LANMAN service on Microsoft Windows 2000 allows remote attackers
to ...)
+CVE-2002-0594 (Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote
attackers to ...)
+CVE-2002-0576 (ColdFusion 5.0 and earlier on Windows systems allows remote
attackers ...)
+CVE-2002-0575 (Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1,
with ...)
+CVE-2002-0574 (Memory leak in FreeBSD 4.5 and earlier allows remote attackers
to ...)
+CVE-2002-0573 (Format string vulnerability in RPC wall daemon (rpc.rwalld) for
...)
+CVE-2002-0571 (Oracle Oracle9i database server 9.0.1.x allows local users to
access ...)
+CVE-2002-0569 (Oracle 9i Application Server allows remote attackers to bypass
access ...)
+CVE-2002-0567 (Oracle 8i and 9i with PL/SQL package for External Procedures
(EXTPROC) ...)
+CVE-2002-0553 (Cross-site scripting vulnerability in SunShop 2.5 and earlier
allows ...)
+CVE-2002-0546 (Cross-site scripting vulnerability in the mini-browser for
Winamp 2.78 ...)
+CVE-2002-0545 (Cisco Aironet before 11.21 with Telnet enabled allows remote
attackers ...)
+CVE-2002-0543 (Directory traversal vulnerability in Aprelium Abyss Web Server
...)
+CVE-2002-0542 (mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape
character in ...)
+CVE-2002-0539 (Demarc PureSecure 1.05 allows remote attackers to gain
administrative ...)
+CVE-2002-0538 (FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0
...)
+CVE-2002-0536 (PHPGroupware 0.9.12 and earlier, when running with the ...)
+CVE-2002-0532 (EMU Webmail allows local users to execute arbitrary programs via
a .. ...)
+CVE-2002-0531 (Directory traversal vulnerability in emumail.cgi in EMU Webmail
4.5.x ...)
+CVE-2002-0516 (SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail
users ...)
+CVE-2002-0513 (The PHP administration script in popper_mod 1.2.1 and earlier
relies ...)
+CVE-2002-0512 (startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the
...)
+CVE-2002-0511 (The default configuration of Name Service Cache Daemon (nscd) in
...)
+CVE-2002-0506 (Buffer overflow in newt.c of newt windowing library (libnewt)
0.50.33 ...)
+CVE-2002-0505 (Memory leak in the Call Telephony Integration (CTI) Framework
...)
+CVE-2002-0501 (Format string vulnerability in log_print() function of Posadis
DNS ...)
+CVE-2002-0497 (Buffer overflow in mtr 0.46 and earlier, when installed setuid
root, ...)
+CVE-2002-0495 (csSearch.cgi in csSearch 2.3 and earlier allows remote attackers
to ...)
+CVE-2002-0494 (Cross-site scripting vulnerability in WebSight Directory System
0.1 ...)
+CVE-2002-0493 (Apache Tomcat may be started without proper security settings if
...)
+CVE-2002-0490 (Instant Web Mail before 0.60 does not properly filter CR/LF
sequences, ...)
+CVE-2002-0488 (Linux Directory Penguin traceroute.pl CGI script 1.0 allows
remote ...)
+CVE-2002-0484 (move_uploaded_file in PHP does not does not check for the base
...)
+CVE-2002-0473 (db.php in phBB 2.0 (aka phBB2) RC-3 and earlier allows remote
...)
+CVE-2002-0464 (Directory traversal vulnerability in Hosting Controller 1.4.1
and ...)
+CVE-2002-0463 (home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows
remote ...)
+CVE-2002-0462 (bigsam_guestbook.php for Big Sam (Built-In Guestbook Stand-Alone
...)
+CVE-2002-0454 (Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows
remote ...)
+CVE-2002-0451 (filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote
...)
+CVE-2002-0445 (article.php in PHP FirstPost 0.1 allows allows remote attackers
to ...)
+CVE-2002-0444 (Microsoft Windows 2000 running the Terminal Server 90-day trial
...)
+CVE-2002-0443 (Microsoft Windows 2000 allows local users to bypass the policy
that ...)
+CVE-2002-0442 (Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and
5.0.6 ...)
+CVE-2002-0441 (Directory traversal vulnerability in imlist.php for Php Imglist
allows ...)
+CVE-2002-0437 (Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote
...)
+CVE-2002-0435 (Race condition in the recursive (1) directory deletion and (2)
...)
+CVE-2002-0431 (XTux allows remote attackers to cause a denial of service (CPU
...)
+CVE-2002-0429 (The iBCS routines in arch/i386/kernel/traps.c for Linux kernels
2.4.18 ...)
{DSA-442 DSA-336 DSA-332 DSA-312 DSA-311}
-CVE-2002-0425
-CVE-2002-0424
-CVE-2002-0423
-CVE-2002-0414
-CVE-2002-0412
-CVE-2002-0406
-CVE-2002-0404
-CVE-2002-0403
-CVE-2002-0402
-CVE-2002-0401
-CVE-2002-0400
-CVE-2002-0398
-CVE-2002-0397
-CVE-2002-0396
-CVE-2002-0395
-CVE-2002-0394
-CVE-2002-0392
+CVE-2002-0425 (mIRC DCC server protocol allows remote attackers to gain
sensitive ...)
+CVE-2002-0424 (efingerd 1.61 and earlier, when configured without the -u
option, ...)
+CVE-2002-0423 (Buffer overflow in efingerd 1.5 and earlier, and possibly up to
1.61, ...)
+CVE-2002-0414 (KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD
4.5, ...)
+CVE-2002-0412 (Format string vulnerability in TraceEvent function for ntop
before 2.1 ...)
+CVE-2002-0406 (Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to
cause ...)
+CVE-2002-0404 (Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows
remote ...)
+CVE-2002-0403 (DNS dissector in Ethereal before 0.9.3 allows remote attackers
to ...)
+CVE-2002-0402 (Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier
allows ...)
+CVE-2002-0401 (SMB dissector in Ethereal 0.9.3 and earlier allows remote
attackers to ...)
+CVE-2002-0400 (ISC BIND 9 before 9.2.1 allows remote attackers to cause a
denial of ...)
+CVE-2002-0398 (Red-M 1050 (Bluetooth Access Point) PPP server allows bonded
users to ...)
+CVE-2002-0397 (Red-M 1050 (Bluetooth Access Point) publicizes its name, IP
address, ...)
+CVE-2002-0396 (The web management server for Red-M 1050 (Bluetooth Access
Point) does ...)
+CVE-2002-0395 (The TFTP server for Red-M 1050 (Bluetooth Access Point) can not
be ...)
+CVE-2002-0394 (Red-M 1050 (Bluetooth Access Point) uses case insensitive
passwords, ...)
+CVE-2002-0392 (Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows
remote ...)
- apache2 2.0.37
-CVE-2002-0391
+CVE-2002-0391 (Integer overflow in xdr_array function in RPC servers for
operating ...)
{DSA-333 DSA-149 DSA-146 DSA-143 DSA-142}
-CVE-2002-0389
-CVE-2002-0387
-CVE-2002-0384
-CVE-2002-0382
-CVE-2002-0381
-CVE-2002-0380
+CVE-2002-0389 (Pipermail in Mailman stores private mail messages with
predictable ...)
+CVE-2002-0387 (Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector
Module ...)
+CVE-2002-0384 (Buffer overflow in Jabber plug-in for Gaim client before 0.58
allows ...)
+CVE-2002-0382 (XChat IRC client allows remote attackers to execute arbitrary
commands ...)
+CVE-2002-0381 (The TCP implementation in various BSD operating systems
(tcp_input.c) ...)
+CVE-2002-0380 (Buffer overflow in tcpdump 3.6.2 and earlier allows remote
attackers ...)
{DSA-255}
-CVE-2002-0379
-CVE-2002-0377
-CVE-2002-0376
-CVE-2002-0374
-CVE-2002-0373
-CVE-2002-0372
-CVE-2002-0369
-CVE-2002-0368
-CVE-2002-0367
-CVE-2002-0366
-CVE-2002-0364
-CVE-2002-0363
-CVE-2002-0362
-CVE-2002-0359
-CVE-2002-0358
-CVE-2002-0357
-CVE-2002-0356
-CVE-2002-0355
-CVE-2002-0339
-CVE-2002-0330
-CVE-2002-0329
-CVE-2002-0318
-CVE-2002-0313
-CVE-2002-0309
-CVE-2002-0302
-CVE-2002-0300
-CVE-2002-0299
-CVE-2002-0292
-CVE-2002-0290
-CVE-2002-0287
-CVE-2002-0276
-CVE-2002-0275
-CVE-2002-0274
-CVE-2002-0267
-CVE-2002-0265
-CVE-2002-0251
-CVE-2002-0250
-CVE-2002-0246
-CVE-2002-0241
-CVE-2002-0237
-CVE-2002-0226
-CVE-2002-0213
-CVE-2002-0211
-CVE-2002-0209
-CVE-2002-0207
-CVE-2002-0197
-CVE-2002-0196
-CVE-2002-0193
-CVE-2002-0191
-CVE-2002-0190
-CVE-2002-0188
-CVE-2002-0187
-CVE-2002-0186
-CVE-2002-0185
-CVE-2002-0184
-CVE-2002-0181
-CVE-2002-0179
-CVE-2002-0178
-CVE-2002-0176
-CVE-2002-0175
-CVE-2002-0174
-CVE-2002-0173
-CVE-2002-0172
-CVE-2002-0171
-CVE-2002-0170
-CVE-2002-0169
-CVE-2002-0168
-CVE-2002-0167
-CVE-2002-0166
-CVE-2002-0163
-CVE-2002-0160
-CVE-2002-0159
-CVE-2002-0158
-CVE-2002-0157
-CVE-2002-0155
-CVE-2002-0153
-CVE-2002-0152
-CVE-2002-0151
-CVE-2002-0150
-CVE-2002-0149
-CVE-2002-0148
-CVE-2002-0147
-CVE-2002-0146
-CVE-2002-0143
-CVE-2002-0139
-CVE-2002-0128
-CVE-2002-0123
-CVE-2002-0121
-CVE-2002-0120
-CVE-2002-0117
-CVE-2002-0115
-CVE-2002-0111
-CVE-2002-0107
-CVE-2002-0098
-CVE-2002-0097
-CVE-2002-0096
-CVE-2002-0095
-CVE-2002-0094
-CVE-2002-0092
-CVE-2002-0090
-CVE-2002-0083
-CVE-2002-0082
-CVE-2002-0081
-CVE-2002-0080
-CVE-2002-0079
-CVE-2002-0078
-CVE-2002-0076
-CVE-2002-0075
-CVE-2002-0074
-CVE-2002-0073
-CVE-2002-0072
-CVE-2002-0071
-CVE-2002-0070
-CVE-2002-0069
-CVE-2002-0068
-CVE-2002-0067
-CVE-2002-0066
-CVE-2002-0065
-CVE-2002-0064
-CVE-2002-0063
-CVE-2002-0062
-CVE-2002-0061
-CVE-2002-0060
-CVE-2002-0059
-CVE-2002-0057
-CVE-2002-0055
-CVE-2002-0054
-CVE-2002-0052
-CVE-2002-0051
-CVE-2002-0050
-CVE-2002-0049
-CVE-2002-0047
-CVE-2002-0046
-CVE-2002-0045
-CVE-2002-0044
-CVE-2002-0043
-CVE-2002-0042
-CVE-2002-0040
-CVE-2002-0038
-CVE-2002-0036
-CVE-2002-0033
-CVE-2002-0032
-CVE-2002-0028
-CVE-2002-0027
-CVE-2002-0026
-CVE-2002-0025
-CVE-2002-0024
-CVE-2002-0023
-CVE-2002-0022
-CVE-2002-0021
-CVE-2002-0020
-CVE-2002-0018
-CVE-2002-0017
-CVE-2002-0014
-CVE-2002-0011
-CVE-2002-0009
-CVE-2002-0007
-CVE-2002-0006
-CVE-2002-0005
-CVE-2002-0004
-CVE-2002-0003
-CVE-2002-0002
-CVE-2001-1407
-CVE-2001-1406
-CVE-2001-1391
-CVE-2001-1386
-CVE-2001-1385
-CVE-2001-1383
-CVE-2001-1382
-CVE-2001-1380
-CVE-2001-1378
-CVE-2001-1375
-CVE-2001-1374
-CVE-2001-1373
-CVE-2001-1372
-CVE-2001-1371
-CVE-2001-1370
-CVE-2001-1369
-CVE-2001-1367
-CVE-2001-1359
-CVE-2001-1352
-CVE-2001-1351
-CVE-2001-1350
-CVE-2001-1349
-CVE-2001-1347
-CVE-2001-1345
-CVE-2001-1342
-CVE-2001-1334
-CVE-2001-1328
-CVE-2001-1327
-CVE-2001-1322
-CVE-2001-1303
-CVE-2001-1302
-CVE-2001-1301
-CVE-2001-1299
-CVE-2001-1297
-CVE-2001-1296
-CVE-2001-1295
-CVE-2001-1291
-CVE-2001-1279
-CVE-2001-1277
-CVE-2001-1276
-CVE-2001-1267
-CVE-2001-1266
-CVE-2001-1252
-CVE-2001-1251
-CVE-2001-1247
-CVE-2001-1246
-CVE-2001-1240
-CVE-2001-1237
-CVE-2001-1236
-CVE-2001-1235
-CVE-2001-1234
-CVE-2001-1231
-CVE-2001-1227
-CVE-2001-1215
-CVE-2001-1203
-CVE-2001-1201
-CVE-2001-1200
-CVE-2001-1199
-CVE-2001-1193
-CVE-2001-1186
-CVE-2001-1185
-CVE-2001-1183
-CVE-2001-1180
-CVE-2001-1177
-CVE-2001-1176
-CVE-2001-1175
-CVE-2001-1174
-CVE-2001-1172
-CVE-2001-1166
-CVE-2001-1162
-CVE-2001-1161
-CVE-2001-1160
-CVE-2001-1158
-CVE-2001-1155
-CVE-2001-1153
-CVE-2001-1149
-CVE-2001-1147
-CVE-2001-1146
-CVE-2001-1145
-CVE-2001-1144
-CVE-2001-1141
-CVE-2001-1132
-CVE-2001-1130
-CVE-2001-1121
-CVE-2001-1119
-CVE-2001-1118
-CVE-2001-1117
-CVE-2001-1116
-CVE-2001-1113
-CVE-2001-1108
-CVE-2001-1106
-CVE-2001-1103
-CVE-2001-1100
-CVE-2001-1099
-CVE-2001-1098
-CVE-2001-1096
-CVE-2001-1095
-CVE-2001-1089
-CVE-2001-1088
-CVE-2001-1085
-CVE-2001-1084
-CVE-2001-1083
-CVE-2001-1081
-CVE-2001-1080
-CVE-2001-1079
-CVE-2001-1075
-CVE-2001-1074
-CVE-2001-1072
-CVE-2001-1071
-CVE-2001-1069
-CVE-2001-1067
-CVE-2001-1066
-CVE-2001-1063
-CVE-2001-1062
-CVE-2001-1059
-CVE-2001-1056
-CVE-2001-1055
-CVE-2001-1054
-CVE-2001-1053
-CVE-2001-1049
-CVE-2001-1048
-CVE-2001-1046
-CVE-2001-1043
-CVE-2001-1038
-CVE-2001-1037
-CVE-2001-1036
-CVE-2001-1035
-CVE-2001-1032
-CVE-2001-1030
-CVE-2001-1029
-CVE-2001-1028
-CVE-2001-1027
-CVE-2001-1022
-CVE-2001-1020
-CVE-2001-1017
-CVE-2001-1016
-CVE-2001-1011
-CVE-2001-1010
-CVE-2001-1008
-CVE-2001-1002
-CVE-2001-0998
-CVE-2001-0995
-CVE-2001-0993
-CVE-2001-0987
-CVE-2001-0982
-CVE-2001-0981
-CVE-2001-0980
-CVE-2001-0978
-CVE-2001-0977
-CVE-2001-0973
-CVE-2001-0969
-CVE-2001-0965
-CVE-2001-0963
-CVE-2001-0962
-CVE-2001-0961
-CVE-2001-0960
-CVE-2001-0959
-CVE-2001-0954
-CVE-2001-0951
-CVE-2001-0946
-CVE-2001-0940
-CVE-2001-0939
-CVE-2001-0936
-CVE-2001-0929
-CVE-2001-0921
-CVE-2001-0920
-CVE-2001-0918
-CVE-2001-0917
-CVE-2001-0914
-CVE-2001-0912
-CVE-2001-0909
-CVE-2001-0907
-CVE-2001-0906
-CVE-2001-0905
-CVE-2001-0902
-CVE-2001-0901
-CVE-2001-0900
-CVE-2001-0899
-CVE-2001-0896
-CVE-2001-0895
-CVE-2001-0894
-CVE-2001-0891
-CVE-2001-0889
-CVE-2001-0888
-CVE-2001-0887
-CVE-2001-0886
-CVE-2001-0884
-CVE-2001-0879
-CVE-2001-0877
-CVE-2001-0876
-CVE-2001-0875
-CVE-2001-0874
-CVE-2001-0873
-CVE-2001-0872
-CVE-2001-0869
-CVE-2001-0867
-CVE-2001-0866
-CVE-2001-0865
-CVE-2001-0864
-CVE-2001-0863
-CVE-2001-0862
-CVE-2001-0861
-CVE-2001-0860
-CVE-2001-0859
-CVE-2001-0857
-CVE-2001-0852
-CVE-2001-0851
-CVE-2001-0850
-CVE-2001-0846
-CVE-2001-0843
-CVE-2001-0837
-CVE-2001-0836
-CVE-2001-0834
-CVE-2001-0833
-CVE-2001-0830
-CVE-2001-0828
-CVE-2001-0825
-CVE-2001-0823
-CVE-2001-0822
-CVE-2001-0819
-CVE-2001-0816
-CVE-2001-0815
-CVE-2001-0806
-CVE-2001-0805
-CVE-2001-0804
-CVE-2001-0803
-CVE-2001-0801
-CVE-2001-0797
-CVE-2001-0796
-CVE-2001-0792
-CVE-2001-0787
-CVE-2001-0784
-CVE-2001-0779
-CVE-2001-0774
-CVE-2001-0773
-CVE-2001-0770
-CVE-2001-0769
-CVE-2001-0765
-CVE-2001-0764
-CVE-2001-0763
-CVE-2001-0760
-CVE-2001-0757
-CVE-2001-0754
-CVE-2001-0752
-CVE-2001-0751
-CVE-2001-0750
-CVE-2001-0749
-CVE-2001-0748
-CVE-2001-0745
-CVE-2001-0741
-CVE-2001-0740
-CVE-2001-0739
-CVE-2001-0738
-CVE-2001-0733
-CVE-2001-0731
-CVE-2001-0730
-CVE-2001-0728
-CVE-2001-0727
-CVE-2001-0726
-CVE-2001-0724
-CVE-2001-0723
-CVE-2001-0722
-CVE-2001-0720
-CVE-2001-0719
-CVE-2001-0718
-CVE-2001-0717
-CVE-2001-0716
-CVE-2001-0710
-CVE-2001-0706
-CVE-2001-0701
-CVE-2001-0700
-CVE-2001-0699
-CVE-2001-0698
-CVE-2001-0697
-CVE-2001-0696
-CVE-2001-0692
-CVE-2001-0690
-CVE-2001-0686
-CVE-2001-0685
-CVE-2001-0682
-CVE-2001-0680
-CVE-2001-0677
-CVE-2001-0676
-CVE-2001-0675
-CVE-2001-0670
-CVE-2001-0668
-CVE-2001-0667
-CVE-2001-0666
-CVE-2001-0665
-CVE-2001-0664
-CVE-2001-0663
-CVE-2001-0662
-CVE-2001-0660
-CVE-2001-0659
-CVE-2001-0658
-CVE-2001-0653
-CVE-2001-0652
-CVE-2001-0650
-CVE-2001-0648
-CVE-2001-0646
-CVE-2001-0644
-CVE-2001-0643
-CVE-2001-0641
-CVE-2001-0635
-CVE-2001-0634
-CVE-2001-0631
-CVE-2001-0630
-CVE-2001-0629
-CVE-2001-0628
-CVE-2001-0627
-CVE-2001-0626
-CVE-2001-0625
-CVE-2001-0622
-CVE-2001-0621
-CVE-2001-0616
-CVE-2001-0615
-CVE-2001-0613
-CVE-2001-0612
-CVE-2001-0611
-CVE-2001-0596
-CVE-2001-0595
-CVE-2001-0594
-CVE-2001-0593
-CVE-2001-0591
-CVE-2001-0590
-CVE-2001-0589
-CVE-2001-0586
-CVE-2001-0585
-CVE-2001-0574
-CVE-2001-0573
-CVE-2001-0567
-CVE-2001-0565
-CVE-2001-0564
-CVE-2001-0563
-CVE-2001-0560
-CVE-2001-0559
-CVE-2001-0558
-CVE-2001-0554
-CVE-2001-0553
-CVE-2001-0550
-CVE-2001-0549
-CVE-2001-0548
-CVE-2001-0547
-CVE-2001-0546
-CVE-2001-0545
-CVE-2001-0544
-CVE-2001-0543
-CVE-2001-0541
-CVE-2001-0540
-CVE-2001-0538
-CVE-2001-0537
-CVE-2001-0533
-CVE-2001-0530
-CVE-2001-0529
-CVE-2001-0528
-CVE-2001-0527
-CVE-2001-0526
-CVE-2001-0525
-CVE-2001-0522
-CVE-2001-0518
-CVE-2001-0517
-CVE-2001-0514
-CVE-2001-0513
-CVE-2001-0508
-CVE-2001-0507
-CVE-2001-0506
-CVE-2001-0504
-CVE-2001-0503
-CVE-2001-0502
-CVE-2001-0501
-CVE-2001-0500
-CVE-2001-0497
-CVE-2001-0495
-CVE-2001-0494
-CVE-2001-0493
-CVE-2001-0489
-CVE-2001-0488
-CVE-2001-0487
-CVE-2001-0486
-CVE-2001-0485
-CVE-2001-0482
-CVE-2001-0481
-CVE-2001-0475
-CVE-2001-0474
-CVE-2001-0473
-CVE-2001-0469
-CVE-2001-0467
-CVE-2001-0465
-CVE-2001-0463
-CVE-2001-0462
-CVE-2001-0461
-CVE-2001-0457
-CVE-2001-0456
-CVE-2001-0455
-CVE-2001-0449
-CVE-2001-0444
-CVE-2001-0442
-CVE-2001-0440
-CVE-2001-0439
-CVE-2001-0434
-CVE-2001-0430
-CVE-2001-0429
-CVE-2001-0428
-CVE-2001-0427
-CVE-2001-0423
-CVE-2001-0422
-CVE-2001-0416
-CVE-2001-0414
-CVE-2001-0413
-CVE-2001-0412
-CVE-2001-0409
-CVE-2001-0408
-CVE-2001-0407
-CVE-2001-0405
-CVE-2001-0402
-CVE-2001-0394
-CVE-2001-0388
-CVE-2001-0387
-CVE-2001-0386
-CVE-2001-0383
-CVE-2001-0379
-CVE-2001-0378
-CVE-2001-0377
-CVE-2001-0375
-CVE-2001-0373
-CVE-2001-0371
-CVE-2001-0368
-CVE-2001-0366
-CVE-2001-0365
-CVE-2001-0364
-CVE-2001-0361
-CVE-2001-0353
-CVE-2001-0351
-CVE-2001-0348
-CVE-2001-0347
-CVE-2001-0346
-CVE-2001-0345
-CVE-2001-0344
-CVE-2001-0341
-CVE-2001-0340
-CVE-2001-0339
-CVE-2001-0338
-CVE-2001-0336
-CVE-2001-0335
-CVE-2001-0334
-CVE-2001-0333
-CVE-2001-0331
-CVE-2001-0330
-CVE-2001-0327
-CVE-2001-0326
-CVE-2001-0321
-CVE-2001-0319
-CVE-2001-0318
-CVE-2001-0317
-CVE-2001-0316
-CVE-2001-0311
-CVE-2001-0310
-CVE-2001-0309
-CVE-2001-0301
-CVE-2001-0299
-CVE-2001-0295
-CVE-2001-0290
-CVE-2001-0289
-CVE-2001-0288
-CVE-2001-0287
-CVE-2001-0284
-CVE-2001-0280
-CVE-2001-0279
-CVE-2001-0278
-CVE-2001-0276
-CVE-2001-0274
-CVE-2001-0269
-CVE-2001-0268
-CVE-2001-0267
-CVE-2001-0266
-CVE-2001-0265
-CVE-2001-0260
-CVE-2001-0259
-CVE-2001-0252
-CVE-2001-0245
-CVE-2001-0244
-CVE-2001-0243
-CVE-2001-0241
-CVE-2001-0240
-CVE-2001-0239
-CVE-2001-0238
-CVE-2001-0237
-CVE-2001-0236
-CVE-2001-0235
-CVE-2001-0234
-CVE-2001-0233
-CVE-2001-0230
-CVE-2001-0222
-CVE-2001-0221
-CVE-2001-0219
-CVE-2001-0218
-CVE-2001-0215
-CVE-2001-0207
-CVE-2001-0204
-CVE-2001-0203
-CVE-2001-0197
-CVE-2001-0196
-CVE-2001-0195
-CVE-2001-0194
-CVE-2001-0193
-CVE-2001-0191
-CVE-2001-0190
-CVE-2001-0189
-CVE-2001-0187
-CVE-2001-0185
-CVE-2001-0183
-CVE-2001-0182
-CVE-2001-0179
-CVE-2001-0178
-CVE-2001-0176
-CVE-2001-0175
-CVE-2001-0174
-CVE-2001-0170
-CVE-2001-0169
-CVE-2001-0166
-CVE-2001-0165
-CVE-2001-0164
-CVE-2001-0157
-CVE-2001-0156
-CVE-2001-0155
-CVE-2001-0154
-CVE-2001-0153
-CVE-2001-0152
-CVE-2001-0151
-CVE-2001-0150
-CVE-2001-0149
-CVE-2001-0148
-CVE-2001-0147
-CVE-2001-0144
-CVE-2001-0143
-CVE-2001-0142
-CVE-2001-0141
-CVE-2001-0140
-CVE-2001-0139
-CVE-2001-0138
-CVE-2001-0137
-CVE-2001-0136
-CVE-2001-0130
-CVE-2001-0129
-CVE-2001-0128
-CVE-2001-0126
-CVE-2001-0125
-CVE-2001-0124
-CVE-2001-0123
-CVE-2001-0122
-CVE-2001-0121
-CVE-2001-0120
-CVE-2001-0119
-CVE-2001-0118
-CVE-2001-0117
-CVE-2001-0116
-CVE-2001-0115
-CVE-2001-0111
-CVE-2001-0110
-CVE-2001-0109
-CVE-2001-0108
-CVE-2001-0106
-CVE-2001-0105
-CVE-2001-0100
-CVE-2001-0099
-CVE-2001-0096
-CVE-2001-0095
-CVE-2001-0094
-CVE-2001-0092
-CVE-2001-0091
-CVE-2001-0090
-CVE-2001-0089
-CVE-2001-0085
-CVE-2001-0083
-CVE-2001-0081
-CVE-2001-0080
-CVE-2001-0078
-CVE-2001-0077
-CVE-2001-0072
-CVE-2001-0071
-CVE-2001-0069
-CVE-2001-0066
-CVE-2001-0063
-CVE-2001-0062
-CVE-2001-0061
-CVE-2001-0060
-CVE-2001-0059
-CVE-2001-0058
-CVE-2001-0057
-CVE-2001-0056
-CVE-2001-0055
-CVE-2001-0054
-CVE-2001-0053
-CVE-2001-0050
-CVE-2001-0043
-CVE-2001-0042
-CVE-2001-0041
-CVE-2001-0040
-CVE-2001-0039
-CVE-2001-0036
-CVE-2001-0035
-CVE-2001-0034
-CVE-2001-0033
-CVE-2001-0028
-CVE-2001-0026
-CVE-2001-0021
-CVE-2001-0020
-CVE-2001-0018
-CVE-2001-0017
-CVE-2001-0016
-CVE-2001-0015
-CVE-2001-0014
-CVE-2001-0013
-CVE-2001-0012
-CVE-2001-0011
-CVE-2001-0010
-CVE-2001-0009
-CVE-2001-0008
-CVE-2001-0007
-CVE-2001-0006
-CVE-2001-0005
-CVE-2001-0004
-CVE-2001-0003
-CVE-2001-0002
-CVE-2001-0001
-CVE-2000-1212
-CVE-2000-1211
-CVE-2000-1210
-CVE-2000-1203
-CVE-2000-1200
-CVE-2000-1196
-CVE-2000-1195
-CVE-2000-1193
-CVE-2000-1190
-CVE-2000-1189
-CVE-2000-1187
-CVE-2000-1184
-CVE-2000-1182
-CVE-2000-1181
-CVE-2000-1180
-CVE-2000-1179
-CVE-2000-1178
-CVE-2000-1174
-CVE-2000-1171
-CVE-2000-1170
-CVE-2000-1169
-CVE-2000-1167
-CVE-2000-1166
-CVE-2000-1165
-CVE-2000-1164
-CVE-2000-1163
-CVE-2000-1162
-CVE-2000-1149
-CVE-2000-1148
-CVE-2000-1146
-CVE-2000-1145
-CVE-2000-1144
-CVE-2000-1143
-CVE-2000-1142
-CVE-2000-1141
-CVE-2000-1140
-CVE-2000-1139
-CVE-2000-1137
-CVE-2000-1136
-CVE-2000-1135
-CVE-2000-1132
-CVE-2000-1131
-CVE-2000-1124
-CVE-2000-1123
-CVE-2000-1122
-CVE-2000-1121
-CVE-2000-1120
-CVE-2000-1119
-CVE-2000-1115
-CVE-2000-1113
-CVE-2000-1112
-CVE-2000-1111
-CVE-2000-1109
-CVE-2000-1108
-CVE-2000-1107
-CVE-2000-1106
-CVE-2000-1101
-CVE-2000-1099
-CVE-2000-1097
-CVE-2000-1096
-CVE-2000-1095
-CVE-2000-1094
-CVE-2000-1089
-CVE-2000-1080
-CVE-2000-1077
-CVE-2000-1075
-CVE-2000-1074
-CVE-2000-1073
-CVE-2000-1072
-CVE-2000-1071
-CVE-2000-1070
-CVE-2000-1069
-CVE-2000-1068
-CVE-2000-1061
-CVE-2000-1060
-CVE-2000-1059
-CVE-2000-1058
-CVE-2000-1057
-CVE-2000-1056
-CVE-2000-1055
-CVE-2000-1054
-CVE-2000-1051
-CVE-2000-1050
-CVE-2000-1049
-CVE-2000-1047
-CVE-2000-1045
-CVE-2000-1044
-CVE-2000-1043
-CVE-2000-1042
-CVE-2000-1041
-CVE-2000-1040
-CVE-2000-1038
-CVE-2000-1036
-CVE-2000-1034
-CVE-2000-1032
-CVE-2000-1031
-CVE-2000-1027
-CVE-2000-1026
-CVE-2000-1024
-CVE-2000-1022
-CVE-2000-1019
-CVE-2000-1018
-CVE-2000-1016
-CVE-2000-1014
-CVE-2000-1011
-CVE-2000-1010
-CVE-2000-1007
-CVE-2000-1006
-CVE-2000-1005
-CVE-2000-1004
-CVE-2000-1003
-CVE-2000-1002
-CVE-2000-1001
-CVE-2000-1000
-CVE-2000-0996
-CVE-2000-0995
-CVE-2000-0994
-CVE-2000-0993
-CVE-2000-0992
-CVE-2000-0991
-CVE-2000-0990
-CVE-2000-0989
-CVE-2000-0984
-CVE-2000-0983
-CVE-2000-0982
-CVE-2000-0981
-CVE-2000-0980
-CVE-2000-0979
-CVE-2000-0978
-CVE-2000-0977
-CVE-2000-0976
-CVE-2000-0975
-CVE-2000-0974
-CVE-2000-0973
-CVE-2000-0972
-CVE-2000-0970
-CVE-2000-0969
-CVE-2000-0968
-CVE-2000-0967
-CVE-2000-0966
-CVE-2000-0965
-CVE-2000-0964
-CVE-2000-0962
-CVE-2000-0961
-CVE-2000-0960
-CVE-2000-0959
-CVE-2000-0958
-CVE-2000-0957
-CVE-2000-0956
-CVE-2000-0953
-CVE-2000-0952
-CVE-2000-0951
-CVE-2000-0949
-CVE-2000-0948
-CVE-2000-0947
-CVE-2000-0946
-CVE-2000-0945
-CVE-2000-0944
-CVE-2000-0943
-CVE-2000-0942
-CVE-2000-0941
-CVE-2000-0938
-CVE-2000-0937
-CVE-2000-0936
-CVE-2000-0935
-CVE-2000-0934
-CVE-2000-0933
-CVE-2000-0932
-CVE-2000-0930
-CVE-2000-0929
-CVE-2000-0928
-CVE-2000-0927
-CVE-2000-0926
-CVE-2000-0925
-CVE-2000-0924
-CVE-2000-0923
-CVE-2000-0922
-CVE-2000-0921
-CVE-2000-0920
-CVE-2000-0919
-CVE-2000-0917
-CVE-2000-0915
-CVE-2000-0914
-CVE-2000-0913
-CVE-2000-0912
-CVE-2000-0911
-CVE-2000-0910
-CVE-2000-0909
-CVE-2000-0908
-CVE-2000-0901
-CVE-2000-0900
-CVE-2000-0897
-CVE-2000-0896
-CVE-2000-0895
-CVE-2000-0894
-CVE-2000-0892
-CVE-2000-0891
-CVE-2000-0890
-CVE-2000-0888
-CVE-2000-0887
-CVE-2000-0886
-CVE-2000-0884
-CVE-2000-0883
-CVE-2000-0878
-CVE-2000-0877
-CVE-2000-0876
-CVE-2000-0875
-CVE-2000-0874
-CVE-2000-0873
-CVE-2000-0871
-CVE-2000-0870
-CVE-2000-0869
-CVE-2000-0868
-CVE-2000-0867
-CVE-2000-0865
-CVE-2000-0864
-CVE-2000-0863
-CVE-2000-0862
-CVE-2000-0861
-CVE-2000-0860
-CVE-2000-0859
-CVE-2000-0858
-CVE-2000-0856
-CVE-2000-0854
-CVE-2000-0853
-CVE-2000-0852
-CVE-2000-0851
-CVE-2000-0850
-CVE-2000-0849
-CVE-2000-0848
-CVE-2000-0847
-CVE-2000-0846
-CVE-2000-0844
-CVE-2000-0839
-CVE-2000-0838
-CVE-2000-0837
-CVE-2000-0834
-CVE-2000-0830
-CVE-2000-0829
-CVE-2000-0825
-CVE-2000-0824
-CVE-2000-0818
-CVE-2000-0816
-CVE-2000-0813
-CVE-2000-0811
-CVE-2000-0810
-CVE-2000-0809
-CVE-2000-0808
-CVE-2000-0807
-CVE-2000-0806
-CVE-2000-0805
-CVE-2000-0804
-CVE-2000-0803
-CVE-2000-0799
-CVE-2000-0797
-CVE-2000-0796
-CVE-2000-0795
-CVE-2000-0792
-CVE-2000-0790
-CVE-2000-0788
-CVE-2000-0787
-CVE-2000-0786
-CVE-2000-0783
-CVE-2000-0782
-CVE-2000-0781
-CVE-2000-0780
-CVE-2000-0779
-CVE-2000-0778
-CVE-2000-0777
-CVE-2000-0776
-CVE-2000-0773
-CVE-2000-0771
-CVE-2000-0770
-CVE-2000-0768
-CVE-2000-0767
-CVE-2000-0766
-CVE-2000-0765
-CVE-2000-0764
-CVE-2000-0763
-CVE-2000-0762
-CVE-2000-0761
-CVE-2000-0758
-CVE-2000-0754
-CVE-2000-0753
-CVE-2000-0751
-CVE-2000-0750
-CVE-2000-0749
-CVE-2000-0747
-CVE-2000-0745
-CVE-2000-0744
-CVE-2000-0743
-CVE-2000-0742
-CVE-2000-0741
-CVE-2000-0740
-CVE-2000-0739
-CVE-2000-0738
-CVE-2000-0737
-CVE-2000-0733
-CVE-2000-0732
-CVE-2000-0731
-CVE-2000-0730
-CVE-2000-0729
-CVE-2000-0728
-CVE-2000-0727
-CVE-2000-0726
-CVE-2000-0725
-CVE-2000-0720
-CVE-2000-0718
-CVE-2000-0717
-CVE-2000-0716
-CVE-2000-0712
-CVE-2000-0711
-CVE-2000-0708
-CVE-2000-0707
-CVE-2000-0706
-CVE-2000-0705
-CVE-2000-0703
-CVE-2000-0702
-CVE-2000-0700
-CVE-2000-0699
-CVE-2000-0698
-CVE-2000-0694
-CVE-2000-0693
-CVE-2000-0685
-CVE-2000-0684
-CVE-2000-0683
-CVE-2000-0682
-CVE-2000-0681
-CVE-2000-0679
-CVE-2000-0678
-CVE-2000-0677
-CVE-2000-0676
-CVE-2000-0675
-CVE-2000-0674
-CVE-2000-0673
-CVE-2000-0672
-CVE-2000-0671
-CVE-2000-0670
-CVE-2000-0669
-CVE-2000-0668
-CVE-2000-0666
-CVE-2000-0665
-CVE-2000-0664
-CVE-2000-0663
-CVE-2000-0662
-CVE-2000-0661
-CVE-2000-0660
-CVE-2000-0655
-CVE-2000-0654
-CVE-2000-0652
-CVE-2000-0651
-CVE-2000-0650
-CVE-2000-0644
-CVE-2000-0643
-CVE-2000-0642
-CVE-2000-0641
-CVE-2000-0640
-CVE-2000-0639
-CVE-2000-0638
-CVE-2000-0637
-CVE-2000-0636
-CVE-2000-0635
-CVE-2000-0634
-CVE-2000-0633
-CVE-2000-0632
-CVE-2000-0631
-CVE-2000-0630
-CVE-2000-0628
-CVE-2000-0627
-CVE-2000-0624
-CVE-2000-0622
-CVE-2000-0621
-CVE-2000-0620
-CVE-2000-0619
-CVE-2000-0616
-CVE-2000-0615
-CVE-2000-0613
-CVE-2000-0611
-CVE-2000-0610
-CVE-2000-0604
-CVE-2000-0603
-CVE-2000-0602
-CVE-2000-0601
-CVE-2000-0600
-CVE-2000-0599
-CVE-2000-0598
-CVE-2000-0597
-CVE-2000-0596
-CVE-2000-0595
-CVE-2000-0594
-CVE-2000-0593
-CVE-2000-0591
-CVE-2000-0590
-CVE-2000-0588
-CVE-2000-0587
-CVE-2000-0586
-CVE-2000-0585
-CVE-2000-0584
-CVE-2000-0583
-CVE-2000-0582
-CVE-2000-0581
-CVE-2000-0579
-CVE-2000-0577
-CVE-2000-0576
-CVE-2000-0575
-CVE-2000-0573
-CVE-2000-0571
-CVE-2000-0570
-CVE-2000-0569
-CVE-2000-0568
-CVE-2000-0567
-CVE-2000-0566
-CVE-2000-0565
-CVE-2000-0561
-CVE-2000-0558
-CVE-2000-0557
-CVE-2000-0556
-CVE-2000-0555
-CVE-2000-0553
-CVE-2000-0552
-CVE-2000-0551
-CVE-2000-0550
-CVE-2000-0549
-CVE-2000-0548
-CVE-2000-0542
-CVE-2000-0541
-CVE-2000-0540
-CVE-2000-0539
-CVE-2000-0538
-CVE-2000-0537
-CVE-2000-0536
-CVE-2000-0534
-CVE-2000-0533
-CVE-2000-0532
-CVE-2000-0530
-CVE-2000-0529
-CVE-2000-0528
-CVE-2000-0525
-CVE-2000-0523
-CVE-2000-0522
-CVE-2000-0521
-CVE-2000-0519
-CVE-2000-0518
-CVE-2000-0517
-CVE-2000-0516
-CVE-2000-0515
-CVE-2000-0514
-CVE-2000-0513
-CVE-2000-0512
-CVE-2000-0511
-CVE-2000-0510
-CVE-2000-0508
-CVE-2000-0507
-CVE-2000-0506
-CVE-2000-0505
-CVE-2000-0504
-CVE-2000-0502
-CVE-2000-0501
-CVE-2000-0500
-CVE-2000-0499
-CVE-2000-0498
-CVE-2000-0497
-CVE-2000-0495
-CVE-2000-0494
-CVE-2000-0493
-CVE-2000-0490
-CVE-2000-0489
-CVE-2000-0488
-CVE-2000-0486
-CVE-2000-0485
-CVE-2000-0484
-CVE-2000-0483
-CVE-2000-0482
-CVE-2000-0481
-CVE-2000-0478
-CVE-2000-0477
-CVE-2000-0475
-CVE-2000-0474
-CVE-2000-0472
-CVE-2000-0471
-CVE-2000-0470
-CVE-2000-0469
-CVE-2000-0468
-CVE-2000-0467
-CVE-2000-0466
-CVE-2000-0465
-CVE-2000-0464
-CVE-2000-0463
-CVE-2000-0462
-CVE-2000-0461
-CVE-2000-0460
-CVE-2000-0459
-CVE-2000-0458
-CVE-2000-0457
-CVE-2000-0456
-CVE-2000-0455
-CVE-2000-0454
-CVE-2000-0453
-CVE-2000-0452
-CVE-2000-0451
-CVE-2000-0448
-CVE-2000-0447
-CVE-2000-0446
-CVE-2000-0445
-CVE-2000-0443
-CVE-2000-0442
-CVE-2000-0441
-CVE-2000-0440
-CVE-2000-0439
-CVE-2000-0438
-CVE-2000-0437
-CVE-2000-0436
-CVE-2000-0435
-CVE-2000-0432
-CVE-2000-0431
-CVE-2000-0430
-CVE-2000-0428
-CVE-2000-0427
-CVE-2000-0426
-CVE-2000-0425
-CVE-2000-0424
-CVE-2000-0421
-CVE-2000-0419
-CVE-2000-0418
-CVE-2000-0417
-CVE-2000-0416
-CVE-2000-0414
-CVE-2000-0411
-CVE-2000-0410
-CVE-2000-0409
-CVE-2000-0408
-CVE-2000-0407
-CVE-2000-0406
-CVE-2000-0405
-CVE-2000-0404
-CVE-2000-0403
-CVE-2000-0402
-CVE-2000-0399
-CVE-2000-0398
-CVE-2000-0397
-CVE-2000-0396
-CVE-2000-0395
-CVE-2000-0394
-CVE-2000-0393
-CVE-2000-0392
-CVE-2000-0391
-CVE-2000-0390
-CVE-2000-0389
-CVE-2000-0388
-CVE-2000-0387
-CVE-2000-0382
-CVE-2000-0381
-CVE-2000-0380
-CVE-2000-0379
-CVE-2000-0378
-CVE-2000-0377
-CVE-2000-0376
-CVE-2000-0375
-CVE-2000-0374
-CVE-2000-0373
-CVE-2000-0372
-CVE-2000-0371
-CVE-2000-0370
-CVE-2000-0369
-CVE-2000-0368
-CVE-2000-0367
-CVE-2000-0366
-CVE-2000-0363
-CVE-2000-0362
-CVE-2000-0361
-CVE-2000-0360
-CVE-2000-0359
-CVE-2000-0356
-CVE-2000-0354
-CVE-2000-0353
-CVE-2000-0352
-CVE-2000-0351
-CVE-2000-0350
-CVE-2000-0349
-CVE-2000-0348
-CVE-2000-0347
-CVE-2000-0346
-CVE-2000-0344
-CVE-2000-0342
-CVE-2000-0341
-CVE-2000-0340
-CVE-2000-0339
-CVE-2000-0338
-CVE-2000-0337
-CVE-2000-0336
-CVE-2000-0335
-CVE-2000-0334
-CVE-2000-0332
-CVE-2000-0331
-CVE-2000-0330
-CVE-2000-0329
-CVE-2000-0328
-CVE-2000-0327
-CVE-2000-0324
-CVE-2000-0323
-CVE-2000-0322
-CVE-2000-0320
-CVE-2000-0319
-CVE-2000-0318
-CVE-2000-0316
-CVE-2000-0315
-CVE-2000-0314
-CVE-2000-0313
-CVE-2000-0311
-CVE-2000-0310
-CVE-2000-0309
-CVE-2000-0308
-CVE-2000-0307
-CVE-2000-0306
-CVE-2000-0305
-CVE-2000-0304
-CVE-2000-0303
-CVE-2000-0302
-CVE-2000-0301
-CVE-2000-0298
-CVE-2000-0297
-CVE-2000-0296
-CVE-2000-0294
-CVE-2000-0292
-CVE-2000-0290
-CVE-2000-0289
-CVE-2000-0287
-CVE-2000-0285
-CVE-2000-0283
-CVE-2000-0282
-CVE-2000-0279
-CVE-2000-0278
-CVE-2000-0277
-CVE-2000-0276
-CVE-2000-0274
-CVE-2000-0273
-CVE-2000-0272
-CVE-2000-0268
-CVE-2000-0267
-CVE-2000-0265
-CVE-2000-0264
-CVE-2000-0263
-CVE-2000-0262
-CVE-2000-0261
-CVE-2000-0260
-CVE-2000-0258
-CVE-2000-0257
-CVE-2000-0255
-CVE-2000-0254
-CVE-2000-0253
-CVE-2000-0252
-CVE-2000-0251
-CVE-2000-0249
-CVE-2000-0247
-CVE-2000-0246
-CVE-2000-0245
-CVE-2000-0243
-CVE-2000-0240
-CVE-2000-0238
-CVE-2000-0237
-CVE-2000-0236
-CVE-2000-0235
-CVE-2000-0234
-CVE-2000-0233
-CVE-2000-0232
-CVE-2000-0231
-CVE-2000-0230
-CVE-2000-0229
-CVE-2000-0228
-CVE-2000-0226
-CVE-2000-0225
-CVE-2000-0224
-CVE-2000-0223
-CVE-2000-0222
-CVE-2000-0221
-CVE-2000-0218
-CVE-2000-0217
-CVE-2000-0215
-CVE-2000-0212
-CVE-2000-0211
-CVE-2000-0210
-CVE-2000-0209
-CVE-2000-0208
-CVE-2000-0207
-CVE-2000-0206
-CVE-2000-0202
-CVE-2000-0201
-CVE-2000-0200
-CVE-2000-0196
-CVE-2000-0195
-CVE-2000-0194
-CVE-2000-0193
-CVE-2000-0192
-CVE-2000-0191
-CVE-2000-0189
-CVE-2000-0186
-CVE-2000-0185
-CVE-2000-0184
-CVE-2000-0183
-CVE-2000-0182
-CVE-2000-0181
-CVE-2000-0180
-CVE-2000-0179
-CVE-2000-0178
-CVE-2000-0175
-CVE-2000-0174
-CVE-2000-0172
-CVE-2000-0171
-CVE-2000-0170
-CVE-2000-0169
-CVE-2000-0168
-CVE-2000-0166
-CVE-2000-0165
-CVE-2000-0164
-CVE-2000-0162
-CVE-2000-0161
-CVE-2000-0159
-CVE-2000-0157
-CVE-2000-0156
-CVE-2000-0152
-CVE-2000-0150
-CVE-2000-0149
-CVE-2000-0148
-CVE-2000-0146
-CVE-2000-0145
-CVE-2000-0144
-CVE-2000-0141
-CVE-2000-0140
-CVE-2000-0139
-CVE-2000-0131
-CVE-2000-0130
-CVE-2000-0128
-CVE-2000-0127
-CVE-2000-0121
-CVE-2000-0120
-CVE-2000-0117
-CVE-2000-0116
-CVE-2000-0113
-CVE-2000-0112
-CVE-2000-0111
-CVE-2000-0107
-CVE-2000-0100
-CVE-2000-0099
-CVE-2000-0098
-CVE-2000-0097
-CVE-2000-0095
-CVE-2000-0094
-CVE-2000-0092
-CVE-2000-0091
-CVE-2000-0090
-CVE-2000-0089
-CVE-2000-0088
-CVE-2000-0087
-CVE-2000-0083
-CVE-2000-0080
-CVE-2000-0076
-CVE-2000-0075
-CVE-2000-0073
-CVE-2000-0072
-CVE-2000-0070
-CVE-2000-0065
-CVE-2000-0064
-CVE-2000-0063
-CVE-2000-0062
-CVE-2000-0060
-CVE-2000-0057
-CVE-2000-0056
-CVE-2000-0053
-CVE-2000-0052
-CVE-2000-0051
-CVE-2000-0050
-CVE-2000-0048
-CVE-2000-0045
-CVE-2000-0044
-CVE-2000-0043
-CVE-2000-0042
-CVE-2000-0041
-CVE-2000-0040
-CVE-2000-0039
-CVE-2000-0037
-CVE-2000-0036
-CVE-2000-0034
-CVE-2000-0033
-CVE-2000-0032
-CVE-2000-0031
-CVE-2000-0030
-CVE-2000-0029
-CVE-2000-0027
-CVE-2000-0026
-CVE-2000-0025
-CVE-2000-0024
-CVE-2000-0023
-CVE-2000-0022
-CVE-2000-0020
-CVE-2000-0018
-CVE-2000-0015
-CVE-2000-0014
-CVE-2000-0013
-CVE-2000-0012
-CVE-2000-0011
-CVE-2000-0010
-CVE-2000-0009
-CVE-2000-0007
-CVE-2000-0006
-CVE-2000-0004
-CVE-2000-0003
-CVE-2000-0002
-CVE-2000-0001
-CVE-1999-1568
-CVE-1999-1565
-CVE-1999-1556
-CVE-1999-1550
-CVE-1999-1542
-CVE-1999-1537
-CVE-1999-1535
-CVE-1999-1531
-CVE-1999-1530
-CVE-1999-1520
-CVE-1999-1512
-CVE-1999-1507
-CVE-1999-1494
-CVE-1999-1490
-CVE-1999-1488
-CVE-1999-1486
-CVE-1999-1481
-CVE-1999-1478
-CVE-1999-1476
-CVE-1999-1473
-CVE-1999-1472
-CVE-1999-1468
-CVE-1999-1456
-CVE-1999-1455
-CVE-1999-1452
-CVE-1999-1437
-CVE-1999-1433
-CVE-1999-1432
-CVE-1999-1423
-CVE-1999-1419
-CVE-1999-1414
-CVE-1999-1411
-CVE-1999-1409
-CVE-1999-1407
-CVE-1999-1402
-CVE-1999-1397
-CVE-1999-1386
-CVE-1999-1385
-CVE-1999-1384
-CVE-1999-1382
-CVE-1999-1380
-CVE-1999-1379
-CVE-1999-1365
-CVE-1999-1363
-CVE-1999-1362
-CVE-1999-1360
-CVE-1999-1359
-CVE-1999-1358
-CVE-1999-1356
-CVE-1999-1351
-CVE-1999-1341
-CVE-1999-1339
-CVE-1999-1337
-CVE-1999-1336
-CVE-1999-1335
-CVE-1999-1333
-CVE-1999-1332
+CVE-2002-0379 (Buffer overflow in University of Washington imap server
(uw-imapd) ...)
+CVE-2002-0377 (Gaim 0.57 stores sensitive information in world-readable and
...)
+CVE-2002-0376 (Buffer overflow in Apple QuickTime 5.0 ActiveX component allows
remote ...)
+CVE-2002-0374 (Format string vulnerability in the logging function for the
pam_ldap ...)
+CVE-2002-0373 (The Windows Media Device Manager (WMDM) Service in Microsoft
Windows ...)
+CVE-2002-0372 (Microsoft Windows Media Player versions 6.4 and 7.1 and Media
Player ...)
+CVE-2002-0369 (Buffer overflow in ASP.NET Worker Process allows remote
attackers to ...)
+CVE-2002-0368 (The Store Service in Microsoft Exchange 2000 allows remote
attackers ...)
+CVE-2002-0367 (smss.exe debugging subsystem in Windows NT and Windows 2000 does
not ...)
+CVE-2002-0366 (Buffer overflow in Remote Access Service (RAS) phonebook for
Windows ...)
+CVE-2002-0364 (Buffer overflow in the chunked encoding transfer mechanism in
IIS 4.0 ...)
+CVE-2002-0363 (ghostscript before 6.53 allows attackers to execute arbitrary
commands ...)
+CVE-2002-0362 (Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later
allows ...)
+CVE-2002-0359 (xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication,
which ...)
+CVE-2002-0358 (MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier
allows ...)
+CVE-2002-0357 (Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem
of SGI ...)
+CVE-2002-0356 (Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI
IRIX ...)
+CVE-2002-0355 (netstat in SGI IRIX before 6.5.12 allows local users to
determine the ...)
+CVE-2002-0339 (Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding
(CEF) ...)
+CVE-2002-0330 (Cross-site scripting vulnerability in codeparse.php of Open
Bulletin ...)
+CVE-2002-0329 (Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03
and ...)
+CVE-2002-0318 (FreeRADIUS RADIUS server allows remote attackers to cause a
denial of ...)
+CVE-2002-0313 (Buffer overflow in Essentia Web Server 2.1 allows remote
attackers to ...)
+CVE-2002-0309 (SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes
the ...)
+CVE-2002-0302 (The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x
drops ...)
+CVE-2002-0300 (gnujsp 1.0.0 and 1.0.1 allows remote attackers to list
directories, ...)
+CVE-2002-0299 (CNet CatchUp before 1.3.1 allows attackers to execute arbitrary
code ...)
+CVE-2002-0292 (Cross-site scripting vulnerability in Slash before 2.2.5, as
used in ...)
+CVE-2002-0290 (Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe,
allows ...)
+CVE-2002-0287 (pforum 1.14 and earlier does no explicitly enable PHP magic
quotes, ...)
+CVE-2002-0276 (Buffer overflow in various decoders in Ettercap 0.6.3.1 and
earlier, ...)
+CVE-2002-0275 (Falcon web server 2.0.0.1020 and earlier allows remote attackers
to ...)
+CVE-2002-0274 (Exim 3.34 and earlier may allow local users to gain privileges
via a ...)
+CVE-2002-0267 (preferences.php in Simple Internet Publishing System (SIPS)
before ...)
+CVE-2002-0265 (Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword
file ...)
+CVE-2002-0251 (Buffer overflow in licq 1.0.4 and earlier allows remote
attackers to ...)
+CVE-2002-0250 (Web configuration utility in HP AdvanceStack hubs J3200A through
...)
+CVE-2002-0246 (Format string vulnerability in the message catalog library
functions ...)
+CVE-2002-0241 (NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS)
3.0.1 ...)
+CVE-2002-0237 (Buffer overflow in ISS BlackICE Defender 2.9 and earlier,
BlackICE ...)
+CVE-2002-0226 (retrieve_password.pl in DCForum 6.x and 2000 generates
predictable new ...)
+CVE-2002-0213 (xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to
read ...)
+CVE-2002-0211 (Race condition in the installation script for Tarantella
Enterprise 3 ...)
+CVE-2002-0209 (Nortel Alteon ACEdirector WebOS 9.0, with the Server Load
Balancing ...)
+CVE-2002-0207 (Buffer overflow in Real Networks RealPlayer 8.0 and earlier
allows ...)
+CVE-2002-0197 (psyBNC 2.3 beta and earlier allows remote attackers to spoof
...)
+CVE-2002-0196 (GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if
the ...)
+CVE-2002-0193 (Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers
to ...)
+CVE-2002-0191 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote
attackers ...)
+CVE-2002-0190 (Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote
attackers ...)
+CVE-2002-0188 (Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers
to ...)
+CVE-2002-0187 (Cross-site scripting vulnerability in the SQLXML component of
...)
+CVE-2002-0186 (Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL
Server ...)
+CVE-2002-0185 (mod_python version 2.7.6 and earlier allows a module indirectly
...)
+CVE-2002-0184 (Heap-based buffer overflow in sudo before 1.6.6 may allow local
users ...)
+CVE-2002-0181 (Cross-site scripting vulnerability in status.php3 for IMP 2.2.8
and ...)
+CVE-2002-0179 (Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier
allows ...)
+CVE-2002-0178 (uudecode, as available in the sharutils package before 4.2.1,
does not ...)
+CVE-2002-0176 (The printf wrappers in libsafe 2.0-11 and earlier do not
properly ...)
+CVE-2002-0175 (libsafe 2.0-11 and earlier allows attackers to bypass protection
...)
+CVE-2002-0174 (nsd on SGI IRIX before 6.5.11 allows local users to overwrite
...)
+CVE-2002-0173 (Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart
...)
+CVE-2002-0172 (/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with
...)
+CVE-2002-0171 (IRISconsole 2.0 may allow users to log into the icadmin account
with ...)
+CVE-2002-0170 (Zope 2.2.0 through 2.5.1 does not properly verify the access for
...)
+CVE-2002-0169 (The default stylesheet for DocBook on Red Hat Linux 6.2 through
7.2 is ...)
+CVE-2002-0168 (Vulnerability in Imlib before 1.9.13 allows attackers to cause a
...)
+CVE-2002-0167 (Imlib before 1.9.13 sometimes uses the NetPBM package to load
trusted ...)
+CVE-2002-0166 (Cross-site scripting vulnerability in analog before 5.22 allows
remote ...)
+CVE-2002-0163 (Heap-based buffer overflow in Squid before 2.4 STABLE4, and
Squid 2.5 ...)
+CVE-2002-0160 (The administration function in Cisco Secure Access Control
Server ...)
+CVE-2002-0159 (Format string vulnerability in the administration function in
Cisco ...)
+CVE-2002-0158 (Buffer overflow in Xsun on Solaris 2.6 through 8 allows local
users to ...)
+CVE-2002-0157 (Nautilus 1.0.4 and earlier allows local users to overwrite
arbitrary ...)
+CVE-2002-0155 (Buffer overflow in Microsoft MSN Chat ActiveX Control, as used
in MSN ...)
+CVE-2002-0153 (Internet Explorer 5.1 for Macintosh allows remote attackers to
bypass ...)
+CVE-2002-0152 (Buffer overflow in various Microsoft applications for Macintosh
allows ...)
+CVE-2002-0151 (Buffer overflow in Multiple UNC Provider (MUP) in Microsoft
Windows ...)
+CVE-2002-0150 (Buffer overflow in Internet Information Server (IIS) 4.0, 5.0,
and 5.1 ...)
+CVE-2002-0149 (Buffer overflow in ASP Server-Side Include Function in IIS 4.0,
5.0 ...)
+CVE-2002-0148 (Cross-site scripting vulnerability in Internet Information
Server ...)
+CVE-2002-0147 (Buffer overflow in the ASP data transfer mechanism in Internet
...)
+CVE-2002-0146 (fetchmail email client before 5.9.10 does not properly limit the
...)
+CVE-2002-0143 (Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and
earlier ...)
+CVE-2002-0139 (Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to
redirect ...)
+CVE-2002-0128 (cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote
attackers ...)
+CVE-2002-0123 (MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and
earlier, ...)
+CVE-2002-0121 (PHP 4.0 through 4.1.1 stores session IDs in temporary files
whose name ...)
+CVE-2002-0120 (Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable
backup ...)
+CVE-2002-0117 (Cross-site scripting vulnerability in Yet Another Bulletin Board
...)
+CVE-2002-0115 (Snort 1.8.3 does not properly define the minimum ICMP header
size, ...)
+CVE-2002-0111 (Directory traversal vulnerability in Funsoft Dino''s
Webserver 1.2 and ...)
+CVE-2002-0107 (Web administration interface in CacheFlow CacheOS 4.0.13 and
earlier ...)
+CVE-2002-0098 (Buffer overflow in index.cgi administration interface for Boozt!
...)
+CVE-2002-0097 (Geeklog 1.3 allows remote attackers to hijack user accounts,
including ...)
+CVE-2002-0096 (The installation of Geeklog 1.3 creates an extra
group_assignments ...)
+CVE-2002-0095 (The default configuration of BSCW (Basic Support for Cooperative
Work) ...)
+CVE-2002-0094 (config_converters.py in BSCW (Basic Support for Cooperative
Work) 3.x ...)
+CVE-2002-0092 (CVS before 1.10.8 does not properly initialize a global
variable, ...)
+CVE-2002-0090 (Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8
...)
+CVE-2002-0083 (Off-by-one error in the channel code of OpenSSH 2.0 through
3.0.2 ...)
+CVE-2002-0082 (The dbm and shm session cache code in mod_ssl before
2.8.7-1.3.23, and ...)
+CVE-2002-0081 (Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and
4.0.6 ...)
+CVE-2002-0080 (rsync, when running in daemon mode, does not properly call
setgroups ...)
+CVE-2002-0079 (Buffer overflow in the chunked encoding transfer mechanism in
Internet ...)
+CVE-2002-0078 (The zone determination function in Microsoft Internet Explorer
5.5 and ...)
+CVE-2002-0076 (Java Runtime Environment (JRE) Bytecode Verifier allows remote
...)
+CVE-2002-0075 (Cross-site scripting vulnerability for Internet Information
Server ...)
+CVE-2002-0074 (Cross-site scripting vulnerability in Help File search facility
for ...)
+CVE-2002-0073 (The FTP service in Internet Information Server (IIS) 4.0, 5.0
and 5.1 ...)
+CVE-2002-0072 (The w3svc.dll ISAPI filter in Front Page Server Extensions and
ASP.NET ...)
+CVE-2002-0071 (Buffer overflow in the ism.dll ISAPI extension that implements
HTR ...)
+CVE-2002-0070 (Buffer overflow in Windows Shell (used as the Windows Desktop)
allows ...)
+CVE-2002-0069 (Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows
remote ...)
+CVE-2002-0068 (Squid 2.4 STABLE3 and earlier allows remote attackers to cause a
...)
+CVE-2002-0067 (Squid 2.4 STABLE3 and earlier does not properly disable HTCP,
even ...)
+CVE-2002-0066 (Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe
that ...)
+CVE-2002-0065 (Funk Software Proxy Host 3.x uses weak encryption for the Proxy
Host ...)
+CVE-2002-0064 (Funk Software Proxy Host 3.x is installed with insecure
permissions ...)
+CVE-2002-0063 (Buffer overflow in ippRead function of CUPS before 1.1.14 may
allow ...)
+CVE-2002-0062 (Buffer overflow in ncurses 5.0, and the ncurses4 compatibility
package ...)
+CVE-2002-0061 (Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta,
allows ...)
+CVE-2002-0060 (IRC connection tracking helper module in the netfilter subsystem
for ...)
+CVE-2002-0059 (The decompression algorithm in zlib 1.1.3 and earlier, as used
in many ...)
+CVE-2002-0057 (XMLHTTP control in Microsoft XML Core Services 2.6 and later
does not ...)
+CVE-2002-0055 (SMTP service in Microsoft Windows 2000, Windows XP Professional,
and ...)
+CVE-2002-0054 (SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail
...)
+CVE-2002-0052 (Internet Explorer 6.0 and earlier does not properly handle
VBScript in ...)
+CVE-2002-0051 (Windows 2000 allows local users to prevent the application of
new ...)
+CVE-2002-0050 (Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce
...)
+CVE-2002-0049 (Microsoft Exchange Server 2000 System Attendant gives
"Everyone" group ...)
+CVE-2002-0047 (CIPE VPN package before 1.3.0-3 allows remote attackers to cause
a ...)
+CVE-2002-0046 (Linux kernel, and possibly other operating systems, allows
remote ...)
+CVE-2002-0045 (slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and
anonymous ...)
+CVE-2002-0044 (GNU Enscript 1.6.1 and earlier allows local users to overwrite
...)
+CVE-2002-0043 (sudo 1.6.0 through 1.6.3p7 does not properly clear the
environment ...)
+CVE-2002-0042 (Vulnerability in the XFS file system for SGI IRIX before 6.5.12
allows ...)
+CVE-2002-0040 (Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local
users to ...)
+CVE-2002-0038 (Vulnerability in the cache-limiting function of the unified name
...)
+CVE-2002-0036 (Integer signedness error in MIT Kerberos V5 ASN.1 decoder before
krb5 ...)
+CVE-2002-0033 (Heap-based buffer overflow in cfsd_calloc function of Solaris
cachefsd ...)
+CVE-2002-0032 (Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers
to ...)
+CVE-2002-0028 (Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659
allows ...)
+CVE-2002-0027 (Internet Explorer 5.5 and 6.0 allows remote attackers to read
certain ...)
+CVE-2002-0026 (Internet Explorer 5.5 and 6.0 allows remote attackers to bypass
...)
+CVE-2002-0025 (Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the
...)
+CVE-2002-0024 (File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows
an ...)
+CVE-2002-0023 (Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to
read ...)
+CVE-2002-0022 (Buffer overflow in the implementation of an HTML directive in
...)
+CVE-2002-0021 (Network Product Identification (PID) Checker in Microsoft Office
v. X ...)
+CVE-2002-0020 (Buffer overflow in telnet server in Windows 2000 and Interix 2.2
...)
+CVE-2002-0018 (In Microsoft Windows NT and Windows 2000, a trusting domain that
...)
+CVE-2002-0017 (Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through
6.5.15m ...)
+CVE-2002-0014 (URL-handling code in Pine 4.43 and earlier allows remote
attackers to ...)
+CVE-2002-0011 (Information leak in doeditvotes.cgi in Bugzilla before 2.14.1
may ...)
+CVE-2002-0009 (show_bug.cgi in Bugzilla before 2.14.1 allows a user with
"Bugs ...)
+CVE-2002-0007 (CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote
...)
+CVE-2002-0006 (XChat 1.8.7 and earlier, including default configurations of
1.4.2 and ...)
+CVE-2002-0005 (Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480,
4.8.2616, and ...)
+CVE-2002-0004 (Heap corruption vulnerability in the "at"
program allows local users ...)
+CVE-2002-0003 (Buffer overflow in the preprocessor in groff 1.16 and earlier
allows ...)
+CVE-2002-0002 (Format string vulnerability in stunnel before 3.22 when used in
client ...)
+CVE-2001-1407 (Bugzilla before 2.14 allows Bugzilla users to bypass group
security ...)
+CVE-2001-1406 (process_bug.cgi in Bugzilla before 2.14 does not set the
"groupset" ...)
+CVE-2001-1391 (Off-by-one vulnerability in CPIA driver of Linux kernel before
2.2.19 ...)
+CVE-2001-1386 (WFTPD 3.00 allows remote attackers to read arbitrary files by
...)
+CVE-2001-1385 (The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled
with ...)
+CVE-2001-1383 (initscript in setserial 2.17-4 and earlier uses predictable
temporary ...)
+CVE-2001-1382 (The "echo simulation" traffic analysis
countermeasure in OpenSSH ...)
+CVE-2001-1380 (OpenSSH before 2.9.9, while using keypairs and multiple keys of
...)
+CVE-2001-1378 (fetchmailconf in fetchmail before 5.7.4 allows local users to
...)
+CVE-2001-1375 (tcl/tk package (tcltk) 8.3.1 searches for its libraries in the
current ...)
+CVE-2001-1374 (expect before 5.32 searches for its libraries in /var/tmp before
other ...)
+CVE-2001-1373 (MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm
Pro 2.6 ...)
+CVE-2001-1372 (Oracle 9i Application Server 1.0.2 allows remote attackers to
obtain ...)
+CVE-2001-1371 (The default configuration of Oracle Application Server 9iAS
1.0.2.2 ...)
+CVE-2001-1370 (prepend.php3 in PHPLib before 7.2d, when register_globals is
enabled ...)
+CVE-2001-1369 (Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to
...)
+CVE-2001-1367 (The checkAccess function in PHPSlice 0.1.4, and all other
versions ...)
+CVE-2001-1359 (Volution clients 1.0.7 and earlier attempt to contact the
computer ...)
+CVE-2001-1352 (Cross-site scripting vulnerability in Namazu 2.0.9 and earlier
allows ...)
+CVE-2001-1351 (Cross-site scripting vulnerability in Namazu 2.0.8 and earlier
allows ...)
+CVE-2001-1350 (Cross-site scripting vulnerability in namazu.cgi for Namazu
2.0.7 and ...)
+CVE-2001-1349 (Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows
local ...)
+CVE-2001-1347 (Windows 2000 allows local users to cause a denial of service and
...)
+CVE-2001-1345 (bctool in Jetico BestCrypt 0.7 and earlier trusts the
user-supplied ...)
+CVE-2001-1342 (Apache before 1.3.20 on Windows and OS/2 systems allows remote
...)
+CVE-2001-1334 (Block_render_url.class in PHPSlash 0.6.1 allows remote attackers
with ...)
+CVE-2001-1328 (Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows
...)
+CVE-2001-1327 (pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed
with ...)
+CVE-2001-1322 (xinetd 2.1.8 and earlier runs with a default umask of 0, which
could ...)
+CVE-2001-1303 (The default configuration of SecuRemote for Check Point
Firewall-1 ...)
+CVE-2001-1302 (The change password option in the Windows Security interface for
...)
+CVE-2001-1301 (rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other
versions ...)
+CVE-2001-1299 (Zorbat Zorbstats PHP script before 0.9 allows remote attackers
to ...)
+CVE-2001-1297 (Actionpoll PHP script before 1.1.2 allows remote attackers to
include ...)
+CVE-2001-1296 (More.groupware PHP script allows remote attackers to include
arbitrary ...)
+CVE-2001-1295 (Directory traversal vulnerability in Cerberus FTP Server 1.5 and
...)
+CVE-2001-1291 (The telnet server for 3Com hardware such as PS40 SuperStack II
does ...)
+CVE-2001-1279 (Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x)
allows ...)
+CVE-2001-1277 (makewhatis in the man package before 1.5i2 allows an attacker in
group ...)
+CVE-2001-1276 (ispell before 3.1.20 allows local users to overwrite files of
other ...)
+CVE-2001-1267 (Directory traversal vulnerability in GNU tar 1.13.19 and earlier
...)
+CVE-2001-1266 (Directory traversal vulnerability in Doug Neal''s HTTPD
Daemon ...)
+CVE-2001-1252 (Network Associates PGP Keyserver 7.0 allows remote attackers to
bypass ...)
+CVE-2001-1251 (SmallHTTP 1.204 through 3.00 beta 8 allows remote attackers to
cause a ...)
+CVE-2001-1247 (PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to
read ...)
+CVE-2001-1246 (PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse
the 5th ...)
+CVE-2001-1240 (The default configuration of sudo in Engarde Secure Linux 1.0.1
allows ...)
+CVE-2001-1237 (Phormation PHP script 0.9.1 and earlier allows remote attackers
to ...)
+CVE-2001-1236 (myphpPagetool PHP script 0.4.3-1 and earlier allows remote
attackers ...)
+CVE-2001-1235 (pSlash PHP script 0.7 and earlier allows remote attackers to
execute ...)
+CVE-2001-1234 (Bharat Mediratta Gallery PHP script before 1.2.1 allows remote
...)
+CVE-2001-1231 (GroupWise 5.5 and 6 running in live remove or smart caching mode
...)
+CVE-2001-1227 (Zope before 2.2.4 allows partially trusted users to bypass
security ...)
+CVE-2001-1215 (Format string vulnerability in PFinger 0.7.5 through 0.7.7
allows ...)
+CVE-2001-1203 (Format string vulnerability in gpm-root in gpm 1.17.8 through
1.17.18 ...)
+CVE-2001-1201 (Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local
users ...)
+CVE-2001-1200 (Microsoft Windows XP allows local users to bypass a locked
screen and ...)
+CVE-2001-1199 (Cross-site scripting vulnerability in agora.cgi for Agora 3.0a
through ...)
+CVE-2001-1193 (Directory traversal vulnerability in EFTP 2.0.8.346 allows local
users ...)
+CVE-2001-1186 (Microsoft IIS 5.0 allows remote attackers to cause a denial of
service ...)
+CVE-2001-1185 (Some AIO operations in FreeBSD 4.4 may be delayed until after a
call ...)
+CVE-2001-1183 (PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote
attackers ...)
+CVE-2001-1180 (FreeBSD 4.3 does not properly clear shared signal handlers when
...)
+CVE-2001-1177 (ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows
local ...)
+CVE-2001-1176 (Format string vulnerability in Check Point VPN-1/FireWall-1 4.1
allows ...)
+CVE-2001-1175 (vipw in the util-linux package before 2.10 causes /etc/shadow to
be ...)
+CVE-2001-1174 (Buffer overflow in Elm 2.5.5 and earlier allows remote attackers
to ...)
+CVE-2001-1172 (OmniSecure HTTProtect 1.1.1 allows a superuser without omnish
...)
+CVE-2001-1166 (linprocfs on FreeBSD 4.3 and earlier does not properly restrict
access ...)
+CVE-2001-1162 (Directory traversal vulnerability in the %m macro in the
smb.conf ...)
+CVE-2001-1161 (Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6
allows ...)
+CVE-2001-1160 (udirectory.pl in Microburst Technologies uDirectory 2.0 and
earlier ...)
+CVE-2001-1158 (Check Point VPN-1/FireWall-1 4.1 base.def contains a default
macro, ...)
+CVE-2001-1155 (TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with
the ...)
+CVE-2001-1153 (lpsystem in OpenUnix 8.0.0 allows local users to cause a denial
of ...)
+CVE-2001-1149 (Panda Antivirus Platinum before 6.23.00 allows a remore attacker
to ...)
+CVE-2001-1147 (The PAM implementation in /bin/login of the util-linux package
before ...)
+CVE-2001-1146 (AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1
...)
+CVE-2001-1145 (fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2,
and ...)
+CVE-2001-1144 (Directory traversal vulnerability in McAfee ASaP VirusScan agent
1.0 ...)
+CVE-2001-1141 (The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL
before ...)
+CVE-2001-1132 (Mailman 2.0.x before 2.0.6 allows remote attackers to gain
access to ...)
+CVE-2001-1130 (Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers
to ...)
+CVE-2001-1121 (Cross-site scripting (CSS) vulnerability in JRun 3.0 and 2.3.3
allows ...)
+CVE-2001-1119 (cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to
...)
+CVE-2001-1118 (A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264,
does not ...)
+CVE-2001-1117 (LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware
before ...)
+CVE-2001-1116 (Identix BioLogon 2.03 and earlier does not lock secondary
displays on ...)
+CVE-2001-1113 (Buffer overflow in TrollFTPD 1.26 and earlier allows local users
to ...)
+CVE-2001-1108 (Directory traversal vulnerability in SnapStream PVS 1.2a allows
remote ...)
+CVE-2001-1106 (The default configuration of Sambar Server 5 and earlier uses a
...)
+CVE-2001-1103 (FTP Voyager ActiveX control before 8.0, when it is marked as
safe for ...)
+CVE-2001-1100 (sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI
programs, ...)
+CVE-2001-1099 (The default configuration of Norton AntiVirus for Microsoft
Exchange ...)
+CVE-2001-1098 (Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable
password in ...)
+CVE-2001-1096 (Buffer overflows in muxatmd in AIX 4 allows an attacker to cause
a ...)
+CVE-2001-1095 (Buffer overflow in uuq in AIX 4 could alllow local users to
execute ...)
+CVE-2001-1089 (libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote
attackers to ...)
+CVE-2001-1088 (Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and
earlier, ...)
+CVE-2001-1085 (Lmail 2.7 and earlier allows local users to overwrite arbitrary
files ...)
+CVE-2001-1084 (Cross-site scripting vulnerability in Allaire JRun 3.1 and
earlier ...)
+CVE-2001-1083 (Icecast 1.3.7, and other versions before 1.3.11 with HTTP server
file ...)
+CVE-2001-1081 (Format string vulnerabilities in Livingston/Lucent RADIUS before
...)
+CVE-2001-1080 (diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment
variable ...)
+CVE-2001-1079 (create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX
creates ...)
+CVE-2001-1075 (poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote
...)
+CVE-2001-1074 (Webmin 0.84 and earlier does not properly clear the
HTTP_AUTHORIZATION ...)
+CVE-2001-1072 (Apache with mod_rewrite enabled on most UNIX systems allows
remote ...)
+CVE-2001-1071 (Cisco IOS 12.2 and earlier running Cisco Discovery Protocol
(CDP) ...)
+CVE-2001-1069 (libCoolType library as used in Adobe Acrobat (acroread) on Linux
...)
+CVE-2001-1067 (Buffer overflow in AOLserver 3.0 allows remote attackers to
cause a ...)
+CVE-2001-1066 (ns6install installation script for Netscape 6.01 on Solaris, and
other ...)
+CVE-2001-1063 (Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and
UnixWare 7 ...)
+CVE-2001-1062 (Buffer overflow in mana in OpenServer 5.0.6a and earlier allows
local ...)
+CVE-2001-1059 (VMWare creates a temporary file vmware-log.USERNAME with
insecure ...)
+CVE-2001-1056 (IRC DCC helper in the ip_masq_irc IP masquerading module 2.2
allows ...)
+CVE-2001-1055 (The Microsoft Windows network stack allows remote attackers to
cause a ...)
+CVE-2001-1054 (PHPAdsNew PHP script allows remote attackers to include
arbitrary ...)
+CVE-2001-1053 (AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers
to ...)
+CVE-2001-1049 (Phorecast PHP script before 0.40 allows remote attackers to
include ...)
+CVE-2001-1048 (AWOL PHP script allows remote attackers to include arbitrary
files ...)
+CVE-2001-1046 (Buffer overflow in qpopper (aka qpop or popper) 4.0 through
4.0.2 ...)
+CVE-2001-1043 (ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read
arbitrary ...)
+CVE-2001-1038 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote
...)
+CVE-2001-1037 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows local
users to ...)
+CVE-2001-1036 (GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows
local ...)
+CVE-2001-1035 (Binary decoding feature of slrn 0.9 and earlier allows remote
...)
+CVE-2001-1032 (admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not
check ...)
+CVE-2001-1030 (Squid before 2.3STABLE5 in HTTP accelerator mode does not enable
...)
+CVE-2001-1029 (libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop
privileges ...)
+CVE-2001-1028 (Buffer overflow in ultimate_source function of man 1.5 and
earlier ...)
+CVE-2001-1027 (Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier
allows ...)
+CVE-2001-1022 (Format string vulnerability in pic utility in groff 1.16.1 and
other ...)
+CVE-2001-1020 (edit_image.php in Vibechild Directory Manager before 0.91 allows
...)
+CVE-2001-1017 (rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the ...)
+CVE-2001-1016 (PGP Corporate Desktop before 7.1, Personal Security before
7.0.3, ...)
+CVE-2001-1011 (index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows
remote ...)
+CVE-2001-1010 (Directory traversal vulnerability in pagecount CGI script in
Sambar ...)
+CVE-2001-1008 (Java Plugin 1.4 for JRE 1.3 executes signed applets even if the
...)
+CVE-2001-1002 (The default configuration of the DVI print filter (dvips) in Red
Hat ...)
+CVE-2001-0998 (IBM HACMP 4.4 allows remote attackers to cause a denial of
service via ...)
+CVE-2001-0995 (PHProjekt before 2.4a allows remote attackers to perform actions
as ...)
+CVE-2001-0993 (sendmsg function in NetBSD 1.3 through 1.5 allows local users to
cause ...)
+CVE-2001-0987 (Cross-site scripting vulnerability in CGIWrap before 3.7 allows
remote ...)
+CVE-2001-0982 (Directory traversal vulnerability in IBM Tivoli WebSEAL Policy
...)
+CVE-2001-0981 (HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the
"unix ...)
+CVE-2001-0980 (docview before 1.0-15 allows remote attackers to execute
arbitrary ...)
+CVE-2001-0978 (login in HP-UX 10.26 does not record failed login attempts in
...)
+CVE-2001-0977 (slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8,
allows ...)
+CVE-2001-0973 (BSCW groupware system 3.3 through 4.0.2 beta allows remote
attackers ...)
+CVE-2001-0969 (ipfw in FreeBSD does not properly handle the use of
"me" in its rules ...)
+CVE-2001-0965 (glFTPD 1.23 allows remote attackers to cause a denial of service
(CPU ...)
+CVE-2001-0963 (Directory traversal vulnerability in SpoonFTP 1.1 allows local
and ...)
+CVE-2001-0962 (IBM WebSphere Application Server 3.02 through 3.53 uses
predictable ...)
+CVE-2001-0961 (Buffer overflow in tab expansion capability of the most program
allows ...)
+CVE-2001-0960 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000
7.0 ...)
+CVE-2001-0959 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000
7.0 ...)
+CVE-2001-0954 (Lotus Domino 5.0.5 and 5.0.8, and possibly other versions,
allows ...)
+CVE-2001-0951 (Windows 2000 allows remote attackers to cause a denial of
service (CPU ...)
+CVE-2001-0946 (apmscript in Apmd in Red Hat 7.2 "Enigma"
allows local users to create ...)
+CVE-2001-0940 (Buffer overflow in the GUI authentication code of Check Point
...)
+CVE-2001-0939 (Lotus Domino 5.08 and earlier allows remote attackers to cause a
...)
+CVE-2001-0936 (Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier,
with ...)
+CVE-2001-0929 (Cisco IOS Firewall Feature set, aka Context Based Access Control
...)
+CVE-2001-0921 (Netscape 4.79 and earlier for MacOS allows an attacker with
access to ...)
+CVE-2001-0920 (Format string vulnerability in auto nice daemon (AND) 1.0.4 and
...)
+CVE-2001-0918 (Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3
allow ...)
+CVE-2001-0917 (Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical
path ...)
+CVE-2001-0914 (Linux kernel before 2.4.11pre3 in multiple Linux distributions
allows ...)
+CVE-2001-0912 (Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes
expect ...)
+CVE-2001-0909 (Buffer overflow in helpctr.exe program in Microsoft Help Center
for ...)
+CVE-2001-0907 (Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10,
allows ...)
+CVE-2001-0906 (teTeX filter before 1.0.7 allows local users to gain privileges
via a ...)
+CVE-2001-0905 (Race condition in signal handling of procmail 3.20 and earlier,
when ...)
+CVE-2001-0902 (Microsoft IIS 5.0 allows remote attackers to spoof web log
entries via ...)
+CVE-2001-0901 (Hypermail allows remote attackers to execute arbitrary commands
on a ...)
+CVE-2001-0900 (Directory traversal vulnerability in modules.php in Gallery
before ...)
+CVE-2001-0899 (Network Tools 0.2 for PHP-Nuke allows remote attackers to
execute ...)
+CVE-2001-0896 (Inetd in OpenServer 5.0.5 allows remote attackers to cause a
denial of ...)
+CVE-2001-0895 (Multiple Cisco networking products allow remote attackers to
cause a ...)
+CVE-2001-0894 (Vulnerability in Postfix SMTP server before 20010228-pl07, when
...)
+CVE-2001-0891 (Format string vulnerability in NQS daemon (nqsdaemon) in NQE
3.3.0.16 ...)
+CVE-2001-0889 (Exim 3.22 and earlier, in some configurations, does not properly
...)
+CVE-2001-0888 (Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote
attackers ...)
+CVE-2001-0887 (xSANE 0.81 and earlier allows local users to modify files of
other ...)
+CVE-2001-0886 (Buffer overflow in glob function of glibc allows attackers to
cause a ...)
+CVE-2001-0884 (Cross-site scripting vulnerability in Mailman email archiver
before ...)
+CVE-2001-0879 (Format string vulnerability in the C runtime functions in SQL
Server ...)
+CVE-2001-0877 (Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP
allows ...)
+CVE-2001-0876 (Buffer overflow in Universal Plug and Play (UPnP) on Windows 98,
98SE, ...)
+CVE-2001-0875 (Internet Explorer 5.5 and 6.0 allows remote attackers to cause
the ...)
+CVE-2001-0874 (Internet Explorer 5.5 and 6.0 allow remote attackers to read
certain ...)
+CVE-2001-0873 (uuxqt in Taylor UUCP package does not properly remove dangerous
long ...)
+CVE-2001-0872 (OpenSSH 3.0.1 and earlier with UseLogin enabled does not
properly ...)
+CVE-2001-0869 (Format string vulnerability in the default logging callback
function ...)
+CVE-2001-0867 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does
not ...)
+CVE-2001-0866 (Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does
not ...)
+CVE-2001-0865 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does
not ...)
+CVE-2001-0864 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does
not ...)
+CVE-2001-0863 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does
not ...)
+CVE-2001-0862 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does
not ...)
+CVE-2001-0861 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and
earlier ...)
+CVE-2001-0860 (Terminal Services Manager MMC in Windows 2000 and XP trusts the
Client ...)
+CVE-2001-0859 (2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program
sets ...)
+CVE-2001-0857 (Cross-site scripting vulnerability in status.php3 in Imp Webmail
2.2.6 ...)
+CVE-2001-0852 (TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers
to ...)
+CVE-2001-0851 (Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows
remote ...)
+CVE-2001-0850 (A configuration error in the libdb1 package in OpenLinux 3.1
uses ...)
+CVE-2001-0846 (Lotus Domino 5.x allows remote attackers to read files or
execute ...)
+CVE-2001-0843 (Squid proxy server 2.4 and earlier allows remote attackers to
cause a ...)
+CVE-2001-0837 (DeltaThree Pc-To-Phone 3.0.3 places sensitive data in
world-readable ...)
+CVE-2001-0836 (Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote
...)
+CVE-2001-0834 (htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier
allows ...)
+CVE-2001-0833 (Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows
local ...)
+CVE-2001-0830 (6tunnel 0.08 and earlier does not properly close sockets that
were ...)
+CVE-2001-0828 (A cross-site scripting vulnerability in Caucho Technology Resin
before ...)
+CVE-2001-0825 (Buffer overflow in internal string handling routines of xinetd
before ...)
+CVE-2001-0823 (The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3
allows ...)
+CVE-2001-0822 (FPF kernel module 1.0 allows a remote attacker to cause a denial
of ...)
+CVE-2001-0819 (A buffer overflow in Linux fetchmail before 5.8.6 allows remote
...)
+CVE-2001-0816 (OpenSSH before 2.9.9, when running sftp using sftp-server and
using ...)
+CVE-2001-0815 (Buffer overflow in PerlIS.dll in Activestate ActivePerl
5.6.1.629 and ...)
+CVE-2001-0806 (Apple MacOS X 10.0 and 10.1 allow a local user to read and write
to a ...)
+CVE-2001-0805 (Directory traversal vulnerability in ttawebtop.cgi in Tarantella
...)
+CVE-2001-0804 (Directory traversal vulnerability in story.pl in Interactive
Story 1.3 ...)
+CVE-2001-0803 (Buffer overflow in the client connection routine of
libDtSvc.so.1 in ...)
+CVE-2001-0801 (lpstat in IRIX 6.5.13f and earlier allows local users to gain
root ...)
+CVE-2001-0797 (Buffer overflow in login in various System V based operating
systems ...)
+CVE-2001-0796 (SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and
...)
+CVE-2001-0792 (Format string vulnerability in XChat 1.2.x allows remote
attackers to ...)
+CVE-2001-0787 (LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop
memberships ...)
+CVE-2001-0784 (Directory traversal vulnerability in Icecast 1.3.10 and earlier
allows ...)
+CVE-2001-0779 (Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris
2.6, 7 ...)
+CVE-2001-0774 (Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite
...)
+CVE-2001-0773 (Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a
denial ...)
+CVE-2001-0770 (Buffer overflow in GuildFTPd Server 0.97 allows remote attacker
to ...)
+CVE-2001-0769 (Memory leak in GuildFTPd Server 0.97 allows remote attackers to
cause ...)
+CVE-2001-0765 (BisonFTP V4R1 allows local users to access directories outside
of ...)
+CVE-2001-0764 (Buffer overflow in ntping in scotty 2.1.0 allows local users to
...)
+CVE-2001-0763 (Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may
allow ...)
+CVE-2001-0760 (Citrix Nfuse 1.51 allows remote attackers to obtain the absolute
path ...)
+CVE-2001-0757 (Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2)
12.1DC ...)
+CVE-2001-0754 (Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a
denial ...)
+CVE-2001-0752 (Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a
denial ...)
+CVE-2001-0751 (Cisco switches and routers running CBOS 2.3.8 and earlier use
...)
+CVE-2001-0750 (Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a
denial ...)
+CVE-2001-0749 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attacker
to ...)
+CVE-2001-0748 (Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly
other ...)
+CVE-2001-0745 (Netscape 4.7x allows remote attackers to obtain sensitive
information ...)
+CVE-2001-0741 (Cisco Hot Standby Routing Protocol (HSRP) allows local attackers
to ...)
+CVE-2001-0740 (3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812
router ...)
+CVE-2001-0739 (Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows
...)
+CVE-2001-0738 (LogLine function in klogd in sysklogd 1.3 in various Linux ...)
+CVE-2001-0733 (The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and
earlier ...)
+CVE-2001-0731 (Apache 1.3.20 with Multiviews enabled allows remote attackers to
view ...)
+CVE-2001-0730 (split-logfile in Apache 1.3.20 allows remote attackers to
overwrite ...)
+CVE-2001-0728 (Buffer overflow in Compaq Management Agents before 5.2, included
in ...)
+CVE-2001-0727 (Internet Explorer 6.0 allows remote attackers to execute
arbitrary ...)
+CVE-2001-0726 (Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when
used ...)
+CVE-2001-0724 (Internet Explorer 5.5 allows remote attackers to bypass security
...)
+CVE-2001-0723 (Internet Explorer 5.5 and 6.0 allows remote attackers to read
and ...)
+CVE-2001-0722 (Internet Explorer 5.5 and 6.0 allows remote attackers to read
and ...)
+CVE-2001-0720 (Internet Explorer 5.1 for Macintosh on Mac OS X allows remote
...)
+CVE-2001-0719 (Buffer overflow in Microsoft Windows Media Player 6.4 allows
remote ...)
+CVE-2001-0718 (Vulnerability in (1) Microsoft Excel 2002 and earlier and (2)
...)
+CVE-2001-0717 (Format string vulnerability in ToolTalk database server ...)
+CVE-2001-0716 (Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server
Service ...)
+CVE-2001-0710 (NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a
remote ...)
+CVE-2001-0706 (Maximum Rumpus FTP Server 2.0.3 dev and before allows an
attacker to ...)
+CVE-2001-0701 (Buffer overflow in ptexec in the Sun Validation Test Suite 4.3
and ...)
+CVE-2001-0700 (Buffer overflow in w3m 0.2.1 and earlier allows a remote
attacker to ...)
+CVE-2001-0699 (Buffer overflow in cb_reset in the System Service Processor
(SSP) ...)
+CVE-2001-0698 (Directory traversal vulnerability in NetWin SurgeFTP 2.0a and
1.0b ...)
+CVE-2001-0697 (NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause
a ...)
+CVE-2001-0696 (NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause
a ...)
+CVE-2001-0692 (SMTP proxy in WatchGuard Firebox (2500 and 4500) 4.5 and 4.6
allows a ...)
+CVE-2001-0690 (Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in
...)
+CVE-2001-0686 (Buffer overflow in mail included with SunOS 5.8 for x86 allows a
local ...)
+CVE-2001-0685 (Thibault Godouet FCron prior to 1.1.1 allows a local user to
corrupt ...)
+CVE-2001-0682 (ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a
denial ...)
+CVE-2001-0680 (Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and
...)
+CVE-2001-0677 (Eudora 5.0.2 allows a remote attacker to read arbitrary files
via an ...)
+CVE-2001-0676 (Directory traversal vulnerability in Rit Research Labs The Bat!
1.48f ...)
+CVE-2001-0675 (Rit Research Labs The Bat! 1.51 for Windows allows a remote
attacker ...)
+CVE-2001-0670 (Buffer overflow in BSD line printer daemon (in.lpd or lpd) in
various ...)
+CVE-2001-0668 (Buffer overflow in line printer daemon (rlpdaemon) in HP-UX
10.01 ...)
+CVE-2001-0667 (Internet Explorer 6 and earlier, when used with the Telnet
client in ...)
+CVE-2001-0666 (Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an
...)
+CVE-2001-0665 (Internet Explorer 6 and earlier allows remote attackers to cause
...)
+CVE-2001-0664 (Internet Explorer 5.5 and 5.01 allows remote attackers to bypass
...)
+CVE-2001-0663 (Terminal Server in Windows NT and Windows 2000 allows remote
...)
+CVE-2001-0662 (RPC endpoint mapper in Windows NT 4.0 allows remote attackers to
cause ...)
+CVE-2001-0660 (Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and
earlier, ...)
+CVE-2001-0659 (Buffer overflow in IrDA driver providing infrared data exchange
on ...)
+CVE-2001-0658 (Cross-site scripting (CSS) vulnerability in Microsoft Internet
...)
+CVE-2001-0653 (Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local
users to ...)
+CVE-2001-0652 (Heap overflow in xlock in Solaris 2.6 through 8 allows local
users to ...)
+CVE-2001-0650 (Cisco devices IOS 12.0 and earlier allow a remote attacker to
cause a ...)
+CVE-2001-0648 (Directory traversal vulnerability in PHProjekt 2.1 and earlier
allows ...)
+CVE-2001-0646 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote
attacker ...)
+CVE-2001-0644 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords
in ...)
+CVE-2001-0643 (A type-check flaw in Internet Explorer 5.5 does not display the
Class ...)
+CVE-2001-0641 (Buffer overflow in man program in various distributions of Linux
...)
+CVE-2001-0635 (Red Hat Linux 7.1 sets insecure permissions on swap files
created ...)
+CVE-2001-0634 (Sun Chili!Soft ASP has weak permissions on various configuration
...)
+CVE-2001-0631 (Centrinity First Class Internet Services 5.50 allows for the
...)
+CVE-2001-0630 (Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0
allows a ...)
+CVE-2001-0629 (HP Event Correlation Service (ecsd) as included with OpenView
Network Node ...)
+CVE-2001-0628 (Microsoft Word 2000 does not check AutoRecovery (.asd) files for
...)
+CVE-2001-0627 (vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local
attacker ...)
+CVE-2001-0626 (O''Reilly Website Professional 2.5.4 and earlier allows
remote ...)
+CVE-2001-0625 (ftpdownload in Computer Associates InoculateIT 6.0 allows a
local ...)
+CVE-2001-0622 (The web management service on Cisco Content Service series 11000
...)
+CVE-2001-0621 (The FTP server on Cisco Content Service 11000 series switches
(CSS) ...)
+CVE-2001-0616 (Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows
a ...)
+CVE-2001-0615 (Directory traversal vulnerability in Faust Informatics Freestyle
Chat ...)
+CVE-2001-0613 (Omnicron Technologies OmniHTTPD Professional 2.08 and earlier
allows a ...)
+CVE-2001-0612 (McAfee Remote Desktop 3.0 and earlier allows remote attackers to
cause ...)
+CVE-2001-0611 (Becky! 2.00.05 and earlier can allow a remote attacker to gain
...)
+CVE-2001-0596 (Netscape Communicator before 4.77 allows remote attackers to
execute ...)
+CVE-2001-0595 (Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and
8 ...)
+CVE-2001-0594 (kcms_configure as included with Solaris 7 and 8 allows a local
...)
+CVE-2001-0593 (Ananconda Partners Clipper 3.3 and earlier allows a remote
attacker to ...)
+CVE-2001-0591 (Directory traversal vulnerability in Oracle JSP 1.0.x through
1.1.1 ...)
+CVE-2001-0590 (Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows
a ...)
+CVE-2001-0589 (NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and ...)
+CVE-2001-0586 (TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local
...)
+CVE-2001-0585 (Gordano NTMail 6.0.3c allows a remote attacker to create a
denial of ...)
+CVE-2001-0574 (Directory traversal vulnerability in MP3Mystic prior to 1.04b3
allows ...)
+CVE-2001-0573 (lsfs in AIX 4.x allows a local user to gain additional
privileges by ...)
+CVE-2001-0567 (Digital Creations Zope 2.3.2 and earlier allows a local attacker
...)
+CVE-2001-0565 (Buffer overflow in mailx in Solaris 8 and earlier allows a local
...)
+CVE-2001-0564 (APC Web/SNMP Management Card prior to Firmware 310 only supports
one ...)
+CVE-2001-0563 (ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier
allows a ...)
+CVE-2001-0560 (Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a
local ...)
+CVE-2001-0559 (crontab in Vixie cron 3.0.1 and earlier does not properly drop
...)
+CVE-2001-0558 (T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote
...)
+CVE-2001-0554 (Buffer overflow in BSD-based telnetd telnet daemon on various
...)
+CVE-2001-0553 (SSH Secure Shell 3.0.0 on Unix systems does not properly perform
...)
+CVE-2001-0550 (wu-ftpd 2.6.1 allows remote attackers to execute arbitrary
commands ...)
+CVE-2001-0549 (Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a
...)
+CVE-2001-0548 (Buffer overflow in dtmail in Solaris 2.6 and 7 allows local
users to ...)
+CVE-2001-0547 (Memory leak in the proxy service in Microsoft Internet Security
and ...)
+CVE-2001-0546 (Memory leak in H.323 Gatekeeper Service in Microsoft Internet
Security ...)
+CVE-2001-0545 (IIS 4.0 with URL redirection enabled allows remote attackers to
cause ...)
+CVE-2001-0544 (IIS 5.0 allows local users to cause a denial of service (hang)
via by ...)
+CVE-2001-0543 (Memory leak in NNTP service in Windows NT 4.0 and Windows 2000
allows ...)
+CVE-2001-0541 (Buffer overflow in Microsoft Windows Media Player 7.1 and
earlier ...)
+CVE-2001-0540 (Memory leak in Terminal servers in Windows NT and Windows 2000
allows ...)
+CVE-2001-0538 (Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002
and ...)
+CVE-2001-0537 (HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to
bypass ...)
+CVE-2001-0533 (Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x
allows ...)
+CVE-2001-0530 (Spearhead NetGAP 200 and 300 before build 78 allow a remote
attacker ...)
+CVE-2001-0529 (OpenSSH version 2.9 and earlier, with X forwarding enabled,
allows a ...)
+CVE-2001-0528 (Oracle E-Business Suite Release 11i Applications Desktop
Integrator ...)
+CVE-2001-0527 (DCScripts DCForum versions 2000 and earlier allow a remote
attacker to ...)
+CVE-2001-0526 (Buffer overflow in the Xview library as used by mailtool in
Solaris 8 ...)
+CVE-2001-0525 (Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and
earlier, and ...)
+CVE-2001-0522 (Format string vulnerability in Gnu Privacy Guard (aka GnuPG or
gpg) ...)
+CVE-2001-0518 (Oracle listener before Oracle 9i allows attackers to cause a
denial of ...)
+CVE-2001-0517 (Oracle listener in Oracle 8i on Solaris allows remote attackers
to ...)
+CVE-2001-0514 (SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and
earlier, as ...)
+CVE-2001-0513 (Oracle listener process on Windows NT redirects connection
requests to ...)
+CVE-2001-0508 (Vulnerability in IIS 5.0 allows remote attackers to cause a
denial of ...)
+CVE-2001-0507 (IIS 5.0 uses relative paths to find system files that will run
...)
+CVE-2001-0506 (Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local
users to ...)
+CVE-2001-0504 (Vulnerability in authentication process for SMTP service in
Microsoft ...)
+CVE-2001-0503 (Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled
allows ...)
+CVE-2001-0502 (Running Windows 2000 LDAP Server over SSL, a function does not
...)
+CVE-2001-0501 (Microsoft Word 2002 and earlier allows attackers to
automatically ...)
+CVE-2001-0500 (Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0
and ...)
+CVE-2001-0497 (dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND
9.1.2 ...)
+CVE-2001-0495 (Directory traversal in DataWizard WebXQ server 1.204 allows
remote ...)
+CVE-2001-0494 (Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly
prior ...)
+CVE-2001-0493 (Small HTTP server 2.03 allows remote attackers to cause a denial
of ...)
+CVE-2001-0489 (Format string vulnerability in gftp prior to 2.0.8 allows remote
...)
+CVE-2001-0488 (pcltotiff in HP-UX 10.x has unnecessary set group id
permissions, ...)
+CVE-2001-0487 (AIX SNMP server snmpd allows remote attackers to cause a denial
of ...)
+CVE-2001-0486 (Remote attackers can cause a denial of service in Novell
BorderManager ...)
+CVE-2001-0485 (Unknown vulnerability in netprint in IRIX 6.2, and possibly
other ...)
+CVE-2001-0482 (Configuration error in Argus PitBull LX allows root users to
bypass ...)
+CVE-2001-0481 (Vulnerability in rpmdrake in Mandrake Linux 8.0 related to
insecure ...)
+CVE-2001-0475 (index.php in Jelsoft vBulletin does not properly initialize a
PHP ...)
+CVE-2001-0474 (Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows
local ...)
+CVE-2001-0473 (Format string vulnerability in Mutt before 1.2.5 allows a remote
...)
+CVE-2001-0469 (rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other
...)
+CVE-2001-0467 (Directory traversal vulnerability in RobTex Viking Web server
before ...)
+CVE-2001-0465 (TurboTax saves passwords in a temporary file when a user imports
...)
+CVE-2001-0463 (Directory traversal vulnerability in cal_make.pl in PerlCal
allows ...)
+CVE-2001-0462 (Directory traversal vulnerability in Perl web server 0.3 and
earlier ...)
+CVE-2001-0461 (template.cgi in Free On-Line Dictionary of Computing (FOLDOC)
allows ...)
+CVE-2001-0457 (man2html before 1.5-22 allows remote attackers to cause a denial
of ...)
+CVE-2001-0456 (postinst installation script for Proftpd in Debian 2.2 does not
...)
+CVE-2001-0455 (Cisco Aironet 340 Series wireless bridge before 8.55 does not
properly ...)
+CVE-2001-0449 (Buffer overflow in WinZip 8.0 allows attackers to execute
arbitrary ...)
+CVE-2001-0444 (Cisco CBOS 2.3.0.053 sends output of the "sh
nat" (aka "show nat") ...)
+CVE-2001-0442 (Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and
...)
+CVE-2001-0440 (Buffer overflow in logging functions of licq before 1.0.3 allows
...)
+CVE-2001-0439 (licq before 1.0.3 allows remote attackers to execute arbitrary
...)
+CVE-2001-0434 (The LogDataListToFile ActiveX function used in (1) Knowledge
Center ...)
+CVE-2001-0430 (Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely
creates ...)
+CVE-2001-0429 (Cisco Catalyst 5000 series switches 6.1(2) and earlier will
forward an ...)
+CVE-2001-0428 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote
...)
+CVE-2001-0427 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote
...)
+CVE-2001-0423 (Buffer overflow in ipcs in Solaris 7 x86 allows local users to
execute ...)
+CVE-2001-0422 (Buffer overflow in Xsun in Solaris 8 and earlier allows local
users to ...)
+CVE-2001-0416 (sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary
files ...)
+CVE-2001-0414 (Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka
xntpd and ...)
+CVE-2001-0413 (BinTec X4000 Access router, and possibly other versions, allows
remote ...)
+CVE-2001-0412 (Cisco Content Services (CSS) switch products 11800 and earlier,
aka ...)
+CVE-2001-0409 (vim (aka gvim) allows local users to modify files being edited
by ...)
+CVE-2001-0408 (vim (aka gvim) processes VIM control codes that are embedded in
a ...)
+CVE-2001-0407 (Directory traversal vulnerability in MySQL before 3.23.36 allows
local ...)
+CVE-2001-0405 (ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows
remote ...)
+CVE-2001-0402 (IPFilter 3.4.16 and earlier does not include sufficient session
...)
+CVE-2001-0394 (Remote manager service in Website Pro 3.0.37 allows remote
attackers ...)
+CVE-2001-0388 (time server daemon timed allows remote attackers to cause a
denial of ...)
+CVE-2001-0387 (Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2
allows ...)
+CVE-2001-0386 (AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a
...)
+CVE-2001-0383 (banners.php in PHP-Nuke 4.4 and earlier allows remote attackers
to ...)
+CVE-2001-0379 (Vulnerability in the newgrp program included with HP9000 servers
...)
+CVE-2001-0378 (readline prior to 4.1, in OpenBSD 2.8 and earlier, creates
history ...)
+CVE-2001-0377 (Infradig Inframail prior to 3.98a allows a remote attacker to
create a ...)
+CVE-2001-0375 (Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa ...)
+CVE-2001-0373 (The default configuration of the Dr. Watson program in Windows
NT and ...)
+CVE-2001-0371 (Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2
and ...)
+CVE-2001-0368 (Directory traversal vulnerability in BearShare 2.2.2 and earlier
...)
+CVE-2001-0366 (saposcol in SAP R/3 Web Application Server Demo before 1.5
trusts the ...)
+CVE-2001-0365 (Eudora before 5.1 allows a remote attacker to execute arbitrary
code, ...)
+CVE-2001-0364 (SSH Communications Security sshd 2.4 for Windows allows remote
...)
+CVE-2001-0361 (Implementations of SSH version 1.5, including (1) OpenSSH up to
...)
+CVE-2001-0353 (Buffer overflow in the line printer daemon (in.lpd) for Solaris
8 and ...)
+CVE-2001-0351 (Microsoft Windows 2000 telnet service allows a local user to
make a ...)
+CVE-2001-0348 (Microsoft Windows 2000 telnet service allows attackers to cause
a ...)
+CVE-2001-0347 (Information disclosure vulnerability in Microsoft Windows 2000
telnet ...)
+CVE-2001-0346 (Handle leak in Microsoft Windows 2000 telnet service allows
attackers ...)
+CVE-2001-0345 (Microsoft Windows 2000 telnet service allows attackers to
prevent idle ...)
+CVE-2001-0344 (An SQL query method in Microsoft SQL Server 2000 Gold and 7.0
using ...)
+CVE-2001-0341 (Buffer overflow in Microsoft Visual Studio RAD Support
sub-component ...)
+CVE-2001-0340 (An interaction between the Outlook Web Access (OWA) service in
...)
+CVE-2001-0339 (Internet Explorer 5.5 and earlier allows remote attackers to
display a ...)
+CVE-2001-0338 (Internet Explorer 5.5 and earlier does not properly validate
digital ...)
+CVE-2001-0336 (The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces
an ...)
+CVE-2001-0335 (FTP service in IIS 5.0 and earlier allows remote attackers to
...)
+CVE-2001-0334 (FTP service in IIS 5.0 and earlier allows remote attackers to
cause a ...)
+CVE-2001-0333 (Directory traversal vulnerability in IIS 5.0 and earlier allows
remote ...)
+CVE-2001-0331 (Buffer overflow in Embedded Support Partner (ESP) daemon
(rpc.espd) in ...)
+CVE-2001-0330 (Bugzilla 2.10 allows remote attackers to access sensitive
information, ...)
+CVE-2001-0327 (iPlanet Web Server Enterprise Edition 4.1 and earlier allows
remote ...)
+CVE-2001-0326 (Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle
...)
+CVE-2001-0321 (opendir.php script in PHP-Nuke allows remote attackers to read
...)
+CVE-2001-0319 (orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote
attackers to ...)
+CVE-2001-0318 (Format string vulnerability in ProFTPD 1.2.0rc2 may allow
attackers to ...)
+CVE-2001-0317 (Race condition in ptrace in Linux kernel 2.4 and 2.2 allows
local ...)
+CVE-2001-0316 (Linux kernel 2.4 and 2.2 allows local users to read kernel
memory and ...)
+CVE-2001-0311 (Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier
allows ...)
+CVE-2001-0310 (sort in FreeBSD 4.1.1 and earlier, and possibly other operating
...)
+CVE-2001-0309 (inetd in Red Hat 6.2 does not properly close sockets for
internal ...)
+CVE-2001-0301 (Buffer overflow in Analog before 4.16 allows remote attackers to
...)
+CVE-2001-0299 (Buffer overflow in Voyager web administration server for Nokia
IP440 ...)
+CVE-2001-0295 (Directory traversal vulnerability in War FTP 1.67.04 allows
remote ...)
+CVE-2001-0290 (Vulnerability in Mailman 2.0.1 and earlier allows list
administrators ...)
+CVE-2001-0289 (Joe text editor 2.8 searches the current working directory (CWD)
for ...)
+CVE-2001-0288 (Cisco switches and routers running IOS 12.1 and earlier produce
...)
+CVE-2001-0287 (VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users
to ...)
+CVE-2001-0284 (Buffer overflow in IPSEC authentication mechanism for OpenBSD
2.8 and ...)
+CVE-2001-0280 (Buffer overflow in MERCUR SMTP server 3.30 allows remote
attackers to ...)
+CVE-2001-0279 (Buffer overflow in sudo earlier than 1.6.3p6 allows local users
to ...)
+CVE-2001-0278 (Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows
local ...)
+CVE-2001-0276 (ext.dll in BadBlue 1.02.07 Personal Edition web server allows
remote ...)
+CVE-2001-0274 (kicq IRC client 1.0.0, and possibly later versions, allows
remote ...)
+CVE-2001-0269 (pam_ldap authentication module in Solaris 8 allows remote
attackers to ...)
+CVE-2001-0268 (NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, allow local
users ...)
+CVE-2001-0267 (NM debug in HP MPE/iX 6.5 and earlier does not properly handle
...)
+CVE-2001-0266 (Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and
earlier ...)
+CVE-2001-0265 (ASCII Armor parser in Windows PGP 7.0.3 and earlier allows
attackers ...)
+CVE-2001-0260 (Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier
allows a ...)
+CVE-2001-0259 (ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow
local ...)
+CVE-2001-0252 (iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote
...)
+CVE-2001-0245 (Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing
Service in ...)
+CVE-2001-0244 (Buffer overflow in Microsoft Index Server 2.0 allows remote
attackers ...)
+CVE-2001-0243 (Windows Media Player 7 and earlier stores Internet shortcuts in
a ...)
+CVE-2001-0241 (Buffer overflow in Internet Printing ISAPI extension in Windows
2000 ...)
+CVE-2001-0240 (Microsoft Word before Word 2002 allows attackers to
automatically ...)
+CVE-2001-0239 (Microsoft Internet Security and Acceleration (ISA) Server 2000
Web ...)
+CVE-2001-0238 (Microsoft Data Access Component Internet Publishing Provider
...)
+CVE-2001-0237 (Memory leak in Microsoft 2000 domain controller allows remote
...)
+CVE-2001-0236 (Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon
allows ...)
+CVE-2001-0235 (Vulnerability in crontab allows local users to read crontab
files of ...)
+CVE-2001-0234 (NewsDaemon before 0.21b allows remote attackers to execute
arbitrary ...)
+CVE-2001-0233 (Buffer overflow in micq client 0.4.6 and earlier allows remote
...)
+CVE-2001-0230 (Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and
possibly ...)
+CVE-2001-0222 (webmin 0.84 and earlier allows local users to overwrite and
create ...)
+CVE-2001-0221 (Buffer overflow in ja-xklock 2.7.1 and earlier allows local
users to ...)
+CVE-2001-0219 (Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX
11.11 ...)
+CVE-2001-0218 (Format string vulnerability in mars_nwe 0.99.pl19 allows remote
attackers to execute arbitrary commands. ...)
+CVE-2001-0215 (ROADS search.pl program allows remote attackers to read
arbitrary ...)
+CVE-2001-0207 (Buffer overflow in bing allows remote attackers to execute
arbitrary ...)
+CVE-2001-0204 (Watchguard Firebox II allows remote attackers to cause a denial
of ...)
+CVE-2001-0203 (Watchguard Firebox II firewall allows users with read-only
access to ...)
+CVE-2001-0197 (Format string vulnerability in print_client in icecast
1.3.8beta2 and ...)
+CVE-2001-0196 (inetd ident server in FreeBSD 4.x and earlier does not properly
set ...)
+CVE-2001-0195 (sash before 3.4-4 in Debian Linux does not properly clone
/etc/shadow, ...)
+CVE-2001-0194 (Buffer overflow in httpGets function in CUPS 1.1.5 allows remote
...)
+CVE-2001-0193 (Format string vulnerability in man in some Linux distributions
allows ...)
+CVE-2001-0191 (gnuserv before 3.12, as shipped with XEmacs, does not properly
check ...)
+CVE-2001-0190 (Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and
...)
+CVE-2001-0189 (Directory traversal vulnerability in LocalWEB2000 HTTP server
allows ...)
+CVE-2001-0187 (Format string vulnerability in wu-ftp 2.6.1 and earlier, when
running ...)
+CVE-2001-0185 (Netopia R9100 router version 4.6 allows authenticated users to
cause a ...)
+CVE-2001-0183 (ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote
attackers to ...)
+CVE-2001-0182 (FireWall-1 4.1 with a limited-IP license allows remote attackers
to ...)
+CVE-2001-0179 (Allaire JRun 3.0 allows remote attackers to list contents of the
...)
+CVE-2001-0178 (kdesu program in KDE2 (KDE before 2.2.0-6) does not properly
verify ...)
+CVE-2001-0176 (The setuid doroot program in Voyant Sonata 3.x executes
arbitrary ...)
+CVE-2001-0175 (The caching module in Netscape Fasttrack Server 4.1 allows
remote ...)
+CVE-2001-0174 (Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows
remote ...)
+CVE-2001-0170 (glibc 2.1.9x and earlier does not properly clear the
RESOLV_HOST_CONF, ...)
+CVE-2001-0169 (When using the LD_PRELOAD environmental variable in SUID or SGID
...)
+CVE-2001-0166 (Macromedia Shockwave Flash plugin version 8 and earlier allows
remote ...)
+CVE-2001-0165 (Buffer overflow in ximp40 shared library in Solaris 7 and
Solaris 8 ...)
+CVE-2001-0164 (Buffer overflow in Netscape Directory Server 4.12 and earlier
allows ...)
+CVE-2001-0157 (Debugging utility in the backdoor mode of Palm OS 3.5.2 and
earlier ...)
+CVE-2001-0156 (VShell SSH gateway 1.0.1 and earlier has a default port
forwarding ...)
+CVE-2001-0155 (Format string vulnerability in VShell SSH gateway 1.0.1 and
earlier ...)
+CVE-2001-0154 (HTML e-mail feature in Internet Explorer 5.5 and earlier allows
...)
+CVE-2001-0153 (Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in
Visual ...)
+CVE-2001-0152 (The password protection option for the Compressed Folders
feature in ...)
+CVE-2001-0151 (IIS 5.0 allows remote attackers to cause a denial of service via
a ...)
+CVE-2001-0150 (Internet Explorer 5.5 and earlier executes Telnet sessions using
...)
+CVE-2001-0149 (Windows Scripting Host in Internet Explorer 5.5 and earlier
allows ...)
+CVE-2001-0148 (The WMP ActiveX Control in Windows Media Player 7 allows remote
...)
+CVE-2001-0147 (Buffer overflow in Windows 2000 event viewer snap-in allows
attackers ...)
+CVE-2001-0144 (CORE SDI SSH1 CRC-32 compensation attack detector allows remote
...)
+CVE-2001-0143 (vpop3d program in linuxconf 1.23r and earlier allows local users
to ...)
+CVE-2001-0142 (squid 2.3 and earlier allows local users to overwrite arbitrary
files ...)
+CVE-2001-0141 (mgetty 1.1.22 allows local users to overwrite arbitrary files
via a ...)
+CVE-2001-0140 (arpwatch 2.1a4 allows local users to overwrite arbitrary files
via a ...)
+CVE-2001-0139 (inn 2.2.3 allows local users to overwrite arbitrary files via a
...)
+CVE-2001-0138 (privatepw program in wu-ftpd before 2.6.1-6 allows local users
to ...)
+CVE-2001-0137 (Windows Media Player 7 allows remote attackers to execute
malicious ...)
+CVE-2001-0136 (Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause
a ...)
+CVE-2001-0130 (Buffer overflow in HTML parser of the Lotus R5 Domino Server
before ...)
+CVE-2001-0129 (Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows
...)
+CVE-2001-0128 (Zope before 2.2.4 does not properly compute local roles, which
could ...)
+CVE-2001-0126 (Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers
to ...)
+CVE-2001-0125 (exmh 2.2 and earlier allows local users to overwrite arbitrary
files ...)
+CVE-2001-0124 (Buffer overflow in exrecover in Solaris 2.6 and earlier possibly
...)
+CVE-2001-0123 (Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0
allows ...)
+CVE-2001-0122 (Kernel leak in AfpaCache module of the Fast Response Cache
Accelerator ...)
+CVE-2001-0121 (ImageCast Control Center 4.1.0 allows remote attackers to cause
a ...)
+CVE-2001-0120 (useradd program in shadow-utils program may allow local users to
...)
+CVE-2001-0119 (getty_ps 2.0.7j allows local users to overwrite arbitrary files
via a ...)
+CVE-2001-0118 (rdist 6.1.5 allows local users to overwrite arbitrary files via
a ...)
+CVE-2001-0117 (sdiff 2.7 in the diffutils package allows local users to
overwrite ...)
+CVE-2001-0116 (gpm 1.19.3 allows local users to overwrite arbitrary files via a
symlink ...)
+CVE-2001-0115 (Buffer overflow in arp command in Solaris 7 and earlier allows
local users ...)
+CVE-2001-0111 (Format string vulnerability in splitvt before 1.6.5 allows local
users ...)
+CVE-2001-0110 (Buffer overflow in jaZip Zip/Jaz drive manager allows local
users to ...)
+CVE-2001-0109 (rctab in SuSE 7.0 and earlier allows local users to create or
overwrite ...)
+CVE-2001-0108 (PHP Apache module 4.0.4 and earlier allows remote attackers to
bypass ...)
+CVE-2001-0106 (Vulnerability in inetd server in HP-UX 11.04 and earlier allows
...)
+CVE-2001-0105 (Vulnerability in top in HP-UX 11.04 and earlier allows local
users to ...)
+CVE-2001-0100 (bslist.cgi mailing list script allows remote attackers to
execute ...)
+CVE-2001-0099 (bsguest.cgi guestbook script allows remote attackers to execute
...)
+CVE-2001-0096 (FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows
remote ...)
+CVE-2001-0095 (catman in Solaris 2.7 and 2.8 allows local users to overwrite
...)
+CVE-2001-0094 (Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 ...)
+CVE-2001-0092 (A function in Internet Explorer 5.0 through 5.5 does not
properly ...)
+CVE-2001-0091 (The ActiveX control for invoking a scriptlet in Internet
Explorer 5.0 ...)
+CVE-2001-0090 (The Print Templates feature in Internet Explorer 5.5 executes
...)
+CVE-2001-0089 (Internet Explorer 5.0 through 5.5 allows remote attackers to
read ...)
+CVE-2001-0085 (Buffer overflow in Kermit communications software in HP-UX 11.0
and ...)
+CVE-2001-0083 (Windows Media Unicast Service in Windows Media Services 4.0 and
4.1 ...)
+CVE-2001-0081 (swinit in nCipher does not properly disable the Operator Card
Set ...)
+CVE-2001-0080 (Cisco Catalyst 6000, 5000, or 4000 switches allow remote
attackers to ...)
+CVE-2001-0078 (in.mond in Sun Cluster 2.x allows local users to read arbitrary
files ...)
+CVE-2001-0077 (The clustmon service in Sun Cluster 2.x does not require ...)
+CVE-2001-0072 (gpg (aka GnuPG) 1.0.4 and other versions imports both public and
...)
+CVE-2001-0071 (gpg (aka GnuPG) 1.0.4 and other versions does not properly
verify detached ...)
+CVE-2001-0069 (dialog before 0.9a-20000118-3bis in Debian Linux allows local
users to ...)
+CVE-2001-0066 (Secure Locate (slocate) allows local users to corrupt memory via
a ...)
+CVE-2001-0063 (procfs in FreeBSD and possibly other operating systems allows
local ...)
+CVE-2001-0062 (procfs in FreeBSD and possibly other operating systems allows
local ...)
+CVE-2001-0061 (procfs in FreeBSD and possibly other operating systems does not
...)
+CVE-2001-0060 (Format string vulnerability in stunnel 3.8 and earlier allows
...)
+CVE-2001-0059 (patchadd in Solaris allows local users to overwrite arbitrary
files ...)
+CVE-2001-0058 (The Web interface to Cisco 600 routers running CBOS 2.4.1 and
earlier ...)
+CVE-2001-0057 (Cisco 600 routers running CBOS 2.4.1 and earlier allow remote
...)
+CVE-2001-0056 (The Cisco Web Management interface in routers running CBOS 2.4.1
and ...)
+CVE-2001-0055 (CBOS 2.4.1 and earlier in Cisco 600 routers allows remote
attackers to ...)
+CVE-2001-0054 (Directory traversal vulnerability in FTP Serv-U before 2.5i
allows ...)
+CVE-2001-0053 (One-byte buffer overflow in replydirname function in BSD-based
ftpd ...)
+CVE-2001-0050 (Buffer overflow in BitchX IRC client allows remote attackers to
cause ...)
+CVE-2001-0043 (phpGroupWare before 0.9.7 allows remote attackers to execute
arbitrary ...)
+CVE-2001-0042 (PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read
...)
+CVE-2001-0041 (Memory leak in Cisco Catalyst 4000, 5000, and 6000 series
switches ...)
+CVE-2001-0040 (APC UPS daemon, apcupsd, saves its process ID in a
world-writable ...)
+CVE-2001-0039 (IPSwitch IMail 6.0.5 allows remote attackers to cause a denial
of ...)
+CVE-2001-0036 (KTH Kerberos IV allows local users to overwrite arbitrary files
via a ...)
+CVE-2001-0035 (Buffer overflow in the kdc_reply_cipher function in KTH Kerberos
IV ...)
+CVE-2001-0034 (KTH Kerberos IV allows local users to specify an alternate proxy
using ...)
+CVE-2001-0033 (KTH Kerberos IV allows local users to change the configuration
of a ...)
+CVE-2001-0028 (Buffer overflow in the HTML parsing code in oops WWW proxy
server 1.5.2 ...)
+CVE-2001-0026 (rp-pppoe PPPoE client allows remote attackers to cause a denial
of service ...)
+CVE-2001-0021 (MailMan Webmail 3.0.25 and earlier allows remote attackers to
execute ...)
+CVE-2001-0020 (Directory traversal vulnerability in Arrowpoint (aka Cisco
Content ...)
+CVE-2001-0018 (Windows 2000 domain controller in Windows 2000 Server, Advanced
...)
+CVE-2001-0017 (Memory leak in PPTP server in Windows NT 4.0 allows remote
attackers ...)
+CVE-2001-0016 (NTLM Security Support Provider (NTLMSSP) service does not
properly ...)
+CVE-2001-0015 (Network Dynamic Data Exchange (DDE) in Windows 2000 allows local
users ...)
+CVE-2001-0014 (Remote Data Protocol (RDP) in Windows 2000 Terminal Service does
not ...)
+CVE-2001-0013 (Format string vulnerability in nslookupComplain function in BIND
4 ...)
+CVE-2001-0012 (BIND 4 and BIND 8 allow remote attackers to access sensitive
...)
+CVE-2001-0011 (Buffer overflow in nslookupComplain function in BIND 4 allows
remote ...)
+CVE-2001-0010 (Buffer overflow in transaction signature (TSIG) handling code in
BIND ...)
+CVE-2001-0009 (Directory traversal vulnerability in Lotus Domino 5.0.5 web
server ...)
+CVE-2001-0008 (Backdoor account in Interbase database server allows remote
attackers ...)
+CVE-2001-0007 (Buffer overflow in NetScreen Firewall WebUI allows remote
attackers to ...)
+CVE-2001-0006 (The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has
...)
+CVE-2001-0005 (Buffer overflow in the parsing mechanism of the file loader in
...)
+CVE-2001-0004 (IIS 5.0 and 4.0 allows remote attackers to read the source code
for ...)
+CVE-2001-0003 (Web Extender Client (WEC) in Microsoft Office 2000, Windows
2000, and ...)
+CVE-2001-0002 (Internet Explorer 5.5 and earlier allows remote attackers to
obtain ...)
+CVE-2001-0001 (cookiedecode function in PHP-Nuke 4.4 allows users to bypass
...)
+CVE-2000-1212 (Zope 2.2.0 through 2.2.4 does not properly protect a data
updating ...)
+CVE-2000-1211 (Zope 2.2.0 through 2.2.4 does not properly perform security ...)
+CVE-2000-1210 (Directory traversal vulnerability in source.jsp of Apache Tomcat
...)
+CVE-2000-1203 (Lotus Domino SMTP server 4.63 through 5.08 allows remote
attackers to ...)
+CVE-2000-1200 (Windows NT allows remote attackers to list all users in a domain
by ...)
+CVE-2000-1196 (PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2
allows ...)
+CVE-2000-1195 (telnet daemon (telnetd) from the Linux netkit package before
...)
+CVE-2000-1193 (Performance Metrics Collector Daemon (PMCD) in Performance
Copilot in ...)
+CVE-2000-1190 (imwheel-solo in imwheel package allows local users to modify
arbitrary ...)
+CVE-2000-1189 (Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x
and ...)
+CVE-2000-1187 (Buffer overflow in the HTML parser for Netscape 4.75 and earlier
allows ...)
+CVE-2000-1184 (telnetd in FreeBSD 4.2 and earlier, and possibly other operating
...)
+CVE-2000-1182 (WatchGuard Firebox II allows remote attackers to cause a denial
of ...)
+CVE-2000-1181 (Real Networks RealServer 7 and earlier allows remote attackers
to ...)
+CVE-2000-1180 (Buffer overflow in cmctl program in Oracle 8.1.5 Connection
Manager Control ...)
+CVE-2000-1179 (Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers
to ...)
+CVE-2000-1178 (Joe text editor follows symbolic links when creating a rescue
copy ...)
+CVE-2000-1174 (Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13
and ...)
+CVE-2000-1171 (Directory traversal vulnerability in cgiforum.pl script in
CGIForum 1.0 ...)
+CVE-2000-1170 (Buffer overflow in Netsnap webcam HTTP server before 1.2.9
allows ...)
+CVE-2000-1169 (OpenSSH SSH client before 2.3.0 does not properly disable X11 or
agent ...)
+CVE-2000-1167 (ppp utility in FreeBSD 4.1.1 and earlier does not properly
restrict ...)
+CVE-2000-1166 (Twig webmail system does not properly set the
"vhosts" variable if it ...)
+CVE-2000-1165 (Balabit syslog-ng allows remote attackers to cause a denial of
service ...)
+CVE-2000-1164 (WinVNC installs the WinVNC3 registry key with permissions that
give ...)
+CVE-2000-1163 (ghostscript before 5.10-16 uses an empty LD_RUN_PATH
environmental ...)
+CVE-2000-1162 (ghostscript before 5.10-16 allows local users to overwrite files
of ...)
+CVE-2000-1149 (Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal
Server ...)
+CVE-2000-1148 (The installation of VolanoChatPro chat server sets
world-readable ...)
+CVE-2000-1146 (Recourse ManTrap 1.6 allows attackers to cause a denial of
service via ...)
+CVE-2000-1145 (Recourse ManTrap 1.6 allows attackers who have gained root
access to ...)
+CVE-2000-1144 (Recourse ManTrap 1.6 sets up a chroot environment to hide the
fact ...)
+CVE-2000-1143 (Recourse ManTrap 1.6 hides the first 4 processes that run on a
Solaris ...)
+CVE-2000-1142 (Recourse ManTrap 1.6 generates an error when an attacker
cd''s to ...)
+CVE-2000-1141 (Recourse ManTrap 1.6 modifies the kernel so that
".." does not appear ...)
+CVE-2000-1140 (Recourse ManTrap 1.6 does not properly hide processes from
attackers, ...)
+CVE-2000-1139 (The installation of Microsoft Exchange 2000 before Rev. A
creates a ...)
+CVE-2000-1137 (GNU ed before 0.2-18.1 allows local users to overwrite the files
of ...)
+CVE-2000-1136 (elvis-tiny before 1.4-10 in Debian Linux, and possibly other
Linux ...)
+CVE-2000-1135 (fshd (fsh daemon) in Debian Linux allows local users to
overwrite ...)
+CVE-2000-1132 (DCForum cgforum.cgi CGI script allows remote attackers to read
...)
+CVE-2000-1131 (Bill Kendrick web site guestbook (GBook) allows remote attackers
to ...)
+CVE-2000-1124 (Buffer overflow in piobe command in IBM AIX 4.3.x allows local
users ...)
+CVE-2000-1123 (Buffer overflow in pioout command in IBM AIX 4.3.x and earlier
may ...)
+CVE-2000-1122 (Buffer overflow in setclock command in IBM AIX 4.3.x and earlier
may ...)
+CVE-2000-1121 (Buffer overflow in enq command in IBM AIX 4.3.x and earlier may
allow ...)
+CVE-2000-1120 (Buffer overflow in digest command in IBM AIX 4.3.x and earlier
...)
+CVE-2000-1119 (Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier
allows ...)
+CVE-2000-1115 (Buffer overflow in remote web administration component
(webprox.dll) ...)
+CVE-2000-1113 (Buffer overflow in Microsoft Windows Media Player allows remote
...)
+CVE-2000-1112 (Microsoft Windows Media Player 7 executes scripts in custom skin
...)
+CVE-2000-1111 (Telnet Service for Windows 2000 Professional does not properly
...)
+CVE-2000-1109 (Midnight Commander (mc) 4.5.51 and earlier does not properly
process ...)
+CVE-2000-1108 (cons.saver in Midnight Commander (mc) 4.5.42 and earlier does
not ...)
+CVE-2000-1107 (in.identd ident server in SuSE Linux 6.x and 7.0 allows remote
...)
+CVE-2000-1106 (Trend Micro InterScan VirusWall creates an
"Intscan" share to the ...)
+CVE-2000-1101 (Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00
and ...)
+CVE-2000-1099 (Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05
and ...)
+CVE-2000-1097 (The web server for the SonicWALL SOHO firewall allows remote
attackers ...)
+CVE-2000-1096 (crontab by Paul Vixie uses predictable file names for a
temporary file ...)
+CVE-2000-1095 (modprobe in the modutils 2.3.x package on Linux systems allows a
local ...)
+CVE-2000-1094 (Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229
allows ...)
+CVE-2000-1089 (Buffer overflow in Microsoft Phone Book Service allows local
users to ...)
+CVE-2000-1080 (Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote
attackers ...)
+CVE-2000-1077 (Buffer overflow in the SHTML logging functionality of iPlanet
Web ...)
+CVE-2000-1075 (Directory traversal vulnerability in iPlanet Certificate
Management ...)
+CVE-2000-1074 (csstart program in iCal 2.1 Patch 2 uses relative pathnames to
install ...)
+CVE-2000-1073 (csstart program in iCal 2.1 Patch 2 searches for the cshttpd
program ...)
+CVE-2000-1072 (iCal 2.1 Patch 2 installs many files with world-writeable
permissions, ...)
+CVE-2000-1071 (The GUI installation for iCal 2.1 Patch 2 disables access
control for ...)
+CVE-2000-1070 (pollit.cgi in Poll It 2.01 and earlier uses data files that are
...)
+CVE-2000-1069 (pollit.cgi in Poll It 2.01 and earlier allows remote attackers
to ...)
+CVE-2000-1068 (pollit.cgi in Poll It 2.0 allows remote attackers to execute
arbitrary ...)
+CVE-2000-1061 (Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x
allows ...)
+CVE-2000-1060 (The default configuration of XFCE 3.5.1 bypasses the Xauthority
access ...)
+CVE-2000-1059 (The default configuration of the Xsession file in Mandrake Linux
7.1 ...)
+CVE-2000-1058 (Buffer overflow in OverView5 CGI program in HP OpenView Network
Node ...)
+CVE-2000-1057 (Vulnerabilities in database configuration scripts in HP OpenView
...)
+CVE-2000-1056 (CiscoSecure ACS Server 2.4(2) and earlier allows remote
attackers to ...)
+CVE-2000-1055 (Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier
allows ...)
+CVE-2000-1054 (Buffer overflow in CSAdmin module in CiscoSecure ACS Server
2.4(2) and ...)
+CVE-2000-1051 (Directory traversal vulnerability in Allaire JRun 2.3 server
allows ...)
+CVE-2000-1050 (Allaire JRun 3.0 http servlet server allows remote attackers to
...)
+CVE-2000-1049 (Allaire JRun 3.0 http servlet server allows remote attackers to
cause ...)
+CVE-2000-1047 (Buffer overflow in SMTP service of Lotus Domino 5.0.4 and
earlier ...)
+CVE-2000-1045 (nss_ldap earlier than 121, when run with nscd (name service
caching ...)
+CVE-2000-1044 (Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and
...)
+CVE-2000-1043 (Format string vulnerability in ypserv in Mandrake Linux 7.1 and
...)
+CVE-2000-1042 (Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and
...)
+CVE-2000-1041 (Buffer overflow in ypbind 3.3 possibly allows an attacker to
gain root ...)
+CVE-2000-1040 (Format string vulnerability in logging function of ypbind 3.3,
while ...)
+CVE-2000-1038 (The web administration interface for IBM AS/400 Firewall allows
remote ...)
+CVE-2000-1036 (Directory traversal vulnerability in Extent RBS ISP web server
allows ...)
+CVE-2000-1034 (Buffer overflow in the System Monitor ActiveX control in Windows
2000 ...)
+CVE-2000-1032 (The client authentication interface for Check Point Firewall-1
4.0 and ...)
+CVE-2000-1031 (Buffer overflow in dtterm in HP-UX 11.0 allows a local user to
gain ...)
+CVE-2000-1027 (Cisco Secure PIX Firewall 5.2(2) allows remote attackers to
determine ...)
+CVE-2000-1026 (Multiple buffer overflows in LBNL tcpdump allows remote
attackers to ...)
+CVE-2000-1024 (eWave ServletExec 3.0C and earlier does not restrict access to
the ...)
+CVE-2000-1022 (The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and
earlier ...)
+CVE-2000-1019 (Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search)
allows ...)
+CVE-2000-1018 (shred 1.0 file wiping utility does not properly open a file for
...)
+CVE-2000-1016 (The default configuration of Apache (httpd.conf) on SuSE 6.4
includes ...)
+CVE-2000-1014 (Format string vulnerability in the search97.cgi CGI script in
SCO help ...)
+CVE-2000-1011 (Buffer overflow in catopen() function in FreeBSD 5.0 and
earlier, and ...)
+CVE-2000-1010 (Format string vulnerability in talkd in OpenBSD and possibly
other ...)
+CVE-2000-1007 (I-gear 3.5.7 and earlier does not properly process log entries
in ...)
+CVE-2000-1006 (Microsoft Exchange Server 5.5 does not properly handle a MIME
header ...)
+CVE-2000-1005 (Directory traversal vulnerability in html_web_store.cgi and ...)
+CVE-2000-1004 (Format string vulnerability in OpenBSD photurisd allows local
users to ...)
+CVE-2000-1003 (NETBIOS client in Windows 95 and Windows 98 allows a remote
attacker ...)
+CVE-2000-1002 (POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different
error ...)
+CVE-2000-1001 (add_2_basket.asp in Element InstantShop allows remote attackers
to ...)
+CVE-2000-1000 (Format string vulnerability in AOL Instant Messenger (AIM)
4.1.2010 ...)
+CVE-2000-0996 (Format string vulnerability in OpenBSD su program (and possibly
other ...)
+CVE-2000-0995 (Format string vulnerability in OpenBSD yp_passwd program (and
possibly ...)
+CVE-2000-0994 (Format string vulnerability in OpenBSD fstat program (and
possibly ...)
+CVE-2000-0993 (Format string vulnerability in pw_error function in BSD libutil
...)
+CVE-2000-0992 (Directory traversal vulnerability in scp in sshd 1.2.xx allows a
...)
+CVE-2000-0991 (Buffer overflow in Hilgraeve, Inc. HyperTerminal client on
Windows 98, ...)
+CVE-2000-0990 (cmd5checkpw 0.21 and earlier allows remote attackers to cause a
denial ...)
+CVE-2000-0989 (Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP
service ...)
+CVE-2000-0984 (The HTTP server in Cisco IOS 12.0 through 12.1 allows local
users to ...)
+CVE-2000-0983 (Microsoft NetMeeting with Remote Desktop Sharing enabled allows
remote ...)
+CVE-2000-0982 (Internet Explorer before 5.5 forwards cached user credentials
for a ...)
+CVE-2000-0981 (MySQL Database Engine uses a weak authentication method which
leaks ...)
+CVE-2000-0980 (NMPI (Name Management Protocol on IPX) listener in Microsoft
NWLink ...)
+CVE-2000-0979 (File and Print Sharing service in Windows 95, Windows 98, and
Windows ...)
+CVE-2000-0978 (bbd server in Big Brother System and Network Monitor before
1.5c2 ...)
+CVE-2000-0977 (mailfile.cgi CGI program in MailFile 1.10 allows remote
attackers to ...)
+CVE-2000-0976 (Buffer overflow in xlib in XFree 3.3.x possibly allows local
users to ...)
+CVE-2000-0975 (Directory traversal vulnerability in apexec.pl in Anaconda
Foundation ...)
+CVE-2000-0974 (GnuPG (gpg) 1.0.3 does not properly check all signatures of a
file ...)
+CVE-2000-0973 (Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl
earlier ...)
+CVE-2000-0972 (HP-UX 11.00 crontab allows local users to read arbitrary files
via the ...)
+CVE-2000-0970 (IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for
secure ...)
+CVE-2000-0969 (Format string vulnerability in Half Life dedicated server build
3104 ...)
+CVE-2000-0968 (Buffer overflow in Half Life dedicated server before build 3104
allows ...)
+CVE-2000-0967 (PHP 3 and 4 do not properly cleanse user-injected format
strings, ...)
+CVE-2000-0966 (Buffer overflows in lpspooler in the fileset
PrinterMgmt.LP-SPOOL of ...)
+CVE-2000-0965 (The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX
VVOS ...)
+CVE-2000-0964 (Buffer overflow in the web administration service for the HiNet
LP5100 ...)
+CVE-2000-0962 (The IPSEC implementation in OpenBSD 2.7 does not properly handle
empty ...)
+CVE-2000-0961 (Buffer overflow in IMAP server in Netscape Messaging Server 4.15
Patch ...)
+CVE-2000-0960 (The POP3 server in Netscape Messaging Server 4.15p1 generates
...)
+CVE-2000-0959 (glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG
...)
+CVE-2000-0958 (HotJava Browser 3.0 allows remote attackers to access the DOM of
a web ...)
+CVE-2000-0957 (The pluggable authentication module for msql (pam_mysql) before
0.4.7 ...)
+CVE-2000-0956 (cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly
verify ...)
+CVE-2000-0953 (Shambala Server 4.5 allows remote attackers to cause a denial of
...)
+CVE-2000-0952 (global.cgi CGI program in Global 3.55 and earlier on NetBSD
allows ...)
+CVE-2000-0951 (A misconfiguration in IIS 5.0 with Index Server enabled and the
Index ...)
+CVE-2000-0949 (Heap overflow in savestr function in LBNL traceroute 1.4a5 and
earlier ...)
+CVE-2000-0948 (GnoRPM before 0.95 allows local users to modify arbitrary files
via a ...)
+CVE-2000-0947 (Format string vulnerability in cfd daemon in GNU CFEngine before
...)
+CVE-2000-0946 (Compaq Easy Access Keyboard software 1.3 does not properly
disable ...)
+CVE-2000-0945 (The web configuration interface for Catalyst 3500 XL switches
allows ...)
+CVE-2000-0944 (CGI Script Center News Update 1.1 does not properly validate the
...)
+CVE-2000-0943 (Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote
attackers ...)
+CVE-2000-0942 (The CiWebHitsFile component in Microsoft Indexing Services for
Windows ...)
+CVE-2000-0941 (Kootenay Web KW Whois 1.0 CGI program allows remote attackers to
...)
+CVE-2000-0938 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a
...)
+CVE-2000-0937 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log
login ...)
+CVE-2000-0936 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the
...)
+CVE-2000-0935 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local
users ...)
+CVE-2000-0934 (Glint in Red Hat Linux 5.2 allows local users to overwrite
arbitrary ...)
+CVE-2000-0933 (The Input Method Editor (IME) in the Simplified Chinese version
of ...)
+CVE-2000-0932 (MAILsweeper for SMTP 3.x does not properly handle corrupt CDA
...)
+CVE-2000-0930 (Pegasus Mail 3.12 allows remote attackers to read arbitrary
files via ...)
+CVE-2000-0929 (Microsoft Windows Media Player 7 allows attackers to cause a
denial of ...)
+CVE-2000-0928 (WQuinn QuotaAdvisor 4.1 allows users to list directories and
files by ...)
+CVE-2000-0927 (WQuinn QuotaAdvisor 4.1 does not properly record file sizes if
they ...)
+CVE-2000-0926 (SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows
remote ...)
+CVE-2000-0925 (The default installation of SmartWin CyberOffice Shopping Cart 2
(aka ...)
+CVE-2000-0924 (Directory traversal vulnerability in search.cgi CGI script in
Armada ...)
+CVE-2000-0923 (authenticate.cgi CGI program in Aplio PRO allows remote
attackers to ...)
+CVE-2000-0922 (Directory traversal vulnerability in Bytes Interactive Web
Shopper ...)
+CVE-2000-0921 (Directory traversal vulnerability in Hassan Consulting shop.cgi
...)
+CVE-2000-0920 (Directory traversal vulnerability in BOA web server 0.94.8.2 and
...)
+CVE-2000-0919 (Directory traversal vulnerability in PHPix Photo Album 1.0.2 and
...)
+CVE-2000-0917 (Format string vulnerability in use_syslog() function in LPRng
3.6.24 ...)
+CVE-2000-0915 (fingerd in FreeBSD 4.1.1 allows remote attackers to read
arbitrary ...)
+CVE-2000-0914 (OpenBSD 2.6 and earlier allows remote attackers to cause a
denial of ...)
+CVE-2000-0913 (mod_rewrite in Apache 1.3.12 and earlier allows remote attackers
to ...)
+CVE-2000-0912 (MultiHTML CGI script allows remote attackers to read arbitrary
files ...)
+CVE-2000-0911 (IMP 2.2 and earlier allows attackers to read and delete
arbitrary ...)
+CVE-2000-0910 (Horde library 1.02 allows attackers to execute arbitrary
commands via ...)
+CVE-2000-0909 (Buffer overflow in the automatic mail checking component of Pine
4.21 ...)
+CVE-2000-0908 (BrowseGate 2.80 allows remote attackers to cause a denial of
service ...)
+CVE-2000-0901 (Format string vulnerability in screen 3.9.5 and earlier allows
local ...)
+CVE-2000-0900 (Directory traversal vulnerability in ssi CGI program in thttpd
2.19 ...)
+CVE-2000-0897 (Small HTTP Server 2.03 and earlier allows remote attackers to
cause a ...)
+CVE-2000-0896 (WatchGuard SOHO firewall allows remote attackers to cause a
denial of ...)
+CVE-2000-0895 (Buffer overflow in HTTP server on the WatchGuard SOHO firewall
allows ...)
+CVE-2000-0894 (HTTP server on the WatchGuard SOHO firewall does not properly
restrict ...)
+CVE-2000-0892 (Some telnet clients allow remote telnet servers to request
environment ...)
+CVE-2000-0891 (A default ECL in Lotus Notes before 5.02 allows remote attackers
to ...)
+CVE-2000-0890 (periodic in FreeBSD 4.1.1 and earlier, and possibly other
operating ...)
+CVE-2000-0888 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to
cause a ...)
+CVE-2000-0887 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to
cause a ...)
+CVE-2000-0886 (IIS 5.0 allows remote attackers to execute arbitrary commands
via a ...)
+CVE-2000-0884 (IIS 4.0 and 5.0 allows remote attackers to read documents
outside of ...)
+CVE-2000-0883 (The default configuration of mod_perl for Apache as installed on
...)
+CVE-2000-0878 (The mailto CGI script allows remote attacker to execute
arbitrary ...)
+CVE-2000-0877 (mailform.pl CGI script in MailForm 2.0 allows remote attackers
to read ...)
+CVE-2000-0876 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain
the ...)
+CVE-2000-0875 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a
...)
+CVE-2000-0874 (Eudora mail client includes the absolute path of the
sender''s host ...)
+CVE-2000-0873 (netstat in AIX 4.x.x does not properly restrict access to the
-Zi ...)
+CVE-2000-0871 (Buffer overflow in EFTP allows remote attackers to cause a
denial of ...)
+CVE-2000-0870 (Buffer overflow in EFTP allows remote attackers to cause a
denial of ...)
+CVE-2000-0869 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4
enables ...)
+CVE-2000-0868 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4
allows ...)
+CVE-2000-0867 (Kernel logging daemon (klogd) in Linux does not properly cleanse
...)
+CVE-2000-0865 (Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00
allows ...)
+CVE-2000-0864 (Race condition in the creation of a Unix domain socket in GNOME
esound ...)
+CVE-2000-0863 (Buffer overflow in listmanager earlier than 2.105.1 allows local
users ...)
+CVE-2000-0862 (Vulnerability in an administrative interface utility for Allaire
...)
+CVE-2000-0861 (Mailman 1.1 allows list administrators to execute arbitrary
commands ...)
+CVE-2000-0860 (The file upload capability in PHP versions 3 and 4 allows remote
...)
+CVE-2000-0859 (The web configuration server for NTMail V5 and V6 allows remote
...)
+CVE-2000-0858 (Vulnerability in Microsoft Windows NT 4.0 allows remote
attackers to ...)
+CVE-2000-0856 (Buffer overflow in SunFTP build 9(1) allows remote attackers to
cause ...)
+CVE-2000-0854 (When a Microsoft Office 2000 document is launched, the directory
of ...)
+CVE-2000-0853 (YaBB Bulletin Board 9.1.2000 allows remote attackers to read
arbitrary ...)
+CVE-2000-0852 (Multiple buffer overflows in eject on FreeBSD and possibly other
OSes ...)
+CVE-2000-0851 (Buffer overflow in the Still Image Service in Windows 2000
allows local ...)
+CVE-2000-0850 (Netegrity SiteMinder before 4.11 allows remote attackers to
bypass ...)
+CVE-2000-0849 (Race condition in Microsoft Windows Media server allows remote
attackers ...)
+CVE-2000-0848 (Buffer overflow in IBM WebSphere web application server (WAS)
allows ...)
+CVE-2000-0847 (Buffer overflow in University of Washington c-client library
(used by ...)
+CVE-2000-0846 (Buffer overflow in Darxite 0.4 and earlier allows a remote
attacker to ...)
+CVE-2000-0844 (Some functions that implement the locale subsystem on Unix do
not ...)
+CVE-2000-0839 (WinCOM LPD 1.00.90 allows remote attackers to cause a denial of
...)
+CVE-2000-0838 (Fastream FUR HTTP server 1.0b allows remote attackers to cause a
...)
+CVE-2000-0837 (FTP Serv-U 2.5e allows remote attackers to cause a denial of
service ...)
+CVE-2000-0834 (The Windows 2000 telnet client attempts to perform NTLM
authentication ...)
+CVE-2000-0830 (annclist.exe in webTV for Windows allows remote attackers to
cause a ...)
+CVE-2000-0829 (The tmpwatch utility in Red Hat Linux forks a new process for
each ...)
+CVE-2000-0825 (Ipswitch Imail 6.0 allows remote attackers to cause a denial of
...)
+CVE-2000-0824 (The unsetenv function in glibc 2.1.1 does not properly unset an
...)
+CVE-2000-0818 (The default installation for the Oracle listener program 7.3.4,
8.0.6, ...)
+CVE-2000-0816 (Linux tmpwatch --fuser option allows local users to execute
arbitrary ...)
+CVE-2000-0813 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote
attackers ...)
+CVE-2000-0811 (Auction Weaver 1.0 through 1.04 allows remote attackers to read
...)
+CVE-2000-0810 (Auction Weaver 1.0 through 1.04 does not properly validate the
names ...)
+CVE-2000-0809 (Buffer overflow in Getkey in the protocol checker in the
inter-module ...)
+CVE-2000-0808 (The seed generation mechanism in the inter-module S/Key
authentication ...)
+CVE-2000-0807 (The OPSEC communications authentication mechanism (fwn1) in
Check ...)
+CVE-2000-0806 (The inter-module authentication mechanism (fwa1) in Check Point
...)
+CVE-2000-0805 (Check Point VPN-1/FireWall-1 4.1 and earlier improperly
retransmits ...)
+CVE-2000-0804 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote
attackers ...)
+CVE-2000-0803 (GNU Groff uses the current working directory to find a device
...)
+CVE-2000-0799 (inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows
local ...)
+CVE-2000-0797 (Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local
users to ...)
+CVE-2000-0796 (Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users
to ...)
+CVE-2000-0795 (Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users
to ...)
+CVE-2000-0792 (Gnome Lokkit firewall package before 0.41 does not properly
restrict ...)
+CVE-2000-0790 (The web-based folder display capability in Microsoft Internet
Explorer ...)
+CVE-2000-0788 (The Mail Merge tool in Microsoft Word does not prompt the user
before ...)
+CVE-2000-0787 (IRC Xchat client versions 1.4.2 and earlier allows remote
attackers to ...)
+CVE-2000-0786 (GNU userv 1.0.0 and earlier does not properly perform file
descriptor ...)
+CVE-2000-0783 (Watchguard Firebox II allows remote attackers to cause a denial
of ...)
+CVE-2000-0782 (netauth.cgi program in Netwin Netauth 4.2e and earlier allows
remote ...)
+CVE-2000-0781 (uagentsetup in ARCServeIT Client Agent 6.62 does not properly
check ...)
+CVE-2000-0780 (The web server in IPSWITCH IMail 6.04 and earlier allows remote
...)
+CVE-2000-0779 (Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows
remote ...)
+CVE-2000-0778 (IIS 5.0 allows remote attackers to obtain source code for .ASP
files ...)
+CVE-2000-0777 (The password protection feature of Microsoft Money can store the
...)
+CVE-2000-0776 (Mediahouse Statistics Server 5.02x allows remote attackers to
execute ...)
+CVE-2000-0773 (Bajie HTTP web server 0.30a allows remote attackers to read
arbitrary ...)
+CVE-2000-0771 (Microsoft Windows 2000 allows local users to cause a denial of
service ...)
+CVE-2000-0770 (IIS 4.0 and 5.0 does not properly restrict access to certain
types of ...)
+CVE-2000-0768 (A function in Internet Explorer 4.x and 5.x does not properly
verify ...)
+CVE-2000-0767 (The ActiveX control for invoking a scriptlet in Internet
Explorer 4.x ...)
+CVE-2000-0766 (Buffer overflow in vqSoft vqServer 1.4.49 allows remote
attackers to ...)
+CVE-2000-0765 (Buffer overflow in the HTML interpreter in Microsoft Office 2000
...)
+CVE-2000-0764 (Intel Express 500 series switches allow a remote attacker to
cause a ...)
+CVE-2000-0763 (xlockmore and xlockf do not properly cleanse user-injected
format ...)
+CVE-2000-0762 (The default installation of eTrust Access Control (formerly
SeOS) uses ...)
+CVE-2000-0761 (OS2/Warp 4.5 FTP server allows remote attackers to cause a
denial of ...)
+CVE-2000-0758 (The web interface for Lyris List Manager 3 and 4 allows list
...)
+CVE-2000-0754 (Vulnerability in HP OpenView Network Node Manager (NMM) version
6.1 ...)
+CVE-2000-0753 (The Microsoft Outlook mail client identifies the physical path
of the ...)
+CVE-2000-0751 (mopd (Maintenance Operations Protocol loader daemon) does not
properly ...)
+CVE-2000-0750 (Buffer overflow in mopd (Maintenance Operations Protocol loader
...)
+CVE-2000-0749 (Buffer overflow in the Linux binary compatibility module in
FreeBSD ...)
+CVE-2000-0747 (The logrotate script for OpenLDAP before 1.2.11 in Conectiva
...)
+CVE-2000-0745 (admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke
...)
+CVE-2000-0744 (DEPRECATED. This entry has been deprecated. It is a duplicate
of ...)
+CVE-2000-0743 (Buffer overflow in University of Minnesota (UMN) gopherd 2.x
allows ...)
+CVE-2000-0742 (The IPX protocol implementation in Microsoft Windows 95 and 98
allows ...)
+CVE-2000-0741 (Format string vulnerability in strong.exe program in NAI Net
Tools PKI ...)
+CVE-2000-0740 (Buffer overflow in strong.exe program in NAI Net Tools PKI
server 1.0 ...)
+CVE-2000-0739 (Directory traversal vulnerability in strong.exe program in NAI
Net ...)
+CVE-2000-0738 (WebShield SMTP 4.5 allows remote attackers to cause a denial of
...)
+CVE-2000-0737 (The Service Control Manager (SCM) in Windows 2000 creates
predictable ...)
+CVE-2000-0733 (Telnetd telnet server in IRIX 5.2 through 6.1 does not properly
cleans ...)
+CVE-2000-0732 (Worm HTTP server allows remote attackers to cause a denial of
service ...)
+CVE-2000-0731 (Directory traversal vulnerability in Worm HTTP server allows
remote ...)
+CVE-2000-0730 (Vulnerability in newgrp command in HP-UX 11.0 allows local users
to ...)
+CVE-2000-0729 (FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial
of ...)
+CVE-2000-0728 (xpdf PDF viewer client earlier than 0.91 allows local users to
...)
+CVE-2000-0727 (xpdf PDF viewer client earlier than 0.91 does not properly
launch a ...)
+CVE-2000-0726 (CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows
remote ...)
+CVE-2000-0725 (Zope before 2.2.1 does not properly restrict access to the
getRoles ...)
+CVE-2000-0720 (news.cgi in GWScripts News Publisher does not properly
authenticate ...)
+CVE-2000-0718 (A race condition in MandrakeUpdate allows local users to modify
RPM ...)
+CVE-2000-0717 (GoodTech FTP server allows remote attackers to cause a denial of
...)
+CVE-2000-0716 (WorldClient email client in MDaemon 2.8 includes the session ID
in the ...)
+CVE-2000-0712 (Linux Intrusion Detection System (LIDS) 0.9.7 allows local users
to ...)
+CVE-2000-0711 (Netscape Communicator does not properly prevent a ServerSocket
object ...)
+CVE-2000-0708 (Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0
allows ...)
+CVE-2000-0707 (PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs
the ...)
+CVE-2000-0706 (Buffer overflows in ntop running in web mode allows remote
attackers ...)
+CVE-2000-0705 (ntop running in web mode allows remote attackers to read
arbitrary ...)
+CVE-2000-0703 (suidperl (aka sperl) does not properly cleanse the escape
sequence ...)
+CVE-2000-0702 (The net.init rc script in HP-UX 11.00 (S008net.init) allows
local ...)
+CVE-2000-0700 (Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit
...)
+CVE-2000-0699 (Format string vulnerability in ftpd in HP-UX 10.20 allows remote
...)
+CVE-2000-0698 (Minicom 1.82.1 and earlier on some Linux systems allows local
users to ...)
+CVE-2000-0694 (pgxconfig in the Raptor GFX configuration tool allows local
users to ...)
+CVE-2000-0693 (pgxconfig in the Raptor GFX configuration tool uses a relative
path ...)
+CVE-2000-0685 (BEA WebLogic 5.1.x does not properly restrict access to the ...)
+CVE-2000-0684 (BEA WebLogic 5.1.x does not properly restrict access to the ...)
+CVE-2000-0683 (BEA WebLogic 5.1.x allows remote attackers to read source code
for ...)
+CVE-2000-0682 (BEA WebLogic 5.1.x allows remote attackers to read source code
for ...)
+CVE-2000-0681 (Buffer overflow in BEA WebLogic server proxy plugin allows
remote ...)
+CVE-2000-0679 (The CVS 1.10.8 client trusts pathnames that are provided by the
CVS ...)
+CVE-2000-0678 (PGP 5.5.x through 6.5.3 does not properly check if an Additional
...)
+CVE-2000-0677 (Buffer overflow in IBM Net.Data db2www CGI program allows remote
...)
+CVE-2000-0676 (Netscape Communicator and Navigator 4.04 through 4.74 allows
remote ...)
+CVE-2000-0675 (Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows
remote ...)
+CVE-2000-0674 (ftp.pl CGI program for Virtual Visions FTP browser allows remote
...)
+CVE-2000-0673 (The NetBIOS Name Server (NBNS) protocol does not perform ...)
+CVE-2000-0672 (The default configuration of Jakarta Tomcat does not restrict
access ...)
+CVE-2000-0671 (Roxen web server earlier than 2.0.69 allows allows remote
attackers to ...)
+CVE-2000-0670 (The cvsweb CGI script in CVSWeb 1.80 allows remote attackers
with ...)
+CVE-2000-0669 (Novell NetWare 5.0 allows remote attackers to cause a denial of
...)
+CVE-2000-0668 (pam_console PAM module in Linux systems allows a user to access
the ...)
+CVE-2000-0666 (rpc.statd in the nfs-utils package in various Linux
distributions does ...)
+CVE-2000-0665 (GAMSoft TelSrv telnet server 1.5 and earlier allows remote
attackers to ...)
+CVE-2000-0664 (AnalogX SimpleServer:WWW 1.06 and earlier allows remote
attackers to read ...)
+CVE-2000-0663 (The registry entry for the Windows Shell executable
(Explorer.exe) in ...)
+CVE-2000-0662 (Internet Explorer 5.x and Microsoft Outlook allows remote
attackers to ...)
+CVE-2000-0661 (WircSrv IRC Server 5.07s allows remote attackers to cause a
denial of ...)
+CVE-2000-0660 (The WDaemon web server for WorldClient 2.1 allows remote
attackers to ...)
+CVE-2000-0655 (Netscape Communicator 4.73 and earlier allows remote attackers
to ...)
+CVE-2000-0654 (Microsoft Enterprise Manager allows local users to obtain
database ...)
+CVE-2000-0652 (IBM WebSphere allows remote attackers to read source code for
...)
+CVE-2000-0651 (The ClientTrust program in Novell BorderManager does not
properly ...)
+CVE-2000-0650 (The default installation of VirusScan 4.5 and NetShield 4.5 has
...)
+CVE-2000-0644 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a
denial of ...)
+CVE-2000-0643 (Buffer overflow in WebActive HTTP Server 1.00 allows remote
attackers ...)
+CVE-2000-0642 (The default configuration of WebActive HTTP Server 1.00 stores
the web ...)
+CVE-2000-0641 (Savant web server allows remote attackers to execute arbitrary
...)
+CVE-2000-0640 (Guild FTPd allows remote attackers to determine the existence of
files ...)
+CVE-2000-0639 (The default configuration of Big Brother 1.4h2 and earlier does
not ...)
+CVE-2000-0638 (Big Brother 1.4h1 and earlier allows remote attackers to read
...)
+CVE-2000-0637 (Microsoft Excel 97 and 2000 allows an attacker to execute
arbitrary ...)
+CVE-2000-0636 (HP JetDirect printers versions G.08.20 and H.08.20 and earlier
allow ...)
+CVE-2000-0635 (The view_page.html sample page in the MiniVend shopping cart
program ...)
+CVE-2000-0634 (The web administration interface for CommuniGate Pro 3.2.5 and
earlier ...)
+CVE-2000-0633 (Vulnerability in Mandrake Linux usermode package allows local
users to ...)
+CVE-2000-0632 (Buffer overflow in the web archive component of L-Soft Listserv
1.8d ...)
+CVE-2000-0631 (An administrative script from IIS 3.0, later included in IIS 4.0
and ...)
+CVE-2000-0630 (IIS 4.0 and 5.0 allows remote attackers to obtain fragments of
source ...)
+CVE-2000-0628 (The source.asp example script in the Apache ASP module
Apache::ASP ...)
+CVE-2000-0627 (BlackBoard CourseInfo 4.0 does not properly authenticate users,
which ...)
+CVE-2000-0624 (Buffer overflow in Winamp 2.64 and earlier allows remote
attackers to ...)
+CVE-2000-0622 (Buffer overflow in Webfind CGI program in O''Reilly
WebSite ...)
+CVE-2000-0621 (Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and
5.0x, ...)
+CVE-2000-0620 (libX11 X library allows remote attackers to cause a denial of
service ...)
+CVE-2000-0619 (Top Layer AppSwitch 2500 allows remote attackers to cause a
denial of ...)
+CVE-2000-0616 (Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain
...)
+CVE-2000-0615 (LPRng 3.6.x improperly installs lpd as setuid root, which can
allow ...)
+CVE-2000-0613 (Cisco Secure PIX Firewall does not properly identify forged TCP
Reset ...)
+CVE-2000-0611 (The default configuration of NetWin dMailWeb and cwMail trusts
all POP ...)
+CVE-2000-0610 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote
attackers to ...)
+CVE-2000-0604 (gkermit in Red Hat Linux is improperly installed with setgid
uucp, ...)
+CVE-2000-0603 (Microsoft SQL Server 7.0 allows a local user to bypass
permissions for ...)
+CVE-2000-0602 (Secure Locate (slocate) in Red Hat Linux allows local users to
gain ...)
+CVE-2000-0601 (LeafChat 1.7 IRC client allows a remote IRC server to cause a
denial ...)
+CVE-2000-0600 (Netscape Enterprise Server in NetWare 5.1 allows remote
attackers to ...)
+CVE-2000-0599 (Buffer overflow in iMesh 1.02 allows remote attackers to execute
...)
+CVE-2000-0598 (Fortech Proxy+ allows remote attackers to bypass access
restrictions ...)
+CVE-2000-0597 (Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97
are ...)
+CVE-2000-0596 (Internet Explorer 5.x does not warn a user before opening a
Microsoft ...)
+CVE-2000-0595 (libedit searches for the .editrc file in the current directory
instead ...)
+CVE-2000-0594 (BitchX IRC client does not properly cleanse an untrusted format
...)
+CVE-2000-0593 (WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial
of ...)
+CVE-2000-0591 (Novell BorderManager 3.0 and 3.5 allows remote attackers to
bypass URL ...)
+CVE-2000-0590 (Poll It 2.0 CGI script allows remote attackers to read arbitrary
files ...)
+CVE-2000-0588 (SawMill 5.0.21 CGI program allows remote attackers to read the
first ...)
+CVE-2000-0587 (The privpath directive in glftpd 1.18 allows remote attackers to
...)
+CVE-2000-0586 (Buffer overflow in Dalnet IRC server 4.6.5 allows remote
attackers to ...)
+CVE-2000-0585 (ISC DHCP client program dhclient allows remote attackers to
execute ...)
+CVE-2000-0584 (Buffer overflow in Canna input system allows remote attackers to
...)
+CVE-2000-0583 (vchkpw program in vpopmail before version 4.8 does not properly
cleanse ...)
+CVE-2000-0582 (Check Point FireWall-1 4.0 and 4.1 allows remote attackers to
cause a ...)
+CVE-2000-0581 (Windows 2000 Telnet Server allows remote attackers to cause a
denial ...)
+CVE-2000-0579 (IRIX crontab creates temporary files with predictable file names
and ...)
+CVE-2000-0577 (Netscape Professional Services FTP Server 1.3.6 allows remote
...)
+CVE-2000-0576 (Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0
allows ...)
+CVE-2000-0575 (SSH 1.2.27 with Kerberos authentication support stores Kerberos
...)
+CVE-2000-0573 (The lreply function in wu-ftpd 2.6.0 and earlier does not
properly ...)
+CVE-2000-0571 (LocalWEB HTTP server 1.2.0 allows remote attackers to cause a
denial ...)
+CVE-2000-0570 (FirstClass Internet Services server 5.770, and other versions
before ...)
+CVE-2000-0569 (Sybergen Sygate allows remote attackers to cause a denial of
service ...)
+CVE-2000-0568 (Sybergen Secure Desktop 2.1 does not properly protect against
false ...)
+CVE-2000-0567 (Buffer overflow in Microsoft Outlook and Outlook Express allows
remote ...)
+CVE-2000-0566 (makewhatis in Linux man package allows local users to overwrite
files ...)
+CVE-2000-0565 (SmartFTP Daemon 0.2 allows a local user to access arbitrary
files by ...)
+CVE-2000-0561 (Buffer overflow in WebBBS 1.15 allows remote attackers to
execute ...)
+CVE-2000-0558 (Buffer overflow in HP Openview Network Node Manager 6.1 allows
remote ...)
+CVE-2000-0557 (Buffer overflow in the web interface for Cmail 2.4.7 allows
remote ...)
+CVE-2000-0556 (Buffer overflow in the web interface for Cmail 2.4.7 allows
remote ...)
+CVE-2000-0555 (Ceilidh allows remote attackers to cause a denial of service via
a ...)
+CVE-2000-0553 (Race condition in IPFilter firewall 3.4.3 and earlier, when
configured ...)
+CVE-2000-0552 (ICQwebmail client for ICQ 2000A creates a world readable
temporary ...)
+CVE-2000-0551 (The file transfer mechanism in Danware NetOp 6.0 does not
provide ...)
+CVE-2000-0550 (Kerberos 4 KDC program improperly frees memory twice (aka ...)
+CVE-2000-0549 (Kerberos 4 KDC program does not properly check for null
termination of ...)
+CVE-2000-0548 (Buffer overflow in Kerberos 4 KDC program allows remote
attackers to ...)
+CVE-2000-0542 (Tigris remote access server before 11.5.4.22 does not properly
record ...)
+CVE-2000-0541 (The Panda Antivirus console on port 2001 allows local users to
execute ...)
+CVE-2000-0540 (JSP sample files in Allaire JRun 2.3.x allow remote attackers to
...)
+CVE-2000-0539 (Servlet examples in Allaire JRun 2.3.x allow remote attackers to
...)
+CVE-2000-0538 (ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows
...)
+CVE-2000-0537 (BRU backup software allows local users to append data to
arbitrary ...)
+CVE-2000-0536 (xinetd 2.1.8.x does not properly restrict connections if
hostnames are ...)
+CVE-2000-0534 (The apsfilter software in the FreeBSD ports package does not
properly ...)
+CVE-2000-0533 (Vulnerability in cvconnect in SGI IRIX WorkShop allows local
users to ...)
+CVE-2000-0532 (A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen
on port ...)
+CVE-2000-0530 (The KApplication class in the KDE 1.1.2 configuration file
management ...)
+CVE-2000-0529 (Net Tools PKI Server allows remote attackers to cause a denial
of ...)
+CVE-2000-0528 (Net Tools PKI Server does not properly restrict access to remote
...)
+CVE-2000-0525 (OpenSSH does not properly drop privileges when the UseLogin
option is ...)
+CVE-2000-0523 (Buffer overflow in the logging feature of EServ 2.9.2 and
earlier ...)
+CVE-2000-0522 (RSA ACE/Server allows remote attackers to cause a denial of
service by ...)
+CVE-2000-0521 (Savant web server allows remote attackers to read source code of
CGI ...)
+CVE-2000-0519 (Internet Explorer 4.x and 5.x does not properly re-validate an
SSL ...)
+CVE-2000-0518 (Internet Explorer 4.x and 5.x does not properly verify all
contents of ...)
+CVE-2000-0517 (Netscape 4.73 and earlier does not properly warn users about a
...)
+CVE-2000-0516 (When configured to store configuration information in an LDAP
...)
+CVE-2000-0515 (The snmpd.conf configuration file for the SNMP daemon (snmpd) in
HP-UX ...)
+CVE-2000-0514 (GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict
...)
+CVE-2000-0513 (CUPS (Common Unix Printing System) 1.04 and earlier allows
remote ...)
+CVE-2000-0512 (CUPS (Common Unix Printing System) 1.04 and earlier does not
properly ...)
+CVE-2000-0511 (CUPS (Common Unix Printing System) 1.04 and earlier allows
remote ...)
+CVE-2000-0510 (CUPS (Common Unix Printing System) 1.04 and earlier allows
remote ...)
+CVE-2000-0508 (rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers
to ...)
+CVE-2000-0507 (Imate Webmail Server 2.5 allows remote attackers to cause a
denial of ...)
+CVE-2000-0506 (The "capabilities" feature in Linux before
2.2.16 allows local users ...)
+CVE-2000-0505 (The Apache 1.3.x HTTP server for Windows platforms allows remote
...)
+CVE-2000-0504 (libICE in XFree86 allows remote attackers to cause a denial of
service ...)
+CVE-2000-0502 (Mcafee VirusScan 4.03 does not properly restrict access to the
alert ...)
+CVE-2000-0501 (Race condition in MDaemon 2.8.5.0 POP server allows local users
to ...)
+CVE-2000-0500 (The default configuration of BEA WebLogic 5.1.0 allows a remote
...)
+CVE-2000-0499 (The default configuration of BEA WebLogic 3.1.8 through 4.5.1
allows a ...)
+CVE-2000-0498 (Unify eWave ServletExec allows a remote attacker to view source
code ...)
+CVE-2000-0497 (IBM WebSphere server 3.0.2 allows a remote attacker to view
source ...)
+CVE-2000-0495 (Microsoft Windows Media Encoder allows remote attackers to cause
a ...)
+CVE-2000-0494 (Veritas Volume Manager creates a world writable .server_pids
file, ...)
+CVE-2000-0493 (Buffer overflow in Simple Network Time Sync (SMTS) daemon allows
...)
+CVE-2000-0490 (Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail
package ...)
+CVE-2000-0489 (FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial
of ...)
+CVE-2000-0488 (Buffer overflow in ITHouse mail server 1.04 allows remote
attackers to ...)
+CVE-2000-0486 (Buffer overflow in Cisco TACACS+ tac_plus server allows remote
...)
+CVE-2000-0485 (Microsoft SQL Server allows local users to obtain database
passwords ...)
+CVE-2000-0484 (Buffer overflow in Small HTTP Server allows remote attackers to
cause ...)
+CVE-2000-0483 (The DocumentTemplate package in Zope 2.2 and earlier allows a
remote ...)
+CVE-2000-0482 (Check Point Firewall-1 allows remote attackers to cause a denial
of ...)
+CVE-2000-0481 (Buffer overflow in KDE Kmail allows a remote attacker to cause a
...)
+CVE-2000-0478 (In some cases, Norton Antivirus for Exchange (NavExchange)
enters a ...)
+CVE-2000-0477 (Buffer overflow in Norton Antivirus for Exchange (NavExchange)
allows ...)
+CVE-2000-0475 (Windows 2000 allows a local user process to access another
user''s ...)
+CVE-2000-0474 (Real Networks RealServer 7.x allows remote attackers to cause a
denial ...)
+CVE-2000-0472 (Buffer overflow in innd 2.2.2 allows remote attackers to execute
...)
+CVE-2000-0471 (Buffer overflow in ufsrestore in Solaris 8 and earlier allows
local ...)
+CVE-2000-0470 (Allegro RomPager HTTP server allows remote attackers to cause a
denial ...)
+CVE-2000-0469 (Selena Sol WebBanner 4.0 allows remote attackers to read
arbitrary ...)
+CVE-2000-0468 (man in HP-UX 10.20 and 11 allows local attackers to overwrite
files ...)
+CVE-2000-0467 (Buffer overflow in Linux splitvt 1.6.3 and earlier allows local
users ...)
+CVE-2000-0466 (AIX cdmount allows local users to gain root privileges via shell
...)
+CVE-2000-0465 (Internet Explorer 4.x and 5.x does properly verify the domain of
a ...)
+CVE-2000-0464 (Internet Explorer 4.x and 5.x allows remote attackers to execute
...)
+CVE-2000-0463 (BeOS 5.0 allows remote attackers to cause a denial of service
via ...)
+CVE-2000-0462 (ftpd in NetBSD 1.4.2 does not properly parse entries in
/etc/ftpchroot ...)
+CVE-2000-0461 (The undocumented semconfig system call in BSD freezes the state
of ...)
+CVE-2000-0460 (Buffer overflow in KDE kdesud on Linux allows local uses to gain
...)
+CVE-2000-0459 (IMP does not remove files properly if the MSWordView application
...)
+CVE-2000-0458 (The MSWordView application in IMP creates world-readable files
in the ...)
+CVE-2000-0457 (ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file
...)
+CVE-2000-0456 (NetBSD 1.4.2 and earlier allows local users to cause a denial of
...)
+CVE-2000-0455 (Buffer overflow in xlockmore xlock program version 4.16 and
earlier ...)
+CVE-2000-0454 (Buffer overflow in Linux cdrecord allows local users to gain
...)
+CVE-2000-0453 (XFree86 3.3.x and 4.0 allows a user to cause a denial of service
via a ...)
+CVE-2000-0452 (Buffer overflow in the ESMTP service of Lotus Domino Server
5.0.1 ...)
+CVE-2000-0451 (The Intel express 8100 ISDN router allows remote attackers to
cause a ...)
+CVE-2000-0448 (The WebShield SMTP Management Tool version 4.5.44 does not
properly ...)
+CVE-2000-0447 (Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers
to ...)
+CVE-2000-0446 (Buffer overflow in MDBMS database server allows remote attackers
to ...)
+CVE-2000-0445 (The pgpk command in PGP 5.x on Unix systems uses an
insufficiently ...)
+CVE-2000-0443 (The web interface server in HP Web JetAdmin 5.6 allows remote
...)
+CVE-2000-0442 (Qpopper 2.53 and earlier allows local users to gain privileges
via a ...)
+CVE-2000-0441 (Vulnerability in AIX 3.2.x and 4.x allows local users to gain
write ...)
+CVE-2000-0440 (NetBSD 1.4.2 and earlier allows remote attackers to cause a
denial of ...)
+CVE-2000-0439 (Internet Explorer 4.0 and 5.0 allows a malicious web site to
obtain ...)
+CVE-2000-0438 (Buffer overflow in fdmount on Linux systems allows local users
in the ...)
+CVE-2000-0437 (Buffer overflow in the CyberPatrol daemon
"cyberdaemon" used in ...)
+CVE-2000-0436 (MetaProducts Offline Explorer 1.2 and earlier allows remote
attackers ...)
+CVE-2000-0435 (The allmanageup.pl file upload CGI script in the Allmanage
Website ...)
+CVE-2000-0432 (The calender.pl and the calendar_admin.pl calendar scripts by
Matt ...)
+CVE-2000-0431 (Cobalt RaQ2 and RaQ3 does not properly set the access
permissions and ...)
+CVE-2000-0430 (Cart32 allows remote attackers to access sensitive debugging
...)
+CVE-2000-0428 (Buffer overflow in the SMTP gateway for InterScan Virus Wall
3.32 and ...)
+CVE-2000-0427 (The Aladdin Knowledge Systems eToken device allows attackers
with ...)
+CVE-2000-0426 (UltraBoard 1.6 and other versions allow remote attackers to
cause a ...)
+CVE-2000-0425 (Buffer overflow in the Web Archives component of L-Soft LISTSERV
1.8 ...)
+CVE-2000-0424 (The CGI counter 4.0.7 by George Burgyan allows remote attackers
to ...)
+CVE-2000-0421 (The process_bug.cgi script in Bugzilla allows remote attackers
to ...)
+CVE-2000-0419 (The Office 2000 UA ActiveX Control is marked as "safe
for scripting," ...)
+CVE-2000-0418 (The Cayman 3220-H DSL router allows remote attackers to cause a
denial ...)
+CVE-2000-0417 (The HTTP administration interface to the Cayman 3220-H DSL
router ...)
+CVE-2000-0416 (NTMail 5.x allows network users to bypass the NTMail proxy ...)
+CVE-2000-0414 (Vulnerability in shutdown command for HP-UX 11.X and 10.X allows
allows ...)
+CVE-2000-0411 (Matt Wright''s FormMail CGI script allows remote
attackers to obtain ...)
+CVE-2000-0410 (ColdFusion Server 4.5.1 allows remote attackers to cause a
denial of ...)
+CVE-2000-0409 (Netscape 4.73 and earlier follows symlinks when it imports a new
...)
+CVE-2000-0408 (IIS 4.05 and 5.0 allow remote attackers to cause a denial of
service ...)
+CVE-2000-0407 (Buffer overflow in Solaris netpr program allows local users to
execute ...)
+CVE-2000-0406 (Netscape Communicator before version 4.73 and Navigator 4.07 do
not ...)
+CVE-2000-0405 (Buffer overflow in L0pht AntiSniff allows remote attackers to
execute ...)
+CVE-2000-0404 (The CIFS Computer Browser service allows remote attackers to
cause a ...)
+CVE-2000-0403 (The CIFS Computer Browser service on Windows NT 4.0 allows a
remote ...)
+CVE-2000-0402 (The Mixed Mode authentication capability in Microsoft SQL Server
7.0 ...)
+CVE-2000-0399 (Buffer overflow in MDaemon POP server allows remote attackers to
cause ...)
+CVE-2000-0398 (Buffer overflow in wconsole.dll in Rockliffe MailSite Management
Agent ...)
+CVE-2000-0397 (The EMURL web-based email account software encodes predictable
...)
+CVE-2000-0396 (The add.exe program in the Carello shopping cart software allows
...)
+CVE-2000-0395 (Buffer overflow in CProxy 3.3 allows remote users to cause a
denial of ...)
+CVE-2000-0394 (NetProwler 3.0 allows remote attackers to cause a denial of
service by ...)
+CVE-2000-0393 (The KDE kscd program does not drop privileges when executing a
program ...)
+CVE-2000-0392 (Buffer overflow in ksu in Kerberos 5 allows local users to gain
root ...)
+CVE-2000-0391 (Buffer overflow in krshd in Kerberos 5 allows remote attackers
to gain ...)
+CVE-2000-0390 (Buffer overflow in krb425_conv_principal function in Kerberos 5
allows ...)
+CVE-2000-0389 (Buffer overflow in krb_rd_req function in Kerberos 4 and 5
allows ...)
+CVE-2000-0388 (Buffer overflow in FreeBSD libmytinfo library allows local users
to ...)
+CVE-2000-0387 (The makelev program in the golddig game from the FreeBSD ports
...)
+CVE-2000-0382 (ColdFusion ClusterCATS appends stale query string arguments to a
URL ...)
+CVE-2000-0381 (The Gossamer Threads DBMan db.cgi CGI script allows remote
attackers ...)
+CVE-2000-0380 (The IOS HTTP service in Cisco routers and switches running IOS
11.1 ...)
+CVE-2000-0379 (The Netopia R9100 router does not prevent authenticated users
from ...)
+CVE-2000-0378 (The pam_console PAM module in Linux systems performs a chown on
...)
+CVE-2000-0377 (The Remote Registry server in Windows NT 4.0 allows local ...)
+CVE-2000-0376 (Buffer overflow in the HTTP proxy server for the i-drive Filo
software ...)
+CVE-2000-0375 (The kernel in FreeBSD 3.2 follows symbolic links when it creates
core ...)
+CVE-2000-0374 (The default configuration of kdm in Caldera Linux allows XDMCP
...)
+CVE-2000-0373 (Vulnerabilities in the KDE kvt terminal program allow local
users to ...)
+CVE-2000-0372 (Vulnerability in Caldera rmt command in the dump package 0.4b4
allows ...)
+CVE-2000-0371 (The libmediatool library used for the KDE mediatool allows local
users ...)
+CVE-2000-0370 (The debug option in Caldera Linux smail allows remote attackers
to ...)
+CVE-2000-0369 (The IDENT server in Caldera Linux 2.3 creates multiple threads
for ...)
+CVE-2000-0368 (Classic Cisco IOS 9.1 and later allows attackers with access to
the ...)
+CVE-2000-0367 (Vulnerability in eterm 0.8.8 in Debian Linux allows an attacker
to ...)
+CVE-2000-0366 (dump in Debian Linux 2.1 does not properly restore symlinks,
which ...)
+CVE-2000-0363 (Linux cdwtools 093 and earlier allows local users to gain root
...)
+CVE-2000-0362 (Buffer overflows in Linux cdwtools 093 and earlier allows local
users ...)
+CVE-2000-0361 (The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates
a ...)
+CVE-2000-0360 (Buffer overflow in INN 2.2.1 and earlier allows remote attackers
to ...)
+CVE-2000-0359 (Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers
to ...)
+CVE-2000-0356 (Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does
not ...)
+CVE-2000-0354 (mirror 2.8.x in Linux systems allows remote attackers to create
files ...)
+CVE-2000-0353 (Pine 4.x allows a remote attacker to execute arbitrary commands
via an ...)
+CVE-2000-0352 (Pine before version 4.21 does not properly filter shell
metacharacters ...)
+CVE-2000-0351 (Some packaging commands in SCO UnixWare 7.1.0 have insecure ...)
+CVE-2000-0350 (A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is
...)
+CVE-2000-0349 (Vulnerability in the passthru driver in SCO UnixWare 7.1.0
allows an ...)
+CVE-2000-0348 (A vulnerability in the Sendmail configuration file sendmail.cf
as ...)
+CVE-2000-0347 (Windows 95 and Windows 98 allow a remote attacker to cause a
denial of ...)
+CVE-2000-0346 (AppleShare IP 6.1 and later allows a remote attacker to read
...)
+CVE-2000-0344 (The knfsd NFS server in Linux kernel 2.2.x allows remote
attackers to ...)
+CVE-2000-0342 (Eudora 4.x allows remote attackers to bypass the user warning
for ...)
+CVE-2000-0341 (ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to
cause a ...)
+CVE-2000-0340 (Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users
to ...)
+CVE-2000-0339 (ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a
source ...)
+CVE-2000-0338 (Concurrent Versions Software (CVS) uses predictable temporary
file ...)
+CVE-2000-0337 (Buffer overflow in Xsun X server in Solaris 7 allows local users
to ...)
+CVE-2000-0336 (Linux OpenLDAP server allows local users to modify arbitrary
files via ...)
+CVE-2000-0335 (The resolver in glibc 2.1.3 uses predictable IDs, which allows a
local ...)
+CVE-2000-0334 (The Allaire Spectra container editor preview tool does not
properly ...)
+CVE-2000-0332 (UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6
allows ...)
+CVE-2000-0331 (Buffer overflow in Microsoft command processor (CMD.EXE) for
Windows ...)
+CVE-2000-0330 (The networking software in Windows 95 and Windows 98 allows
remote ...)
+CVE-2000-0329 (A Microsoft ActiveX control allows a remote attacker to execute
a ...)
+CVE-2000-0328 (Windows NT 4.0 generates predictable random TCP initial sequence
...)
+CVE-2000-0327 (Microsoft Virtual Machine (VM) allows remote attackers to escape
the ...)
+CVE-2000-0324 (pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial
of ...)
+CVE-2000-0323 (The Microsoft Jet database engine allows an attacker to modify
text ...)
+CVE-2000-0322 (The passwd.php3 CGI script in the Red Hat Piranha Virtual Server
...)
+CVE-2000-0320 (Qpopper 2.53 and 3.0 does not properly identify the \n string
which ...)
+CVE-2000-0319 (mail.local in Sendmail 8.10.x does not properly identify the .\n
...)
+CVE-2000-0318 (Atrium Mercur Mail Server 3.2 allows local attackers to read
other ...)
+CVE-2000-0316 (Buffer overflow in Solaris 7 lp allows local users to gain root
...)
+CVE-2000-0315 (traceroute in NetBSD 1.3.3 and Linux systems allows local
unprivileged ...)
+CVE-2000-0314 (traceroute in NetBSD 1.3.3 and Linux systems allows local users
to ...)
+CVE-2000-0313 (Vulnerability in OpenBSD 2.6 allows a local user to change
interface ...)
+CVE-2000-0311 (The Windows 2000 domain controller allows a malicious user to
modify ...)
+CVE-2000-0310 (IP fragment assembly in OpenBSD 2.4 allows a remote attacker to
cause ...)
+CVE-2000-0309 (The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled
allows a ...)
+CVE-2000-0308 (Insecure file permissions for Netscape FastTrack Server 2.x,
...)
+CVE-2000-0307 (Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer
5.05 and ...)
+CVE-2000-0306 (Buffer overflow in calserver in SCO OpenServer allows remote
attackers ...)
+CVE-2000-0305 (Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and
Terminal ...)
+CVE-2000-0304 (Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory
...)
+CVE-2000-0303 (Quake3 Arena allows malicious server operators to read or modify
...)
+CVE-2000-0302 (Microsoft Index Server allows remote attackers to view the
source code ...)
+CVE-2000-0301 (Ipswitch IMAIL server 6.02 and earlier allows remote attackers
to ...)
+CVE-2000-0298 (The unattended installation of Windows 2000 with the
OEMPreinstall ...)
+CVE-2000-0297 (Allaire Forums 2.0.5 allows remote attackers to bypass access
...)
+CVE-2000-0296 (fcheck allows local users to gain privileges by embedding shell
...)
+CVE-2000-0294 (Buffer overflow in healthd for FreeBSD allows local users to
gain root ...)
+CVE-2000-0292 (The Adtran MX2800 M13 Multiplexer allows remote attackers to
cause a ...)
+CVE-2000-0290 (Buffer overflow in Webstar HTTP server allows remote attackers
to ...)
+CVE-2000-0289 (IP masquerading in Linux 2.2.x allows remote attackers to route
UDP ...)
+CVE-2000-0287 (The BizDB CGI script bizdb-search.cgi allows remote attackers to
...)
+CVE-2000-0285 (Buffer overflow in XFree86 3.3.x allows local users to execute
...)
+CVE-2000-0283 (The default installation of IRIX Performance Copilot allows
remote ...)
+CVE-2000-0282 (TalentSoft webpsvr daemon in the Web+ shopping cart application
allows ...)
+CVE-2000-0279 (BeOS allows remote attackers to cause a denial of service via
...)
+CVE-2000-0278 (The SalesLogix Eviewer allows remote attackers to cause a denial
of ...)
+CVE-2000-0277 (Microsoft Excel 97 and 2000 does not warn the user when
executing ...)
+CVE-2000-0276 (BeOS 4.5 and 5.0 allow local users to cause a denial of service
via ...)
+CVE-2000-0274 (The Linux trustees kernel patch allows attackers to cause a
denial of ...)
+CVE-2000-0273 (PCAnywhere allows remote attackers to cause a denial of service
by ...)
+CVE-2000-0272 (RealNetworks RealServer allows remote attackers to cause a
denial of ...)
+CVE-2000-0268 (Cisco IOS 11.x and 12.x allows remote attackers to cause a
denial of ...)
+CVE-2000-0267 (Cisco Catalyst 5.4.x allows a user to gain access to the
"enable" mode ...)
+CVE-2000-0265 (Panda Security 3.0 allows users to uninstall the Panda software
via ...)
+CVE-2000-0264 (Panda Security 3.0 with registry editing disabled allows users
to edit ...)
+CVE-2000-0263 (The X font server xfs in Red Hat Linux 6.x allows an attacker to
cause ...)
+CVE-2000-0262 (The AVM KEN! ISDN Proxy server allows remote attackers to cause
a ...)
+CVE-2000-0261 (The AVM KEN! web server allows remote attackers to read
arbitrary ...)
+CVE-2000-0260 (Buffer overflow in the dvwssr.dll DLL in Microsoft Visual
Interdev 1.0 ...)
+CVE-2000-0258 (IIS 4.0 and 5.0 allows remote attackers to cause a denial of
service ...)
+CVE-2000-0257 (Buffer overflow in the NetWare remote web administration utility
...)
+CVE-2000-0255 (The Nbase-Xyplex EdgeBlaster router allows remote attackers to
cause a ...)
+CVE-2000-0254 (The dansie shopping cart application cart.pl allows remote
attackers ...)
+CVE-2000-0253 (The dansie shopping cart application cart.pl allows remote
attackers ...)
+CVE-2000-0252 (The dansie shopping cart application cart.pl allows remote
attackers ...)
+CVE-2000-0251 (HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged
processes ...)
+CVE-2000-0249 (The AIX Fast Response Cache Accelerator (FRCA) allows local
users to ...)
+CVE-2000-0247 (Unknown vulnerability in Generic-NQS (GNQS) allows local users
to gain ...)
+CVE-2000-0246 (IIS 4.0 and 5.0 does not properly perform ISAPI extension
processing ...)
+CVE-2000-0245 (Vulnerability in SGI IRIX objectserver daemon allows remote
attackers ...)
+CVE-2000-0243 (AnalogX SimpleServer:WWW HTTP server 1.03 allows remote
attackers to ...)
+CVE-2000-0240 (vqSoft vqServer program allows remote attackers to read
arbitrary ...)
+CVE-2000-0238 (Buffer overflow in the web server for Norton AntiVirus for
Internet ...)
+CVE-2000-0237 (Netscape Enterprise Server with Web Publishing enabled allows
remote ...)
+CVE-2000-0236 (Netscape Enterprise Server with Directory Indexing enabled
allows ...)
+CVE-2000-0235 (Buffer overflow in the huh program in the orville-write package
allows ...)
+CVE-2000-0234 (The default configuration of Cobalt RaQ2 and RaQ3 as specified
in ...)
+CVE-2000-0233 (SuSE Linux IMAP server allows remote attackers to bypass IMAP
...)
+CVE-2000-0232 (Microsoft TCP/IP Printing Services, aka Print Services for Unix,
...)
+CVE-2000-0231 (Linux kreatecd trusts a user-supplied path that is used to find
the ...)
+CVE-2000-0230 (Buffer overflow in imwheel allows local users to gain root
privileges ...)
+CVE-2000-0229 (gpm-root in the gpm package does not properly drop privileges,
which ...)
+CVE-2000-0228 (Microsoft Windows Media License Manager allows remote attackers
to ...)
+CVE-2000-0226 (IIS 4.0 allows attackers to cause a denial of service by
requesting a ...)
+CVE-2000-0225 (The Pocsag POC32 program does not properly prevent remote users
from ...)
+CVE-2000-0224 (ARCserve agent in SCO UnixWare 7.x allows local attackers to
gain root ...)
+CVE-2000-0223 (Buffer overflow in the wmcdplay CD player program for the
WindowMaker ...)
+CVE-2000-0222 (The installation for Windows 2000 does not activate the
Administrator ...)
+CVE-2000-0221 (The Nautica Marlin bridge allows remote attackers to cause a
denial of ...)
+CVE-2000-0218 (Buffer overflow in Linux mount and umount allows local users to
gain ...)
+CVE-2000-0217 (The default configuration of SSH allows X forwarding, which
could ...)
+CVE-2000-0215 (Vulnerability in SCO cu program in UnixWare 7.x allows local
users to ...)
+CVE-2000-0212 (InterAccess TelnetID Server 4.0 allows remote attackers to
conduct a ...)
+CVE-2000-0211 (The Windows Media server allows remote attackers to cause a
denial of ...)
+CVE-2000-0210 (The lit program in Sun Flex License Manager (FlexLM) follows
symlinks, ...)
+CVE-2000-0209 (Buffer overflow in Lynx 2.x allows remote attackers to crash
Lynx and ...)
+CVE-2000-0208 (The htdig (ht://Dig) CGI program htsearch allows remote
attackers to ...)
+CVE-2000-0207 (SGI InfoSearch CGI program infosrch.cgi allows remote attackers
to ...)
+CVE-2000-0206 (The installation of Oracle 8.1.5.x on Linux follows symlinks and
...)
+CVE-2000-0202 (Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0
allow ...)
+CVE-2000-0201 (The window.showHelp() method in Internet Explorer 5.x does not
...)
+CVE-2000-0200 (Buffer overflow in Microsoft Clip Art Gallery allows remote
attackers ...)
+CVE-2000-0196 (Buffer overflow in mhshow in the Linux nmh package allows remote
...)
+CVE-2000-0195 (setxconf in Corel Linux allows local users to gain root access
via the ...)
+CVE-2000-0194 (buildxconf in Corel Linux allows local users to modify or create
...)
+CVE-2000-0193 (The default configuration of Dosemu in Corel Linux 1.0 allows
local ...)
+CVE-2000-0192 (The default installation of Caldera OpenLinux 2.3 includes the
CGI ...)
+CVE-2000-0191 (Axis StorPoint CD allows remote attackers to access
administrator URLs ...)
+CVE-2000-0189 (ColdFusion Server 4.x allows remote attackers to determine the
real ...)
+CVE-2000-0186 (Buffer overflow in the dump utility in the Linux ext2fs backup
package ...)
+CVE-2000-0185 (RealMedia RealServer reveals the real IP address of a Real
Server, ...)
+CVE-2000-0184 (Linux printtool sets the permissions of printer configuration
files to ...)
+CVE-2000-0183 (Buffer overflow in ircII 4.4 IRC client allows remote attackers
to ...)
+CVE-2000-0182 (iPlanet Web Server 4.1 allows remote attackers to cause a denial
of ...)
+CVE-2000-0181 (Firewall-1 3.0 and 4.0 leaks packets with private IP address
...)
+CVE-2000-0180 (Sojourn search engine allows remote attackers to read arbitrary
files ...)
+CVE-2000-0179 (HP OpenView OmniBack 2.55 allows remote attackers to cause a
denial of ...)
+CVE-2000-0178 (ServerIron switches by Foundry Networks have predictable TCP/IP
...)
+CVE-2000-0175 (Buffer overflow in StarOffice StarScheduler web server allows
remote ...)
+CVE-2000-0174 (StarOffice StarScheduler web server allows remote attackers to
read ...)
+CVE-2000-0172 (The mtr program only uses a seteuid call when attempting to drop
...)
+CVE-2000-0171 (atsadc in the atsar package for Linux does not properly check
the ...)
+CVE-2000-0170 (Buffer overflow in the man program in Linux allows local users
to ...)
+CVE-2000-0169 (Batch files in the Oracle web listener ows-bin directory allow
remote ...)
+CVE-2000-0168 (Microsoft Windows 9x operating systems allow an attacker to
cause a ...)
+CVE-2000-0166 (Buffer overflow in the InterAccess telnet server TelnetD allows
remote ...)
+CVE-2000-0165 (The Delegate application proxy has several buffer overflows
which ...)
+CVE-2000-0164 (The installation of Sun Internet Mail Server (SIMS) creates a
...)
+CVE-2000-0162 (The Microsoft virtual machine (VM) in Internet Explorer 4.x and
5.x ...)
+CVE-2000-0161 (Sample web sites on Microsoft Site Server 3.0 Commerce Edition
do not ...)
+CVE-2000-0159 (HP Ignite-UX does not save /etc/passwd when it creates an image
of a ...)
+CVE-2000-0157 (NetBSD ptrace call on VAX allows local users to gain privileges
by ...)
+CVE-2000-0156 (Internet Explorer 4.x and 5.x allow a remote web server to
access ...)
+CVE-2000-0152 (Remote attackers can cause a denial of service in Novell
BorderManager ...)
+CVE-2000-0150 (Firewall-1 allows remote attackers to bypass port access
restrictions ...)
+CVE-2000-0149 (Zeus web server allows remote attackers to view the source code
for ...)
+CVE-2000-0148 (MySQL 3.22 allows remote attackers to bypass password
authentication ...)
+CVE-2000-0146 (The Java Server in the Novell GroupWise Web Access Enhancement
Pack ...)
+CVE-2000-0145 (The libguile.so library file used by gnucash in Debian Linux is
...)
+CVE-2000-0144 (Axis 700 Network Scanner does not properly restrict access to
...)
+CVE-2000-0141 (Infopop Ultimate Bulletin Board (UBB) allows remote attackers to
...)
+CVE-2000-0140 (Internet Anywhere POP3 Mail Server allows remote attackers to
cause a ...)
+CVE-2000-0139 (Internet Anywhere POP3 Mail Server allows local users to cause a
...)
+CVE-2000-0131 (Buffer overflow in War FTPd 1.6x allows users to cause a denial
of ...)
+CVE-2000-0130 (Buffer overflow in SCO scohelp program allows remote attackers
to ...)
+CVE-2000-0128 (The Finger Server 0.82 allows remote attackers to execute
commands via ...)
+CVE-2000-0127 (The Webspeed configuration program does not properly disable
access to ...)
+CVE-2000-0121 (The Recycle Bin utility in Windows NT and Windows 2000 allows
local ...)
+CVE-2000-0120 (The Remote Access Service invoke.cfm template in Allaire Spectra
1.0 ...)
+CVE-2000-0117 (The siteUserMod.cgi program in Cobalt RaQ2 servers allows any
Site ...)
+CVE-2000-0116 (Firewall-1 does not properly filter script tags, which allows
remote ...)
+CVE-2000-0113 (The SyGate Remote Management program does not properly restrict
access ...)
+CVE-2000-0112 (The default installation of Debian Linux uses an insecure Master
Boot ...)
+CVE-2000-0111 (The RightFax web client uses predictable session numbers, which
allows ...)
+CVE-2000-0107 (Linux apcd program allows local attackers to modify arbitrary
files ...)
+CVE-2000-0100 (The SMS Remote Control program is installed with insecure
permissions, ...)
+CVE-2000-0099 (Buffer overflow in UnixWare ppptalk command allows local users
to gain ...)
+CVE-2000-0098 (Microsoft Index Server allows remote attackers to determine the
real ...)
+CVE-2000-0097 (The WebHits ISAPI filter in Microsoft Index Server allows remote
...)
+CVE-2000-0095 (The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for
...)
+CVE-2000-0094 (procfs in BSD systems allows local users to gain root privileges
by ...)
+CVE-2000-0092 (The BSD make program allows local users to modify files via a
symlink ...)
+CVE-2000-0091 (Buffer overflow in vchkpw/vpopmail POP authentication package
allows ...)
+CVE-2000-0090 (VMWare 1.1.2 allows local users to cause a denial of service via
a ...)
+CVE-2000-0089 (The rdisk utility in Microsoft Terminal Server Edition and
Windows NT ...)
+CVE-2000-0088 (Buffer overflow in the conversion utilities for Japanese, Korean
and ...)
+CVE-2000-0087 (Netscape Mail Notification (nsnotify) utility in Netscape
Communicator ...)
+CVE-2000-0083 (HP asecure creates the Audio Security File audio.sec with
insecure ...)
+CVE-2000-0080 (AIX techlibss allows local users to overwrite files via a
symlink ...)
+CVE-2000-0076 (nviboot boot script in the Debian nvi package allows local users
to ...)
+CVE-2000-0075 (Super Mail Transfer Package (SMTP), later called MsgCore, has a
memory ...)
+CVE-2000-0073 (Buffer overflow in Microsoft Rich Text Format (RTF) reader
allows ...)
+CVE-2000-0072 (Visual Casel (Vcasel) does not properly prevent users from
executing ...)
+CVE-2000-0070 (NtImpersonateClientOfPort local procedure call in Windows NT 4.0
...)
+CVE-2000-0065 (Buffer overflow in InetServ 3.0 allows remote attackers to
execute ...)
+CVE-2000-0064 (cgiproc CGI script in Nortel Contivity HTTP server allows remote
...)
+CVE-2000-0063 (cgiproc CGI script in Nortel Contivity HTTP server allows remote
...)
+CVE-2000-0062 (The DTML implementation in the Z Object Publishing Environment
(Zope) ...)
+CVE-2000-0060 (Buffer overflow in aVirt Rover POP3 server 1.1 allows remote
attackers ...)
+CVE-2000-0057 (Cold Fusion CFCACHE tag places temporary cache files within the
web ...)
+CVE-2000-0056 (IMail IMONITOR status.cgi CGI script allows remote attackers to
cause ...)
+CVE-2000-0053 (Microsoft Commercial Internet System (MCIS) IMAP server allows
remote ...)
+CVE-2000-0052 (Red Hat userhelper program in the usermode package allows local
users ...)
+CVE-2000-0051 (The Allaire Spectra Configuration Wizard allows remote attackers
to ...)
+CVE-2000-0050 (The Allaire Spectra Webtop allows authenticated users to access
other ...)
+CVE-2000-0048 (get_it program in Corel Linux Update allows local users to gain
root ...)
+CVE-2000-0045 (MySQL allows local users to modify passwords for arbitrary MySQL
users ...)
+CVE-2000-0044 (Macros in War FTP 1.70 and 1.67b2 allow local or remote
attackers to ...)
+CVE-2000-0043 (Buffer overflow in CamShot WebCam HTTP server allows remote
attackers ...)
+CVE-2000-0042 (Buffer overflow in CSM mail server allows remote attackers to
cause a ...)
+CVE-2000-0041 (Macintosh systems generate large ICMP datagrams in response to
...)
+CVE-2000-0040 (glFtpD allows local users to gain privileges via metacharacters
in the ...)
+CVE-2000-0039 (AltaVista search engine allows remote attackers to read files
above ...)
+CVE-2000-0037 (Majordomo wrapper allows local users to gain privileges by
specifying ...)
+CVE-2000-0036 (Outlook Express 5 for Macintosh downloads attachments to HTML
mail ...)
+CVE-2000-0034 (Netscape 4.7 records user passwords in the preferences.js file
during ...)
+CVE-2000-0033 (InterScan VirusWall SMTP scanner does not properly scan messages
with ...)
+CVE-2000-0032 (Solaris dmi_cmd allows local users to crash the dmispd daemon by
...)
+CVE-2000-0031 (The initscripts package in Red Hat Linux allows local users to
gain ...)
+CVE-2000-0030 (Solaris dmispd dmi_cmd allows local users to fill up restricted
disk ...)
+CVE-2000-0029 (UnixWare pis and mkpis commands allow local users to gain
privileges ...)
+CVE-2000-0027 (IBM Network Station Manager NetStation allows local users to
gain ...)
+CVE-2000-0026 (Buffer overflow in UnixWare i2odialogd daemon allows remote
attackers ...)
+CVE-2000-0025 (IIS 4.0 and Site Server 3.0 allow remote attackers to read
source code ...)
+CVE-2000-0024 (IIS does not properly canonicalize URLs, potentially allowing
remote ...)
+CVE-2000-0023 (Buffer overflow in Lotus Domino HTTP server allows remote
attackers to ...)
+CVE-2000-0022 (Lotus Domino HTTP server does not properly disable anonymous
access ...)
+CVE-2000-0020 (DNS PRO allows remote attackers to conduct a denial of service
via a ...)
+CVE-2000-0018 (wmmon in FreeBSD allows local users to gain privileges via the
...)
+CVE-2000-0015 (CascadeView TFTP server allows local users to gain privileges
via a ...)
+CVE-2000-0014 (Denial of service in Savant web server via a null character in
the ...)
+CVE-2000-0013 (IRIX soundplayer program allows local users to gain privileges
by ...)
+CVE-2000-0012 (Buffer overflow in w3-msql CGI program in miniSQL package allows
...)
+CVE-2000-0011 (Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows
remote ...)
+CVE-2000-0010 (WebWho+ whois.cgi program allows remote attackers to execute
commands ...)
+CVE-2000-0009 (The bna_pass program in Optivity NETarchitect uses the PATH ...)
+CVE-2000-0007 (Trend Micro PC-Cillin does not restrict access to its internal
proxy ...)
+CVE-2000-0006 (strace allows local users to read arbitrary files via memory
mapped ...)
+CVE-2000-0004 (ZBServer Pro allows remote attackers to read source code for
...)
+CVE-2000-0003 (Buffer overflow in UnixWare rtpm program allows local users to
gain ...)
+CVE-2000-0002 (Buffer overflow in ZBServer Pro allows remote attackers to
execute ...)
+CVE-2000-0001 (RealMedia server allows remote attackers to cause a denial of
service ...)
+CVE-1999-1568 (Off-by-one error in NcFTPd FTP server before 2.4.1 allows a
remote ...)
+CVE-1999-1565 (Man2html 2.1 and earlier allows local users to overwrite
arbitrary ...)
+CVE-1999-1556 (Microsoft SQL Server 6.5 uses weak encryption for the password
for the ...)
+CVE-1999-1550 (bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote
attackers to ...)
+CVE-1999-1542 (RPMMail before 1.4 allows remote attackers to execute commands
via an ...)
+CVE-1999-1537 (IIS 3.x and 4.x does not distinguish between pages requiring
...)
+CVE-1999-1535 (Buffer overflow in AspUpload.dll in Persits Software AspUpload
before ...)
+CVE-1999-1531 (Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows
a ...)
+CVE-1999-1530 (cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly
...)
+CVE-1999-1520 (A configuration problem in the Ad Server Sample directory
(AdSamples) ...)
+CVE-1999-1512 (The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote
...)
+CVE-1999-1507 (Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root
access ...)
+CVE-1999-1494 (colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows
local ...)
+CVE-1999-1490 (xosview 1.5.1 in Red Hat 5.1 allows local users to gain root
access ...)
+CVE-1999-1488 (sdrd daemon in IBM SP2 System Data Repository (SDR) allows
remote ...)
+CVE-1999-1486 (sadc in IBM AIX 4.1 through 4.3, when called from programs such
as ...)
+CVE-1999-1481 (Squid 2.2.STABLE5 and below, when using external authentication,
...)
+CVE-1999-1478 (The Sun HotSpot Performance Engine VM allows a remote attacker
to ...)
+CVE-1999-1476 (A bug in Intel Pentium processor (MMX and Overdrive) allows
local ...)
+CVE-1999-1473 (When a Web site redirects the browser to another site, Internet
...)
+CVE-1999-1472 (Internet Explorer 4.0 allows remote attackers to read arbitrary
text ...)
+CVE-1999-1468 (rdist in various UNIX systems uses popen to execute sendmail,
which ...)
+CVE-1999-1456 (thttpd HTTP server 2.03 and earlier allows remote attackers to
read ...)
+CVE-1999-1455 (RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does
not ...)
+CVE-1999-1452 (GINA in Windows NT 4.0 allows attackers with physical access to
...)
+CVE-1999-1437 (ePerl 2.2.12 allows remote attackers to read arbitrary files and
...)
+CVE-1999-1433 (HP JetAdmin D.01.09 on Solaris allows local users to change the
...)
+CVE-1999-1432 (Power management (Powermanagement) on Solaris 2.4 through 2.6
does not ...)
+CVE-1999-1423 (ping in Solaris 2.3 through 2.6 allows local users to cause a
denial ...)
+CVE-1999-1419 (Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris
2.3 and ...)
+CVE-1999-1414 (IBM Netfinity Remote Control allows local users to gain
administrator ...)
+CVE-1999-1411 (The installation of the fsp package 2.71-10 in Debian Linux 2.0
adds ...)
+CVE-1999-1409 (The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows
local ...)
+CVE-1999-1407 (ifdhcpc-done script for configuring DHCP on Red Hat Linux 5
allows ...)
+CVE-1999-1402 (The access permissions for a UNIX domain socket are ignored in
Solaris ...)
+CVE-1999-1397 (Index Server 2.0 on IIS 4.0 stores physical path information in
the ...)
+CVE-1999-1386 (Perl 5.004_04 and earlier follows symbolic links when running
with the ...)
+CVE-1999-1385 (Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows
local ...)
+CVE-1999-1384 (Indigo Magic System Tour in the SGI system tour package
(systour) for ...)
+CVE-1999-1382 (NetWare NFS mode 1 and 2 implements the "Read
Only" flag in Unix by ...)
+CVE-1999-1380 (Symantec Norton Utilities 2.0 for Windows 95 marks the
TUNEOCX.OCX ...)
+CVE-1999-1379 (DNS allows remote attackers to use DNS name servers as traffic
...)
+CVE-1999-1365 (Windows NT searches a user''s home directory
(%systemroot% by default) ...)
+CVE-1999-1363 (Windows NT 3.51 and 4.0 allow local users to cause a denial of
service ...)
+CVE-1999-1362 (Win32k.sys in Windows NT 4.0 before SP2 allows local users to
cause a ...)
+CVE-1999-1360 (Windows NT 4.0 allows local users to cause a denial of service
via a ...)
+CVE-1999-1359 (When the Ntconfig.pol file is used on a server whose name is
longer ...)
+CVE-1999-1358 (When an administrator in Windows NT or Windows 2000 changes a
user ...)
+CVE-1999-1356 (Compaq Integration Maintenance Utility as used in Compaq Insight
...)
+CVE-1999-1351 (Directory traversal vulnerability in KVIrc IRC client 0.9.0 with
the ...)
+CVE-1999-1341 (Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP
options, ...)
+CVE-1999-1339 (Vulnerability when Network Address Translation (NAT) is enabled
in ...)
+CVE-1999-1337 (FTP client in Midnight Commander (mc) before 4.5.11 stores
usernames ...)
+CVE-1999-1336 (3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29
allows ...)
+CVE-1999-1335 (snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat
Linux ...)
+CVE-1999-1333 (automatic download option in ncftp 2.4.2 FTP client in Red Hat
Linux ...)
+CVE-1999-1332 (gzexe in the gzip package on Red Hat Linux 5.0 and earlier
allows ...)
{DSA-308}
-CVE-1999-1331
-CVE-1999-1330
-CVE-1999-1329
-CVE-1999-1328
-CVE-1999-1327
-CVE-1999-1326
-CVE-1999-1325
-CVE-1999-1324
-CVE-1999-1321
-CVE-1999-1320
-CVE-1999-1318
-CVE-1999-1317
-CVE-1999-1316
-CVE-1999-1309
-CVE-1999-1301
-CVE-1999-1298
-CVE-1999-1297
-CVE-1999-1294
-CVE-1999-1290
-CVE-1999-1288
-CVE-1999-1284
-CVE-1999-1279
-CVE-1999-1276
-CVE-1999-1263
-CVE-1999-1262
-CVE-1999-1259
-CVE-1999-1258
-CVE-1999-1249
-CVE-1999-1246
-CVE-1999-1243
-CVE-1999-1233
-CVE-1999-1226
-CVE-1999-1223
-CVE-1999-1222
-CVE-1999-1217
-CVE-1999-1215
-CVE-1999-1214
-CVE-1999-1209
-CVE-1999-1208
-CVE-1999-1205
-CVE-1999-1204
-CVE-1999-1203
-CVE-1999-1201
-CVE-1999-1199
-CVE-1999-1198
-CVE-1999-1197
-CVE-1999-1194
-CVE-1999-1193
-CVE-1999-1192
-CVE-1999-1191
-CVE-1999-1189
-CVE-1999-1188
-CVE-1999-1181
-CVE-1999-1177
-CVE-1999-1175
-CVE-1999-1167
-CVE-1999-1163
-CVE-1999-1162
-CVE-1999-1161
-CVE-1999-1160
-CVE-1999-1159
-CVE-1999-1157
-CVE-1999-1156
-CVE-1999-1148
-CVE-1999-1147
-CVE-1999-1146
-CVE-1999-1145
-CVE-1999-1144
-CVE-1999-1143
-CVE-1999-1142
-CVE-1999-1140
-CVE-1999-1139
-CVE-1999-1138
-CVE-1999-1137
-CVE-1999-1136
-CVE-1999-1132
-CVE-1999-1131
-CVE-1999-1127
-CVE-1999-1122
-CVE-1999-1121
-CVE-1999-1120
-CVE-1999-1119
-CVE-1999-1118
-CVE-1999-1117
-CVE-1999-1116
-CVE-1999-1115
-CVE-1999-1114
-CVE-1999-1111
-CVE-1999-1109
-CVE-1999-1105
-CVE-1999-1104
-CVE-1999-1103
-CVE-1999-1102
-CVE-1999-1100
-CVE-1999-1099
-CVE-1999-1098
-CVE-1999-1094
-CVE-1999-1093
-CVE-1999-1090
-CVE-1999-1087
-CVE-1999-1085
-CVE-1999-1080
-CVE-1999-1074
-CVE-1999-1059
-CVE-1999-1057
-CVE-1999-1055
-CVE-1999-1048
-CVE-1999-1047
-CVE-1999-1045
-CVE-1999-1044
-CVE-1999-1037
-CVE-1999-1035
-CVE-1999-1034
-CVE-1999-1032
-CVE-1999-1028
-CVE-1999-1027
-CVE-1999-1021
-CVE-1999-1019
-CVE-1999-1014
-CVE-1999-1011
-CVE-1999-1010
-CVE-1999-1008
-CVE-1999-1007
-CVE-1999-1005
-CVE-1999-1004
-CVE-1999-1001
-CVE-1999-1000
-CVE-1999-0999
-CVE-1999-0998
-CVE-1999-0997
+CVE-1999-1331 (netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface
to be ...)
+CVE-1999-1330 (The snprintf function in the db library 1.85.4 ignores the size
...)
+CVE-1999-1329 (Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier
allows ...)
+CVE-1999-1328 (linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local
users ...)
+CVE-1999-1327 (Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1
allows ...)
+CVE-1999-1326 (wu-ftpd 2.4 FTP server does not properly drop privileges when an
ABOR ...)
+CVE-1999-1325 (SAS System 5.18 on VAX/VMS is installed with insecure
permissions for ...)
+CVE-1999-1324 (VAXstations running Open VMS 5.3 through 5.5-2 with VMS
DECwindows or ...)
+CVE-1999-1321 (Buffer overflow in ssh 1.2.26 client with Kerberos V enabled
could ...)
+CVE-1999-1320 (Vulnerability in Novell NetWare 3.x and earlier allows local
users to ...)
+CVE-1999-1318 (/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that
...)
+CVE-1999-1317 (Windows NT 4.0 SP4 and earlier allows local users to gain
privileges ...)
+CVE-1999-1316 (Passfilt.dll in Windows NT SP2 allows users to create a password
that ...)
+CVE-1999-1309 (Sendmail before 8.6.7 allows local users to gain root access via
a ...)
+CVE-1999-1301 (A design flaw in the Z-Modem protocol allows the remote sender
of a ...)
+CVE-1999-1298 (Sysinstall in FreeBSD 2.2.1 and earlier, when configuring
anonymous ...)
+CVE-1999-1297 (cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and
earlier ...)
+CVE-1999-1294 (Office Shortcut Bar (OSB) in Windows 3.51 enables backup and
restore ...)
+CVE-1999-1290 (Buffer overflow in nftp FTP client version 1.40 allows remote
...)
+CVE-1999-1288 (Samba 1.9.18 inadvertently includes a prototype application,
wsmbconf, ...)
+CVE-1999-1284 (NukeNabber allows remote attackers to cause a denial of service
by ...)
+CVE-1999-1279 (An interaction between the AS/400 shared folders feature and
Microsoft ...)
+CVE-1999-1276 (fte-console in the fte package before 0.46b-4.1 does not drop
root ...)
+CVE-1999-1263 (Metamail before 2.7-7.2 allows remote attackers to overwrite
arbitrary ...)
+CVE-1999-1262 (Java in Netscape 4.5 does not properly restrict applets from
...)
+CVE-1999-1259 (Microsoft Office 98, Macintosh Edition, does not properly
initialize ...)
+CVE-1999-1258 (rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly
prevent ...)
+CVE-1999-1249 (movemail in HP-UX 10.20 has insecure permissions, which allows
local ...)
+CVE-1999-1246 (Direct Mailer feature in Microsoft Site Server 3.0 saves user
domain ...)
+CVE-1999-1243 (SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows
local ...)
+CVE-1999-1233 (IIS 4.0 does not properly restrict access for the initial
session ...)
+CVE-1999-1226 (Netscape Communicator 4.7 and earlier allows remote attackers to
cause ...)
+CVE-1999-1223 (IIS 3.0 allows remote attackers to cause a denial of service via
a ...)
+CVE-1999-1222 (Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers
to ...)
+CVE-1999-1217 (The PATH in Windows NT includes the current working directory
(.), ...)
+CVE-1999-1215 (LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily
writes ...)
+CVE-1999-1214 (Vulnerability in asynchronous I/O facility in 4.4 BSD kernel
does not ...)
+CVE-1999-1209 (Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open ...)
+CVE-1999-1208 (Buffer overflow in ping in AIX 4.2 and earlier allows local
users to ...)
+CVE-1999-1205 (nettune in HP-UX 10.01 and 10.00 is installed setuid root, which
...)
+CVE-1999-1204 (Check Point Firewall-1 does not properly handle certain
restricted ...)
+CVE-1999-1203 (Multilink PPP for ISDN dialup users in Ascend before 4.6 allows
remote ...)
+CVE-1999-1201 (Windows 95 and Windows 98 systems, when configured with multiple
...)
+CVE-1999-1199 (Apache WWW server 1.3.1 and earlier allows remote attackers to
cause a ...)
+CVE-1999-1198 (BuildDisk program on NeXT systems before 2.0 does not prompt
users for ...)
+CVE-1999-1197 (TIOCCONS in SunOS 4.1.1 does not properly check the permissions
of a ...)
+CVE-1999-1194 (chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed,
which ...)
+CVE-1999-1193 (The "me" user in NeXT NeXTstep 2.1 and earlier
has wheel group ...)
+CVE-1999-1192 (Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows
local ...)
+CVE-1999-1191 (Buffer overflow in chkey in Solaris 2.5.1 and earlier allows
local ...)
+CVE-1999-1189 (Buffer overflow in Netscape Navigator/Communicator 4.7 for
Windows 95 ...)
+CVE-1999-1188 (mysqld in MySQL 3.21 creates log files with world-readable ...)
+CVE-1999-1181 (Vulnerability in On-Line Customer Registration software for IRIX
6.2 ...)
+CVE-1999-1177 (Directory traversal vulnerability in nph-publish before 1.2
allows ...)
+CVE-1999-1175 (Web Cache Control Protocol (WCCP) in Cisco Cache Engine for
Cisco IOS ...)
+CVE-1999-1167 (Cross-site scripting vulnerability in Third Voice Web annotation
...)
+CVE-1999-1163 (Vulnerability in HP Series 800 S/X/V Class servers allows remote
...)
+CVE-1999-1162 (Vulnerability in passwd in SCO UNIX 4.0 and earlier allows
attackers ...)
+CVE-1999-1161 (Vulnerability in ppl in HP-UX 10.x and earlier allows local
users to ...)
+CVE-1999-1160 (Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local
and ...)
+CVE-1999-1159 (SSH 2.0.11 and earlier allows local users to request remote
forwarding ...)
+CVE-1999-1157 (Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers
to ...)
+CVE-1999-1156 (BisonWare FTP Server 4.1 and earlier allows remote attackers to
cause ...)
+CVE-1999-1148 (FTP service in IIS 4.0 and earlier allows remote attackers to
cause a ...)
+CVE-1999-1147 (Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0
allows ...)
+CVE-1999-1146 (Vulnerability in Glance and gpm programs in GlancePlus for HP-UX
9.x ...)
+CVE-1999-1145 (Vulnerability in Glance programs in GlancePlus for HP-UX 10.20
and ...)
+CVE-1999-1144 (Certain files in MPower in HP-UX 10.x are installed with
insecure ...)
+CVE-1999-1143 (Vulnerability in runtime linker program rld in SGI IRIX 6.x and
...)
+CVE-1999-1142 (SunOS 4.1.2 and earlier allows local users to gain privileges in
...)
+CVE-1999-1140 (Buffer overflow in CrackLib 2.5 may allow local users to gain
root ...)
+CVE-1999-1139 (Character-Terminal User Environment (CUE) in HP-UX 11.0 and
earlier ...)
+CVE-1999-1138 (SCO UNIX System V/386 Release 3.2, and other SCO products,
installs ...)
+CVE-1999-1137 (The permissions for the /dev/audio device on Solaris 2.2 and
earlier, ...)
+CVE-1999-1136 (Vulnerability in Predictive on HP-UX 11.0 and earlier, and
MPE/iX 5.5 ...)
+CVE-1999-1132 (Windows NT 4.0 allows remote attackers to cause a denial of
service ...)
+CVE-1999-1131 (Buffer overflow in OSF Distributed Computing Environment (DCE)
...)
+CVE-1999-1127 (Windows NT 4.0 does not properly shut down invalid named pipe
RPC ...)
+CVE-1999-1122 (Vulnerability in restore in SunOS 4.0.3 and earlier allows local
users ...)
+CVE-1999-1121 (The default configuration for UUCP in AIX before 3.2 allows
local ...)
+CVE-1999-1120 (netprint in SGI IRIX 6.4 and earlier trusts the PATH
environmental ...)
+CVE-1999-1119 (FTP installation script anon.ftp in AIX insecurely configures
...)
+CVE-1999-1118 (ndd in Solaris 2.6 allows local users to cause a denial of
service by ...)
+CVE-1999-1117 (lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary
files ...)
+CVE-1999-1116 (Vulnerability in runpriv in Indigo Magic System Administration
...)
+CVE-1999-1115 (Vulnerability in the /etc/suid_exec program in HP Apollo
Domain/OS ...)
+CVE-1999-1114 (Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX
6.x and ...)
+CVE-1999-1111 (Vulnerability in StackGuard before 1.21 allows remote attackers
to ...)
+CVE-1999-1109 (Sendmail before 8.10.0 allows remote attackers to cause a denial
of ...)
+CVE-1999-1105 (Windows 95, when Remote Administration and File Sharing for
NetWare ...)
+CVE-1999-1104 (Windows 95 uses weak encryption for the password list (.pwl)
file used ...)
+CVE-1999-1103 (dxconsole in DEC OSF/1 3.2C and earlier allows local users to
read ...)
+CVE-1999-1102 (lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based
operating ...)
+CVE-1999-1100 (Cisco PIX Private Link 4.1.6 and earlier does not properly
process ...)
+CVE-1999-1099 (Kerberos 4 allows remote attackers to obtain sensitive
information via ...)
+CVE-1999-1098 (Vulnerability in BSD Telnet client with encryption and Kerberos
4 ...)
+CVE-1999-1094 (Buffer overflow in Internet Explorer 4.01 and earlier allows
remote ...)
+CVE-1999-1093 (Buffer overflow in the Window.External function in the JScript
...)
+CVE-1999-1090 (The default configuration of NCSA Telnet package for Macintosh
and PC ...)
+CVE-1999-1087 (Internet Explorer 4 treats a 32-bit number ("dotless IP
address") in ...)
+CVE-1999-1085 (SSH 1.2.25, 1.2.23, and other versions, when used in in CBC
(Cipher ...)
+CVE-1999-1080 (rmmount in SunOS 5.7 may mount file systems without the nosuid
flag ...)
+CVE-1999-1074 (Webmin before 0.5 does not restrict the number of invalid
passwords ...)
+CVE-1999-1059 (Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP
4.0 for various ...)
+CVE-1999-1057 (VMS 4.0 through 5.3 allows local users to gain privileges via
the ...)
+CVE-1999-1055 (Microsoft Excel 97 does not warn the user before executing
worksheet ...)
+CVE-1999-1048 (Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows
local ...)
+CVE-1999-1047 (When BSDI patches for Gauntlet 5.0 BSDI are installed in a
particular ...)
+CVE-1999-1045 (pnserver in RealServer 5.0 and earlier allows remote attackers
to ...)
+CVE-1999-1044 (Vulnerability in Advanced File System Utility (advfs) in Digital
UNIX ...)
+CVE-1999-1037 (rex.satan in SATAN 1.1.1 allows local users to overwrite
arbitrary ...)
+CVE-1999-1035 (IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to
cause a ...)
+CVE-1999-1034 (Vulnerability in login in AT&T System V Release 4 allows
local users ...)
+CVE-1999-1032 (Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1
and 4.2 ...)
+CVE-1999-1028 (Symantec pcAnywhere 8.0 allows remote attackers to cause a
denial of ...)
+CVE-1999-1027 (Solaris 2.6 HW3/98 installs admintool with world-writable
permissions, ...)
+CVE-1999-1021 (NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in
a 32 ...)
+CVE-1999-1019 (SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0
installs a ...)
+CVE-1999-1014 (Buffer overflow in mail command in Solaris 2.7 and 2.7 allows
local ...)
+CVE-1999-1011 (The Remote Data Service (RDS) DataFactory component of Microsoft
Data ...)
+CVE-1999-1010 (An SSH 1.2.27 server allows a client to use the
"none" cipher, even if ...)
+CVE-1999-1008 (xsoldier program allows local users to gain root access via a
...)
+CVE-1999-1007 (Buffer overflow in VDO Live Player allows remote attackers to
execute ...)
+CVE-1999-1005 (Groupwise web server GWWEB.EXE allows remote attackers to read
...)
+CVE-1999-1004 (Buffer overflow in the POP server POProxy for the Norton
Anti-Virus ...)
+CVE-1999-1001 (Cisco Cache Engine allows a remote attacker to gain access via a
null ...)
+CVE-1999-1000 (The web administration interface for Cisco Cache Engine allows
remote ...)
+CVE-1999-0999 (Microsoft SQL 7.0 server allows a remote attacker to cause a
denial of ...)
+CVE-1999-0998 (Cisco Cache Engine allows an attacker to replace content in the
cache. ...)
+CVE-1999-0997 (wu-ftp with FTP conversion enabled allows an attacker to execute
...)
{DSA-377}
-CVE-1999-0996
-CVE-1999-0995
-CVE-1999-0994
-CVE-1999-0992
-CVE-1999-0991
-CVE-1999-0989
-CVE-1999-0987
-CVE-1999-0986
-CVE-1999-0982
-CVE-1999-0981
-CVE-1999-0980
-CVE-1999-0979
-CVE-1999-0978
-CVE-1999-0977
-CVE-1999-0976
-CVE-1999-0975
-CVE-1999-0974
-CVE-1999-0973
-CVE-1999-0972
-CVE-1999-0971
-CVE-1999-0969
-CVE-1999-0968
-CVE-1999-0967
-CVE-1999-0966
-CVE-1999-0965
-CVE-1999-0964
-CVE-1999-0963
-CVE-1999-0962
-CVE-1999-0961
-CVE-1999-0960
-CVE-1999-0959
-CVE-1999-0958
-CVE-1999-0957
-CVE-1999-0956
-CVE-1999-0955
-CVE-1999-0954
-CVE-1999-0953
-CVE-1999-0951
-CVE-1999-0950
-CVE-1999-0947
-CVE-1999-0946
-CVE-1999-0945
-CVE-1999-0943
-CVE-1999-0942
-CVE-1999-0940
-CVE-1999-0939
-CVE-1999-0938
-CVE-1999-0937
-CVE-1999-0936
-CVE-1999-0935
-CVE-1999-0934
-CVE-1999-0933
-CVE-1999-0932
-CVE-1999-0931
-CVE-1999-0930
-CVE-1999-0928
-CVE-1999-0927
-CVE-1999-0924
-CVE-1999-0922
-CVE-1999-0921
-CVE-1999-0920
-CVE-1999-0918
-CVE-1999-0917
-CVE-1999-0916
-CVE-1999-0915
-CVE-1999-0914
-CVE-1999-0912
-CVE-1999-0909
-CVE-1999-0908
-CVE-1999-0907
-CVE-1999-0906
-CVE-1999-0905
-CVE-1999-0904
-CVE-1999-0903
-CVE-1999-0902
-CVE-1999-0901
-CVE-1999-0900
-CVE-1999-0899
-CVE-1999-0898
-CVE-1999-0897
-CVE-1999-0896
-CVE-1999-0895
-CVE-1999-0894
-CVE-1999-0893
-CVE-1999-0892
-CVE-1999-0891
-CVE-1999-0890
-CVE-1999-0889
-CVE-1999-0888
-CVE-1999-0887
-CVE-1999-0886
-CVE-1999-0884
-CVE-1999-0883
-CVE-1999-0881
-CVE-1999-0880
-CVE-1999-0879
-CVE-1999-0878
-CVE-1999-0877
-CVE-1999-0876
-CVE-1999-0875
-CVE-1999-0874
-CVE-1999-0873
-CVE-1999-0871
-CVE-1999-0870
-CVE-1999-0869
-CVE-1999-0868
-CVE-1999-0867
-CVE-1999-0866
-CVE-1999-0865
-CVE-1999-0864
-CVE-1999-0861
-CVE-1999-0859
-CVE-1999-0858
-CVE-1999-0856
-CVE-1999-0854
-CVE-1999-0853
-CVE-1999-0851
-CVE-1999-0849
-CVE-1999-0848
-CVE-1999-0847
-CVE-1999-0842
-CVE-1999-0839
-CVE-1999-0838
-CVE-1999-0837
-CVE-1999-0836
-CVE-1999-0835
-CVE-1999-0834
-CVE-1999-0833
-CVE-1999-0832
-CVE-1999-0831
-CVE-1999-0826
-CVE-1999-0824
-CVE-1999-0823
-CVE-1999-0820
-CVE-1999-0819
-CVE-1999-0817
-CVE-1999-0815
-CVE-1999-0814
-CVE-1999-0813
-CVE-1999-0812
-CVE-1999-0811
-CVE-1999-0810
-CVE-1999-0809
-CVE-1999-0807
-CVE-1999-0806
-CVE-1999-0804
-CVE-1999-0803
-CVE-1999-0802
-CVE-1999-0801
-CVE-1999-0800
-CVE-1999-0799
-CVE-1999-0797
-CVE-1999-0796
-CVE-1999-0794
-CVE-1999-0793
-CVE-1999-0791
-CVE-1999-0790
-CVE-1999-0789
-CVE-1999-0788
-CVE-1999-0787
-CVE-1999-0786
-CVE-1999-0785
-CVE-1999-0783
-CVE-1999-0782
-CVE-1999-0781
-CVE-1999-0780
-CVE-1999-0779
-CVE-1999-0778
-CVE-1999-0777
-CVE-1999-0775
-CVE-1999-0774
-CVE-1999-0773
-CVE-1999-0772
-CVE-1999-0771
-CVE-1999-0770
-CVE-1999-0769
-CVE-1999-0768
-CVE-1999-0766
-CVE-1999-0765
-CVE-1999-0764
-CVE-1999-0763
-CVE-1999-0762
-CVE-1999-0761
-CVE-1999-0760
-CVE-1999-0759
-CVE-1999-0758
-CVE-1999-0756
-CVE-1999-0755
-CVE-1999-0754
-CVE-1999-0753
-CVE-1999-0752
-CVE-1999-0751
-CVE-1999-0749
-CVE-1999-0747
-CVE-1999-0746
-CVE-1999-0745
-CVE-1999-0744
-CVE-1999-0743
-CVE-1999-0742
-CVE-1999-0740
-CVE-1999-0735
-CVE-1999-0734
-CVE-1999-0733
-CVE-1999-0732
-CVE-1999-0731
-CVE-1999-0730
-CVE-1999-0729
-CVE-1999-0728
-CVE-1999-0727
-CVE-1999-0726
-CVE-1999-0725
-CVE-1999-0724
-CVE-1999-0723
-CVE-1999-0722
-CVE-1999-0721
-CVE-1999-0720
-CVE-1999-0719
-CVE-1999-0718
-CVE-1999-0717
-CVE-1999-0716
-CVE-1999-0715
-CVE-1999-0714
-CVE-1999-0713
-CVE-1999-0711
-CVE-1999-0710
+CVE-1999-0996 (Buffer overflow in Infoseek Ultraseek search engine allows
remote ...)
+CVE-1999-0995 (Windows NT Local Security Authority (LSA) allows remote
attackers to ...)
+CVE-1999-0994 (Windows NT with SYSKEY reuses the keystream that is used for
...)
+CVE-1999-0992 (HP VirtualVault with the PHSS_17692 patch allows unprivileged
...)
+CVE-1999-0991 (Buffer overflow in GoodTech Telnet Server NT allows remote users
to ...)
+CVE-1999-0989 (Buffer overflow in Internet Explorer 5 directshow filter
(MSDXM.OCX) ...)
+CVE-1999-0987 (Windows NT does not properly download a system policy if the
domain ...)
+CVE-1999-0986 (The ping command in Linux 2.0.3x allows local users to cause a
denial ...)
+CVE-1999-0982 (The Sun Web-Based Enterprise Management (WBEM) installation
script ...)
+CVE-1999-0981 (Internet Explorer 5.01 and earlier allows a remote attacker to
create ...)
+CVE-1999-0980 (Windows NT Service Control Manager (SCM) allows remote attackers
to ...)
+CVE-1999-0979 (The SCO UnixWare privileged process system allows local users to
gain ...)
+CVE-1999-0978 (htdig allows remote attackers to execute commands via filenames
with ...)
+CVE-1999-0977 (Buffer overflow in Solaris sadmind allows remote attackers to
gain ...)
+CVE-1999-0976 (Sendmail allows local users to reinitialize the aliases database
via ...)
+CVE-1999-0975 (The Windows help system can allow a local user to execute
commands as ...)
+CVE-1999-0974 (Buffer overflow in Solaris snoop allows remote attackers to gain
root ...)
+CVE-1999-0973 (Buffer overflow in Solaris snoop program allows remote attackers
to ...)
+CVE-1999-0972 (Buffer overflow in Xshipwars xsw program. ...)
+CVE-1999-0971 (Buffer overflow in Exim allows local users to gain root
privileges via ...)
+CVE-1999-0969 (The Windows NT RPC service allows remote attackers to conduct a
denial ...)
+CVE-1999-0968 (Buffer overflow in BNC IRC proxy allows remote attackers to gain
...)
+CVE-1999-0967 (Buffer overflow in the HTML library used by Internet Explorer,
Outlook ...)
+CVE-1999-0966 (Buffer overflow in Solaris getopt in libc allows local users to
gain ...)
+CVE-1999-0965 (Race condition in xterm allows local users to modify arbitrary
files ...)
+CVE-1999-0964 (Buffer overflow in FreeBSD setlocale in the libc module. ...)
+CVE-1999-0963 (FreeBSD mount_union command allows local users to gain root
privileges ...)
+CVE-1999-0962 (Buffer overflow in HPUX passwd command allows local users to
gain root ...)
+CVE-1999-0961 (HPUX sysdiag allows local users to gain root privileges via a
symlink ...)
+CVE-1999-0960 (IRIX cdplayer allows local users to create directories in
arbitrary ...)
+CVE-1999-0959 (IRIX startmidi program allows local users to modify arbitrary
files ...)
+CVE-1999-0958 (sudo 1.5.x allows local users to execute arbitrary commands via
a ...)
+CVE-1999-0957 (MajorCool mj_key_cache program allows local users to modify
files via ...)
+CVE-1999-0956 (The NeXT NetInfo _writers property allows local users to gain
root ...)
+CVE-1999-0955 (Race condition in wu-ftpd and BSDI ftpd allows remote attackers
gain ...)
+CVE-1999-0954 (WWWBoard has a default username and default password. ...)
+CVE-1999-0953 (WWWBoard stores encrypted passwords in a password file that is
...)
+CVE-1999-0951 (Buffer overflow in OmniHTTPd CGI program imagemap.cgi allows
remote ...)
+CVE-1999-0950 (Buffer overflow in WFTPD FTP server allows remote attackers to
gain ...)
+CVE-1999-0947 (AN-HTTPd provides example CGI scripts test.bat, input.bat,
input2.bat, ...)
+CVE-1999-0946 (Buffer overflow in Yamaha MidiPlug via a Text variable in an
EMBED ...)
+CVE-1999-0945 (Buffer overflow in Internet Mail Service (IMS) for Microsoft
Exchange ...)
+CVE-1999-0943 (Buffer overflow in OpenLink 3.2 allows remote attackers to gain
...)
+CVE-1999-0942 (UnixWare dos7utils allows a local user to gain root privileges
by ...)
+CVE-1999-0940 (Buffer overflow in mutt mail client allows remote attackers to
execute ...)
+CVE-1999-0939 (Denial of service in Debian IRC Epic/epic4 client via a long
string. ...)
+CVE-1999-0938 (MBone SDR Package allows remote attackers to execute commands
via ...)
+CVE-1999-0937 (BNBForm allows remote attackers to read arbitrary files via the
...)
+CVE-1999-0936 (BNBSurvey survey.cgi program allows remote attackers to execute
...)
+CVE-1999-0935 (classifieds.cgi allows remote attackers to execute arbitrary
commands ...)
+CVE-1999-0934 (classifieds.cgi allows remote attackers to read arbitrary files
via ...)
+CVE-1999-0933 (TeamTrack web server allows remote attackers to read arbitrary
files ...)
+CVE-1999-0932 (Mediahouse Statistics Server allows remote attackers to read the
...)
+CVE-1999-0931 (Buffer overflow in Mediahouse Statistics Server allows remote
...)
+CVE-1999-0930 (wwwboard allows a remote attacker to delete message board
articles via ...)
+CVE-1999-0928 (Buffer overflow in SmartDesk WebSuite allows remote attackers to
cause ...)
+CVE-1999-0927 (NTMail allows remote attackers to read arbitrary files via a ..
(dot ...)
+CVE-1999-0924 (The Syntax Checker in ColdFusion Server 4.0 allows remote
attackers to ...)
+CVE-1999-0922 (An example application in ColdFusion Server 4.0 allows remote
...)
+CVE-1999-0921 (BMC Patrol allows any remote attacker to flood its UDP port,
causing a ...)
+CVE-1999-0920 (Buffer overflow in the pop-2d POP daemon in the IMAP package
allows ...)
+CVE-1999-0918 (Denial of service in various Windows systems via malformed,
fragmented ...)
+CVE-1999-0917 (The Preloader ActiveX control used by Internet Explorer allows
remote ...)
+CVE-1999-0916 (WebTrends software stores account names and passwords in a file
which ...)
+CVE-1999-0915 (URL Live! web server allows remote attackers to read arbitrary
files ...)
+CVE-1999-0914 (Buffer overflow in the FTP client in the Debian GNU/Linux netstd
...)
+CVE-1999-0912 (FreeBSD VFS cache (vfs_cache) allows local users to cause a
denial of ...)
+CVE-1999-0909 (Multihomed Windows systems allow a remote attacker to bypass IP
...)
+CVE-1999-0908 (Denial of service in Solaris TCP streams driver via a malicious
...)
+CVE-1999-0907 (sccw allows local users to read arbitrary files. ...)
+CVE-1999-0906 (Buffer overflow in sccw allows local users to gain root access
via the ...)
+CVE-1999-0905 (Denial of service in Axent Raptor firewall via malformed
zero-length ...)
+CVE-1999-0904 (Buffer overflow in BFTelnet allows remote attackers to cause a
denial ...)
+CVE-1999-0903 (genfilt in the AIX Packet Filtering Module does not properly
filter ...)
+CVE-1999-0902 (ypserv allows local administrators to modify password tables.
...)
+CVE-1999-0901 (ypserv allows a local user to modify the GECOS and login shells
...)
+CVE-1999-0900 (Buffer overflow in rpc.yppasswdd allows a local user to gain
...)
+CVE-1999-0899 (The Windows NT 4.0 print spooler allows a local user to execute
...)
+CVE-1999-0898 (Buffer overflows in Windows NT 4.0 print spooler allow remote
...)
+CVE-1999-0897 (iChat ROOMS Webserver allows remote attackers to read arbitrary
files ...)
+CVE-1999-0896 (Buffer overflow in RealNetworks RealServer administration
utility ...)
+CVE-1999-0895 (Firewall-1 does not properly restrict access to LDAP attributes.
...)
+CVE-1999-0894 (Red Hat Linux screen program does not use Unix98 ptys, allowing
...)
+CVE-1999-0893 (userOsa in SCO OpenServer allows local users to corrupt files
via a ...)
+CVE-1999-0892 (Buffer overflow in Netscape Communicator before 4.7 via a
dynamic font ...)
+CVE-1999-0891 (The "download behavior" in Internet Explorer 5
allows remote attackers ...)
+CVE-1999-0890 (iHTML Merchant allows remote attackers to obtain sensitive
information ...)
+CVE-1999-0889 (Cisco 675 routers running CBOS allow remote attackers to
establish ...)
+CVE-1999-0888 (dbsnmp in Oracle Intelligent Agent allows local users to gain
...)
+CVE-1999-0887 (FTGate web interface server allows remote attackers to read
files via ...)
+CVE-1999-0886 (The security descriptor for RASMAN allows users to point to an
...)
+CVE-1999-0884 (The Zeus web server administrative interface uses weak
encryption for ...)
+CVE-1999-0883 (Zeus web server allows remote attackers to read arbitrary files
by ...)
+CVE-1999-0881 (Falcon web server allows remote attackers to read arbitrary
files via ...)
+CVE-1999-0880 (Denial of service in WU-FTPD via the SITE NEWER command, which
does ...)
+CVE-1999-0879 (Buffer overflow in WU-FTPD and related FTP servers allows remote
...)
+CVE-1999-0878 (Buffer overflow in WU-FTPD and related FTP servers allows remote
...)
+CVE-1999-0877 (Internet Explorer 5 allows remote attackers to read files via an
...)
+CVE-1999-0876 (Buffer overflow in Internet Explorer 4.0 via EMBED tag. ...)
+CVE-1999-0875 (DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled
allow ...)
+CVE-1999-0874 (Buffer overflow in IIS 4.0 allows remote attackers to cause a
denial ...)
+CVE-1999-0873 (Buffer overflow in Skyfull mail server via MAIL FROM command.
...)
+CVE-1999-0871 (Internet Explorer 4.0 and 4.01 allow a remote attacker to read
files ...)
+CVE-1999-0870 (Internet Explorer 4.01 allows remote attackers to read arbitrary
files ...)
+CVE-1999-0869 (Internet Explorer 3.x to 4.01 allows a remote attacker to insert
...)
+CVE-1999-0868 (ucbmail allows remote attackers to execute commands via shell
...)
+CVE-1999-0867 (Denial of service in IIS 4.0 via a flood of HTTP requests with
...)
+CVE-1999-0866 (Buffer overflow in UnixWare xauto program allows local users to
gain ...)
+CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP
...)
+CVE-1999-0864 (UnixWare programs that dump core allow a local user to ...)
+CVE-1999-0861 (Race condition in the SSL ISAPI filter in IIS and other servers
may ...)
+CVE-1999-0859 (Solaris arp allows local users to read files via the -f
parameter, ...)
+CVE-1999-0858 (Internet Explorer 5 allows a remote attacker to modify the IE
client''s ...)
+CVE-1999-0856 (login in Slackware 7.0 allows remote attackers to identify valid
users ...)
+CVE-1999-0854 (Ultimate Bulletin Board stores data files in the cgi-bin
directory, ...)
+CVE-1999-0853 (Buffer overflow in Netscape Enterprise Server and Netscape ...)
+CVE-1999-0851 (Denial of service in BIND named via naptr. ...)
+CVE-1999-0849 (Denial of service in BIND named via maxdname. ...)
+CVE-1999-0848 (Denial of service in BIND named via consuming more than
"fdmax" file ...)
+CVE-1999-0847 (Buffer overflow in free internet chess server (FICS) program,
xboard. ...)
+CVE-1999-0842 (Symantec Mail-Gear 1.0 web interface server allows remote users
to ...)
+CVE-1999-0839 (Windows NT Task Scheduler installed with Internet Explorer 5
allows a ...)
+CVE-1999-0838 (Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct
a ...)
+CVE-1999-0837 (Denial of service in BIND by improperly closing TCP sessions via
...)
+CVE-1999-0836 (UnixWare uidadmin allows local users to modify arbitrary files
via ...)
+CVE-1999-0835 (Denial of service in BIND named via malformed SIG records. ...)
+CVE-1999-0834 (Buffer overflow in RSAREF2 via the encryption and decryption
functions ...)
+CVE-1999-0833 (Buffer overflow in BIND 8.2 via NXT records. ...)
+CVE-1999-0832 (Buffer overflow in NFS server on Linux allows attackers to
execute ...)
+CVE-1999-0831 (Denial of service in Linux syslogd via a large number of
connections. ...)
+CVE-1999-0826 (Buffer overflow in FreeBSD angband allows local users to gain
...)
+CVE-1999-0824 (A Windows NT user can use SUBST to map a drive letter to a
folder, ...)
+CVE-1999-0823 (Buffer overflow in FreeBSD xmindpath allows local users to gain
...)
+CVE-1999-0820 (FreeBSD seyon allows users to gain privileges via a modified
PATH ...)
+CVE-1999-0819 (NTMail does not disable the VRFY command, even if the
administrator ...)
+CVE-1999-0817 (Lynx WWW client allows a remote attacker to specify command-line
...)
+CVE-1999-0815 (Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows
remote ...)
+CVE-1999-0814 (Red Hat pump DHCP client allows remote attackers to gain root
access ...)
+CVE-1999-0813 (Cfingerd with ALLOW_EXECUTION enabled does not properly drop
...)
+CVE-1999-0812 (Race condition in Samba smbmnt allows local users to mount file
...)
+CVE-1999-0811 (Buffer overflow in Samba smbd program via a malformed message
...)
+CVE-1999-0810 (Denial of service in Samba NETBIOS name service daemon (nmbd).
...)
+CVE-1999-0809 (Netscape Communicator 4.x with Javascript enabled does not warn
a user ...)
+CVE-1999-0807 (The Netscape Directory Server installation procedure leaves
sensitive ...)
+CVE-1999-0806 (Buffer overflow in Solaris dtprintinfo program. ...)
+CVE-1999-0804 (Denial of service in Linux 2.2.x kernels via malformed ICMP
packets ...)
+CVE-1999-0803 (The fwluser script in AIX eNetwork Firewall allows local users
to ...)
+CVE-1999-0802 (Buffer overflow in Internet Explorer 5 allows remote attackers
to ...)
+CVE-1999-0801 (BMC Patrol allows remote attackers to gain access to an agent by
...)
+CVE-1999-0800 (The GetFile.cfm file in Allaire Forums allows remote attackers
to read ...)
+CVE-1999-0799 (Buffer overflow in bootpd 2.4.3 and earlier via a long boot file
...)
+CVE-1999-0797 (NIS finger allows an attacker to conduct a denial of service via
a ...)
+CVE-1999-0796 (FreeBSD T/TCP Extensions for Transactions can be subjected to
spoofing ...)
+CVE-1999-0794 (Microsoft Excel does not warn a user when a macro is present in
a ...)
+CVE-1999-0793 (Internet Explorer allows remote attackers to read files by
redirecting ...)
+CVE-1999-0791 (Hybrid Network cable modems do not include an authentication
mechanism ...)
+CVE-1999-0790 (A remote attacker can read information from a Netscape
user''s cache ...)
+CVE-1999-0789 (Buffer overflow in AIX ftpd in the libc library. ...)
+CVE-1999-0788 (Arkiea nlservd allows remote attackers to conduct a denial of
service. ...)
+CVE-1999-0787 (The SSH authentication agent follows symlinks via a UNIX domain
...)
+CVE-1999-0786 (The dynamic linker in Solaris allows a local user to create
arbitrary ...)
+CVE-1999-0785 (The INN inndstart program allows local users to gain root
privileges ...)
+CVE-1999-0783 (FreeBSD allows local users to conduct a denial of service by
creating ...)
+CVE-1999-0782 (KDE kppp allows local users to create a directory in an
arbitrary ...)
+CVE-1999-0781 (KDE allows local users to execute arbitrary commands by setting
the ...)
+CVE-1999-0780 (KDE klock allows local users to kill arbitrary processes by
specifying ...)
+CVE-1999-0779 (Denial of service in HP-UX SharedX recserv program. ...)
+CVE-1999-0778 (Buffer overflow in Xi Graphics Accelerated-X server allows local
...)
+CVE-1999-0777 (IIS FTP servers may allow a remote attacker to read or delete
files on ...)
+CVE-1999-0775 (Cisco Gigabit Switch routers running IOS allow remote attackers
to ...)
+CVE-1999-0774 (Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe)
package via ...)
+CVE-1999-0773 (Buffer overflow in Solaris lpset program allows local users to
gain ...)
+CVE-1999-0772 (Denial of service in Compaq Management Agents and the Compaq
Survey ...)
+CVE-1999-0771 (The web components of Compaq Management Agents and the Compaq
Survey ...)
+CVE-1999-0770 (Firewall-1 sets a long timeout for connections that begin with
ACK or ...)
+CVE-1999-0769 (Vixie Cron on Linux systems allows local users to set parameters
of ...)
+CVE-1999-0768 (Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO
...)
+CVE-1999-0766 (The Microsoft Java Virtual Machine allows a malicious Java
applet to ...)
+CVE-1999-0765 (SGI IRIX midikeys program allows local users to modify arbitrary
files ...)
+CVE-1999-0764 (NetBSD allows ARP packets to overwrite static ARP entries. ...)
+CVE-1999-0763 (NetBSD on a multi-homed host allows ARP packets on one network
to ...)
+CVE-1999-0762 (When Javascript is embedded within the TITLE tag, Netscape ...)
+CVE-1999-0761 (Buffer overflow in FreeBSD fts library routines allows local
user to ...)
+CVE-1999-0760 (Undocumented ColdFusion Markup Language (CFML) tags and
functions in ...)
+CVE-1999-0759 (Buffer overflow in FuseMAIL POP service via long USER and PASS
...)
+CVE-1999-0758 (Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a
remote ...)
+CVE-1999-0756 (ColdFusion Administrator with Advanced Security enabled allows
remote ...)
+CVE-1999-0755 (Windows NT RRAS and RAS clients cache a user''s password
even if the ...)
+CVE-1999-0754 (The INN inndstart program allows local users to gain privileges
by ...)
+CVE-1999-0753 (The w3-msql CGI script provided with Mini SQL allows remote
attackers ...)
+CVE-1999-0752 (Denial of service in Netscape Enterprise Server via a buffer
overflow ...)
+CVE-1999-0751 (Buffer overflow in Accept command in Netscape Enterprise Server
3.6 ...)
+CVE-1999-0749 (Buffer overflow in Microsoft Telnet client in Windows 95 and
Windows ...)
+CVE-1999-0747 (Denial of service in BSDi Symmetric Multiprocessing (SMP) when
an ...)
+CVE-1999-0746 (A default configuration of in.identd in SuSE Linux waits 120
seconds ...)
+CVE-1999-0745 (Buffer overflow in Source Code Browser Program Database Name
Server ...)
+CVE-1999-0744 (Buffer overflow in Netscape Enterprise Server and FastTrask
Server ...)
+CVE-1999-0743 (Trn allows local users to overwrite other users'' files
via symlinks. ...)
+CVE-1999-0742 (The Debian mailman package uses weak authentication, which
allows ...)
+CVE-1999-0740 (Remote attackers can cause a denial of service on Linux
in.telnetd ...)
+CVE-1999-0735 (KDE K-Mail allows local users to gain privileges via a symlink
attack ...)
+CVE-1999-0734 (A default configuration of CiscoSecure Access Control Server
(ACS) ...)
+CVE-1999-0733 (Buffer overflow in VMWare 1.0.1 for Linux via a long HOME ...)
+CVE-1999-0732 (The logging facilitity of the Debian smtp-refuser package allows
local ...)
+CVE-1999-0731 (The KDE klock program allows local users to unlock a session
using ...)
+CVE-1999-0730 (The zsoelim program in the Debian man-db package allows local
users to ...)
+CVE-1999-0729 (Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker
to ...)
+CVE-1999-0728 (A Windows NT user can disable the keyboard or mouse by directly
...)
+CVE-1999-0727 (A kernel leak in the OpenBSD kernel allows IPsec packets to be
sent ...)
+CVE-1999-0726 (An attacker can conduct a denial of service in Windows NT by
executing ...)
+CVE-1999-0725 (When IIS is run with a default language of Chinese, Korean, or
...)
+CVE-1999-0724 (Buffer overflow in OpenBSD procfs and fdescfs file systems via
...)
+CVE-1999-0723 (The Windows NT Client Server Runtime Subsystem (CSRSS) can be
...)
+CVE-1999-0722 (The default configuration of Cobalt RaQ2 servers allows remote
...)
+CVE-1999-0721 (Denial of service in Windows NT Local Security Authority (LSA)
through ...)
+CVE-1999-0720 (The pt_chown command in Linux allows local users to modify TTY
...)
+CVE-1999-0719 (The Guile plugin for the Gnumeric spreadsheet package allows
attackers ...)
+CVE-1999-0718 (IBM GINA, when used for OS/2 domain authentication of Windows NT
...)
+CVE-1999-0717 (A remote attacker can disable the virus warning mechanism in
Microsoft ...)
+CVE-1999-0716 (Buffer overflow in Windows NT 4.0 help file utility via a
malformed ...)
+CVE-1999-0715 (Buffer overflow in Remote Access Service (RAS) client allows an
...)
+CVE-1999-0714 (Vulnerability in Compaq Tru64 UNIX edauth command. ...)
+CVE-1999-0713 (The dtlogin program in Compaq Tru64 UNIX allows local users to
gain ...)
+CVE-1999-0711 (The oratclsh interpreter in Oracle 8.x Intelligent Agent for
Unix ...)
+CVE-1999-0710 (The RedHat squid program installs cachemgr.cgi in a public web
...)
{DSA-576-1}
-CVE-1999-0708
-CVE-1999-0707
-CVE-1999-0706
-CVE-1999-0705
-CVE-1999-0704
-CVE-1999-0703
-CVE-1999-0702
-CVE-1999-0701
-CVE-1999-0700
-CVE-1999-0699
-CVE-1999-0697
-CVE-1999-0696
-CVE-1999-0695
-CVE-1999-0694
-CVE-1999-0693
-CVE-1999-0692
-CVE-1999-0691
-CVE-1999-0690
-CVE-1999-0689
-CVE-1999-0688
-CVE-1999-0687
-CVE-1999-0686
-CVE-1999-0685
-CVE-1999-0683
-CVE-1999-0682
-CVE-1999-0681
-CVE-1999-0680
-CVE-1999-0679
-CVE-1999-0678
-CVE-1999-0676
-CVE-1999-0675
-CVE-1999-0674
-CVE-1999-0672
-CVE-1999-0671
-CVE-1999-0668
-CVE-1999-0628
-CVE-1999-0627
-CVE-1999-0626
-CVE-1999-0612
-CVE-1999-0608
-CVE-1999-0566
-CVE-1999-0551
-CVE-1999-0526
-CVE-1999-0514
-CVE-1999-0513
-CVE-1999-0496
-CVE-1999-0494
-CVE-1999-0493
-CVE-1999-0491
-CVE-1999-0487
-CVE-1999-0485
-CVE-1999-0484
-CVE-1999-0483
-CVE-1999-0482
-CVE-1999-0481
-CVE-1999-0479
-CVE-1999-0478
-CVE-1999-0475
-CVE-1999-0474
-CVE-1999-0473
-CVE-1999-0472
-CVE-1999-0471
-CVE-1999-0470
-CVE-1999-0468
-CVE-1999-0466
-CVE-1999-0464
-CVE-1999-0463
-CVE-1999-0458
-CVE-1999-0457
-CVE-1999-0449
-CVE-1999-0448
-CVE-1999-0447
-CVE-1999-0446
-CVE-1999-0445
-CVE-1999-0442
-CVE-1999-0441
-CVE-1999-0440
-CVE-1999-0439
-CVE-1999-0438
-CVE-1999-0437
-CVE-1999-0436
-CVE-1999-0433
-CVE-1999-0432
-CVE-1999-0430
-CVE-1999-0429
-CVE-1999-0428
-CVE-1999-0425
-CVE-1999-0424
-CVE-1999-0423
-CVE-1999-0422
-CVE-1999-0421
-CVE-1999-0420
-CVE-1999-0417
-CVE-1999-0416
-CVE-1999-0415
-CVE-1999-0414
-CVE-1999-0413
-CVE-1999-0412
-CVE-1999-0410
-CVE-1999-0409
-CVE-1999-0408
-CVE-1999-0407
-CVE-1999-0405
-CVE-1999-0404
-CVE-1999-0403
-CVE-1999-0402
-CVE-1999-0396
-CVE-1999-0395
-CVE-1999-0393
-CVE-1999-0392
-CVE-1999-0391
-CVE-1999-0390
-CVE-1999-0388
-CVE-1999-0387
-CVE-1999-0386
-CVE-1999-0385
-CVE-1999-0384
-CVE-1999-0383
-CVE-1999-0382
-CVE-1999-0380
-CVE-1999-0379
-CVE-1999-0378
-CVE-1999-0377
-CVE-1999-0376
-CVE-1999-0375
-CVE-1999-0374
-CVE-1999-0373
-CVE-1999-0372
-CVE-1999-0371
-CVE-1999-0369
-CVE-1999-0368
-CVE-1999-0367
-CVE-1999-0366
-CVE-1999-0365
-CVE-1999-0363
-CVE-1999-0362
-CVE-1999-0358
-CVE-1999-0357
-CVE-1999-0355
-CVE-1999-0353
-CVE-1999-0351
-CVE-1999-0350
-CVE-1999-0349
-CVE-1999-0348
-CVE-1999-0346
-CVE-1999-0344
-CVE-1999-0343
-CVE-1999-0342
-CVE-1999-0341
-CVE-1999-0340
-CVE-1999-0339
-CVE-1999-0338
-CVE-1999-0337
-CVE-1999-0335
-CVE-1999-0334
-CVE-1999-0332
-CVE-1999-0329
-CVE-1999-0328
-CVE-1999-0327
-CVE-1999-0326
-CVE-1999-0325
-CVE-1999-0324
-CVE-1999-0323
-CVE-1999-0322
-CVE-1999-0321
-CVE-1999-0320
-CVE-1999-0318
-CVE-1999-0316
-CVE-1999-0315
-CVE-1999-0314
-CVE-1999-0313
-CVE-1999-0312
-CVE-1999-0311
-CVE-1999-0310
-CVE-1999-0309
-CVE-1999-0308
-CVE-1999-0305
-CVE-1999-0304
-CVE-1999-0303
-CVE-1999-0302
-CVE-1999-0301
-CVE-1999-0300
-CVE-1999-0299
-CVE-1999-0297
-CVE-1999-0296
-CVE-1999-0295
-CVE-1999-0294
-CVE-1999-0293
-CVE-1999-0292
-CVE-1999-0291
-CVE-1999-0290
-CVE-1999-0289
-CVE-1999-0288
-CVE-1999-0281
-CVE-1999-0280
-CVE-1999-0279
-CVE-1999-0278
-CVE-1999-0277
-CVE-1999-0276
-CVE-1999-0275
-CVE-1999-0274
-CVE-1999-0273
-CVE-1999-0272
-CVE-1999-0270
-CVE-1999-0269
-CVE-1999-0268
-CVE-1999-0267
-CVE-1999-0266
-CVE-1999-0265
-CVE-1999-0264
-CVE-1999-0263
-CVE-1999-0262
-CVE-1999-0260
-CVE-1999-0259
-CVE-1999-0256
-CVE-1999-0252
-CVE-1999-0251
-CVE-1999-0248
-CVE-1999-0247
-CVE-1999-0245
-CVE-1999-0244
-CVE-1999-0239
-CVE-1999-0237
-CVE-1999-0236
-CVE-1999-0234
-CVE-1999-0233
-CVE-1999-0230
-CVE-1999-0228
-CVE-1999-0227
-CVE-1999-0225
-CVE-1999-0224
-CVE-1999-0223
-CVE-1999-0221
-CVE-1999-0219
-CVE-1999-0218
-CVE-1999-0217
-CVE-1999-0215
-CVE-1999-0214
-CVE-1999-0212
-CVE-1999-0211
-CVE-1999-0210
-CVE-1999-0209
-CVE-1999-0208
-CVE-1999-0207
-CVE-1999-0206
-CVE-1999-0204
-CVE-1999-0203
-CVE-1999-0202
-CVE-1999-0201
-CVE-1999-0196
-CVE-1999-0194
-CVE-1999-0192
-CVE-1999-0191
-CVE-1999-0190
-CVE-1999-0189
-CVE-1999-0188
-CVE-1999-0185
-CVE-1999-0184
-CVE-1999-0183
-CVE-1999-0182
-CVE-1999-0181
-CVE-1999-0180
-CVE-1999-0179
-CVE-1999-0178
-CVE-1999-0177
-CVE-1999-0176
-CVE-1999-0175
-CVE-1999-0174
-CVE-1999-0173
-CVE-1999-0172
-CVE-1999-0170
-CVE-1999-0168
-CVE-1999-0167
-CVE-1999-0166
-CVE-1999-0164
-CVE-1999-0162
-CVE-1999-0161
-CVE-1999-0160
-CVE-1999-0159
-CVE-1999-0158
-CVE-1999-0157
-CVE-1999-0155
-CVE-1999-0153
-CVE-1999-0152
-CVE-1999-0151
-CVE-1999-0150
-CVE-1999-0149
-CVE-1999-0148
-CVE-1999-0147
-CVE-1999-0146
-CVE-1999-0145
-CVE-1999-0143
-CVE-1999-0142
-CVE-1999-0141
-CVE-1999-0139
-CVE-1999-0138
-CVE-1999-0137
-CVE-1999-0136
-CVE-1999-0135
-CVE-1999-0134
-CVE-1999-0133
-CVE-1999-0132
-CVE-1999-0131
-CVE-1999-0130
-CVE-1999-0129
-CVE-1999-0128
-CVE-1999-0126
-CVE-1999-0125
-CVE-1999-0124
-CVE-1999-0122
-CVE-1999-0120
-CVE-1999-0118
-CVE-1999-0117
-CVE-1999-0116
-CVE-1999-0115
-CVE-1999-0113
-CVE-1999-0112
-CVE-1999-0111
-CVE-1999-0109
-CVE-1999-0108
-CVE-1999-0103
-CVE-1999-0102
-CVE-1999-0101
-CVE-1999-0100
-CVE-1999-0099
-CVE-1999-0097
-CVE-1999-0096
-CVE-1999-0095
-CVE-1999-0094
-CVE-1999-0093
-CVE-1999-0091
-CVE-1999-0090
-CVE-1999-0087
-CVE-1999-0085
-CVE-1999-0084
-CVE-1999-0083
-CVE-1999-0082
-CVE-1999-0081
-CVE-1999-0080
-CVE-1999-0079
-CVE-1999-0077
-CVE-1999-0075
-CVE-1999-0074
-CVE-1999-0073
-CVE-1999-0072
-CVE-1999-0071
-CVE-1999-0070
-CVE-1999-0069
-CVE-1999-0068
-CVE-1999-0067
-CVE-1999-0066
-CVE-1999-0065
-CVE-1999-0064
-CVE-1999-0063
-CVE-1999-0062
-CVE-1999-0060
-CVE-1999-0059
-CVE-1999-0058
-CVE-1999-0057
-CVE-1999-0056
-CVE-1999-0055
-CVE-1999-0054
-CVE-1999-0053
-CVE-1999-0052
-CVE-1999-0051
-CVE-1999-0050
-CVE-1999-0049
-CVE-1999-0048
-CVE-1999-0047
-CVE-1999-0046
-CVE-1999-0045
-CVE-1999-0044
-CVE-1999-0043
-CVE-1999-0042
-CVE-1999-0041
-CVE-1999-0040
-CVE-1999-0039
-CVE-1999-0038
-CVE-1999-0037
-CVE-1999-0036
-CVE-1999-0035
-CVE-1999-0034
-CVE-1999-0032
-CVE-1999-0031
-CVE-1999-0029
-CVE-1999-0028
-CVE-1999-0027
-CVE-1999-0026
-CVE-1999-0025
-CVE-1999-0024
-CVE-1999-0023
-CVE-1999-0022
-CVE-1999-0021
-CVE-1999-0019
-CVE-1999-0018
-CVE-1999-0017
-CVE-1999-0016
-CVE-1999-0014
-CVE-1999-0013
-CVE-1999-0012
-CVE-1999-0011
-CVE-1999-0010
-CVE-1999-0009
-CVE-1999-0008
-CVE-1999-0007
-CVE-1999-0006
-CVE-1999-0005
-CVE-1999-0003
-CVE-1999-0002
+CVE-1999-0708 (Buffer overflow in cfingerd allows local users to gain root
privileges ...)
+CVE-1999-0707 (The default FTP configuration in HP Visualize Conference allows
...)
+CVE-1999-0706 (Linux xmonisdn package allows local users to gain root
privileges by ...)
+CVE-1999-0705 (Buffer overflow in INN inews program. ...)
+CVE-1999-0704 (Buffer overflow in Berkeley automounter daemon (amd) logging
facility ...)
+CVE-1999-0703 (OpenBSD, BSDI, and other Unix operating systems allow users to
set ...)
+CVE-1999-0702 (Internet Explorer 5.0 and 5.01 allows remote attackers to modify
or ...)
+CVE-1999-0701 (After an unattended installation of Windows NT 4.0, an
installation ...)
+CVE-1999-0700 (Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a
malformed ...)
+CVE-1999-0699 (The Bluestone Sapphire web server allows session hijacking via
easily ...)
+CVE-1999-0697 (SCO Doctor allows local users to gain root privileges through a
Tools ...)
+CVE-1999-0696 (Buffer overflow in CDE Calendar Manager Service Daemon
(rpc.cmsd) ...)
+CVE-1999-0695 (The Sybase PowerDynamo personal web server allows attackers to
...)
+CVE-1999-0694 (Denial of service in AIX ptrace system call allows local users
to ...)
+CVE-1999-0693 (Buffer overflow in TT_SESSION environment variable in ToolTalk
shared ...)
+CVE-1999-0692 (The default configuration of the Array Services daemon (arrayd)
...)
+CVE-1999-0691 (Buffer overflow in the AddSuLog function of the CDE dtaction
utility ...)
+CVE-1999-0690 (HP CDE program includes the current directory in root''s
PATH variable. ...)
+CVE-1999-0689 (The CDE dtspcd daemon allows local users to execute arbitrary
commands ...)
+CVE-1999-0688 (Buffer overflows in HP Software Distributor (SD) for HPUX 10.x
and 11.x. ...)
+CVE-1999-0687 (The ToolTalk ttsession daemon uses weak RPC authentication,
which ...)
+CVE-1999-0686 (Denial of service in Netscape Enterprise Server (NES) in HP
Virtual ...)
+CVE-1999-0685 (Buffer overflow in Netscape Communicator via EMBED tags in the
...)
+CVE-1999-0683 (Denial of service in Gauntlet Firewall via a malformed ICMP
packet. ...)
+CVE-1999-0682 (Microsoft Exchange 5.5 allows a remote attacker to relay email
...)
+CVE-1999-0681 (Buffer overflow in Microsoft FrontPage Server Extensions (PWS)
...)
+CVE-1999-0680 (Windows NT Terminal Server performs extra work when a client
opens a ...)
+CVE-1999-0679 (Buffer overflow in hybrid-6 IRC server commonly used on EFnet
allows ...)
+CVE-1999-0678 (A default configuration of Apache on Debian Linux sets the
ServerRoot ...)
+CVE-1999-0676 (sdtcm_convert in Solaris 2.6 allows a local user to overwrite
...)
+CVE-1999-0675 (Check Point FireWall-1 can be subjected to a denial of service
via UDP ...)
+CVE-1999-0674 (The BSD profil system call allows a local user to modify the
internal ...)
+CVE-1999-0672 (Buffer overflow in Fujitsu Chocoa IRC client via IRC channel
topics. ...)
+CVE-1999-0671 (Buffer overflow in ToxSoft NextFTP client through CWD command.
...)
+CVE-1999-0668 (The scriptlet.typelib ActiveX control is marked as
"safe for ...)
+CVE-1999-0628 (The rwho/rwhod service is running, which exposes machine status
...)
+CVE-1999-0627 (The rexd service is running, which uses weak authentication that
can ...)
+CVE-1999-0626 (A version of rusers is running that exposes valid user
information ...)
+CVE-1999-0612 (A version of finger is running that exposes valid user
information ...)
+CVE-1999-0608 (An incorrect configuration of the PDG Shopping Cart CGI program
...)
+CVE-1999-0566 (An attacker can write to syslog files from any location, causing
a ...)
+CVE-1999-0551 (HP OpenMail can be misconfigured to allow users to run arbitrary
...)
+CVE-1999-0526 (An X server''s access control is disabled (e.g. through
an "xhost +" ...)
+CVE-1999-0514 (UDP messages to broadcast addresses are allowed, allowing for a
...)
+CVE-1999-0513 (ICMP messages to broadcast addresses are allowed, allowing for a
...)
+CVE-1999-0496 (A Windows NT 4.0 user can gain administrative rights by forcing
...)
+CVE-1999-0494 (Denial of service in WinGate proxy through a buffer overflow in
...)
+CVE-1999-0493 (rpc.statd allows remote attackers to forward RPC calls to the
local ...)
+CVE-1999-0491 (The prompt parsing in bash allows a local user to execute
commands as ...)
+CVE-1999-0487 (The DHTML Edit ActiveX control in Internet Explorer allows
remote ...)
+CVE-1999-0485 (Remote attackers can cause a system crash through ipintr() in
ipq in ...)
+CVE-1999-0484 (Buffer overflow in OpenBSD ping. ...)
+CVE-1999-0483 (OpenBSD crash using nlink value in FFS and EXT2FS filesystems.
...)
+CVE-1999-0482 (OpenBSD kernel crash through TSS handling, as caused by the
crashme ...)
+CVE-1999-0481 (Denial of service in "poll" in OpenBSD. ...)
+CVE-1999-0479 (Denial of service Netscape Enterprise Server with VirtualVault
on ...)
+CVE-1999-0478 (Denial of service in HP-UX sendmail 8.8.6 related to accepting
...)
+CVE-1999-0475 (A race condition in how procmail handles .procmailrc files
allows ...)
+CVE-1999-0474 (The ICQ Webserver allows remote attackers to use .. to access
...)
+CVE-1999-0473 (The rsync command before rsync 2.3.1 may inadvertently change
the ...)
+CVE-1999-0472 (The SNMP default community name "public" is
not properly removed in ...)
+CVE-1999-0471 (The remote proxy server in Winroute allows a remote attacker to
...)
+CVE-1999-0470 (A weak encryption algorithm is used for passwords in Novell ...)
+CVE-1999-0468 (Internet Explorer 5.0 allows a remote server to read arbitrary
files ...)
+CVE-1999-0466 (The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and
earlier ...)
+CVE-1999-0464 (Local users can perform a denial of service in Tripwire 1.2 and
...)
+CVE-1999-0463 (Remote attackers can perform a denial of service using IRIX
fcagent. ...)
+CVE-1999-0458 (L0phtcrack 2.5 used temporary files in the system TEMP directory
which ...)
+CVE-1999-0457 (Linux ftpwatch program allows local users to gain root
privileges. ...)
+CVE-1999-0449 (Denial of service in IIS 4 with scripts from the ExAir sample
site. ...)
+CVE-1999-0448 (IIS 4.0 and Apache log HTTP request methods, regardless of how
long ...)
+CVE-1999-0447 (Local users can gain privileges using the debug utility in the
MPE/iX ...)
+CVE-1999-0446 (Local users can perform a denial of service in NetBSD 1.3.3 and
...)
+CVE-1999-0445 (In Cisco routers under some versions of IOS 12.0 running NAT,
some ...)
+CVE-1999-0442 (Solaris ff.core allows local users to modify files. ...)
+CVE-1999-0441 (Remote attackers can perform a denial of service in WinGate
machines ...)
+CVE-1999-0440 (The byte code verifier component of the Java Virtual Machine
(JVM) ...)
+CVE-1999-0439 (Buffer overflow in procmail before version 3.12 allows remote or
local ...)
+CVE-1999-0438 (Remote attackers can perform a denial of service in WebRamp
systems by ...)
+CVE-1999-0437 (Remote attackers can perform a denial of service in WebRamp
systems by ...)
+CVE-1999-0436 (Domain Enterprise Server Management System (DESMS) in HP-UX
allows ...)
+CVE-1999-0433 (XFree86 startx command is vulnerable to a symlink attack,
allowing local ...)
+CVE-1999-0432 (ftp on HP-UX 11.00 allows local users to gain privileges. ...)
+CVE-1999-0430 (Cisco Catalyst LAN switches running Catalyst 5000 supervisor
software ...)
+CVE-1999-0429 (The Lotus Notes 4.5 client may send a copy of encrypted mail in
the ...)
+CVE-1999-0428 (OpenSSL and SSLeay allow remote attackers to reuse SSL sessions
and ...)
+CVE-1999-0425 (talkback in Netscape 4.5 allows a local user to kill an
arbitrary ...)
+CVE-1999-0424 (talkback in Netscape 4.5 allows a local user to overwrite ...)
+CVE-1999-0423 (Vulnerability in hpterm on HP-UX 10.20 allows local users to
gain ...)
+CVE-1999-0422 (In some cases, NetBSD 1.3.3 mount allows local users to execute
...)
+CVE-1999-0421 (During a reboot after an installation of Linux Slackware 3.6, a
remote ...)
+CVE-1999-0420 (umapfs allows local users to gain root privileges by changing
their ...)
+CVE-1999-0417 (64 bit Solaris 7 procfs allows local users to perform a denial
of ...)
+CVE-1999-0416 (Vulnerability in Cisco 7xx series routers allows a remote
attacker to ...)
+CVE-1999-0415 (The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is
enabled ...)
+CVE-1999-0414 (In Linux before version 2.0.36, remote attackers can spoof a TCP
...)
+CVE-1999-0413 (A buffer overflow in the SGI X server allows local users to gain
root ...)
+CVE-1999-0412 (In IIS and other web servers, an attacker can attack commands as
...)
+CVE-1999-0410 (The cancel command in Solaris 2.6 (i386) has a buffer overflow
that ...)
+CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local
users to ...)
+CVE-1999-0408 (Files created from interactive shell sessions in Cobalt RaQ ...)
+CVE-1999-0407 (By default, IIS 4.0 has a virtual directory /IISADMPWD which
contains ...)
+CVE-1999-0405 (A buffer overflow in lsof allows local users to obtain root ...)
+CVE-1999-0404 (Buffer overflow in the Mail-Max SMTP server for Windows systems
allows ...)
+CVE-1999-0403 (A bug in Cyrix CPUs on Linux allows local users to perform a
denial ...)
+CVE-1999-0402 (wget 1.5.3 follows symlinks to change permissions of the target
file ...)
+CVE-1999-0396 (A race condition between the select() and accept() calls in
NetBSD TCP ...)
+CVE-1999-0395 (A race condition in the BackWeb Polite Agent Protocol allows an
...)
+CVE-1999-0393 (Remote attackers can cause a denial of service in Sendmail 8.8.x
and ...)
+CVE-1999-0392 (Buffer overflow in Thomas Boutell''s cgic library
version up to 1.05. ...)
+CVE-1999-0391 (The cryptographic challenge of SMB authentication in Windows 95
and ...)
+CVE-1999-0390 (Buffer overflow in Dosemu Slang library in Linux. ...)
+CVE-1999-0388 (DataLynx suGuard trusts the PATH environment variable to execute
the ...)
+CVE-1999-0387 (A legacy credential caching mechanism used in Windows 95 and
Windows ...)
+CVE-1999-0386 (Microsoft Personal Web Server and FrontPage Personal Web Server
in ...)
+CVE-1999-0385 (The LDAP bind function in Exchange 5.5 has a buffer overflow
that ...)
+CVE-1999-0384 (The Forms 2.0 ActiveX control (included with Visual Basic for
...)
+CVE-1999-0383 (ACC Tigris allows public access without a login. ...)
+CVE-1999-0382 (The screen saver in Windows NT does not verify that its security
...)
+CVE-1999-0380 (SLMail 3.1 and 3.2 allows local users to access any file in the
NTFS ...)
+CVE-1999-0379 (Microsoft Taskpads feature allows remote web sites to execute
commands ...)
+CVE-1999-0378 (InterScan VirusWall for Solaris doesn''t scan files for
viruses when ...)
+CVE-1999-0377 (Process table attack in Unix systems allows a remote attacker to
...)
+CVE-1999-0376 (Local users in Windows NT can obtain administrator privileges by
...)
+CVE-1999-0375 (Buffer overflow in webd in Network Flight Recorder (NFR) ...)
+CVE-1999-0374 (Debian Linux cfengine package is susceptible to a symlink
attack. ...)
+CVE-1999-0373 (Buffer overflow in the "Super" utility in
Debian Linux and other ...)
+CVE-1999-0372 (The installer for BackOffice Server includes account names and
...)
+CVE-1999-0371 (Lynx allows a local user to overwrite sensitive files through
/tmp ...)
+CVE-1999-0369 (The Sun sdtcm_convert calendar utility for OpenWindows has a
buffer ...)
+CVE-1999-0368 (Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to
...)
+CVE-1999-0367 (NetBSD netstat command allows local users to access kernel
memory. ...)
+CVE-1999-0366 (In some cases, Service Pack 4 for Windows NT 4.0 can allow
access to ...)
+CVE-1999-0365 (The metamail package allows remote command execution using shell
...)
+CVE-1999-0363 (SuSE 5.2 PLP lpc program has a buffer overflow that leads to
root ...)
+CVE-1999-0362 (WS_FTP server remote denial of service through cwd command. ...)
+CVE-1999-0358 (Digital Unix 4.0 has a buffer overflow in the inc program of the
mh ...)
+CVE-1999-0357 (Denial of service in Windows systems using malformed oshare
packets. ...)
+CVE-1999-0355 (Local or remote users can force ControlIT 4.5 to reboot or force
a ...)
+CVE-1999-0353 (rpc.pcnfsd in HP gives remote root access by changing the
permissions ...)
+CVE-1999-0351 (FTP PASV "Pizza Thief" denial of service and
unauthorized data ...)
+CVE-1999-0350 (Race condition in the db_loader program in ClearCase gives local
...)
+CVE-1999-0349 (A buffer overflow in the FTP list (ls) command in IIS allows
remote ...)
+CVE-1999-0348 (IIS ASP caching problem releases sensitive information when two
...)
+CVE-1999-0346 (CGI PHP mlog script allows an attacker to read any file on the
target ...)
+CVE-1999-0344 (NT users can gain debug-level access on a system process using
the ...)
+CVE-1999-0343 (A malicious Palace server can force a client to execute
arbitrary ...)
+CVE-1999-0342 (Linux PAM modules allow local users to gain root access using
...)
+CVE-1999-0341 (Buffer overflow in the Linux mail program
"deliver" allows local users ...)
+CVE-1999-0340 (Buffer overflow in Linux Slackware crond program allows local
users ...)
+CVE-1999-0339 (Buffer overflow in the libauth library in Solaris allows local
users ...)
+CVE-1999-0338 (AIX Licensed Program Product performance tools allow local users
to ...)
+CVE-1999-0337 (AIX batch queue (bsh) allows local and remote users to gain
additional ...)
+CVE-1999-0335 (Buffer overflow in BSD and linux lpr command allows local users
to ...)
+CVE-1999-0334 (In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a
local ...)
+CVE-1999-0332 (Buffer overflow in NetMeeting allows denial of service and
remote ...)
+CVE-1999-0329 (SGI mediad program allows local users to gain root access. ...)
+CVE-1999-0328 (SGI permissions program allows local users to gain root
privileges. ...)
+CVE-1999-0327 (SGI syserr program allows local users to corrupt files. ...)
+CVE-1999-0326 (Vulnerability in HP-UX mediainit program. ...)
+CVE-1999-0325 (vhe_u_mnt program in HP-UX allows local users to create root
files through ...)
+CVE-1999-0324 (ppl program in HP-UX allows local users to create root files
through ...)
+CVE-1999-0323 (FreeBSD mmap function allows users to modify append-only or
immutable ...)
+CVE-1999-0322 (The open() function in FreeBSD allows local attackers to write
...)
+CVE-1999-0321 (Buffer overflow in Solaris kcms_configure command allows local
users ...)
+CVE-1999-0320 (SunOS rpc.cmsd allows attackers to obtain root access by
overwriting ...)
+CVE-1999-0318 (Buffer overflow in xmcd 2.0p12 allows local users to gain access
...)
+CVE-1999-0316 (Buffer overflow in Linux splitvt command gives root access to
local ...)
+CVE-1999-0315 (Buffer overflow in Solaris fdformat command gives root access to
local ...)
+CVE-1999-0314 (IRIX ioconfig program allows local users to gain root access
...)
+CVE-1999-0313 (IRIX disk_bandwidth program allows local users to gain root
access ...)
+CVE-1999-0312 (HP ypbind allows attackers with root privileges to modify NIS
data. ...)
+CVE-1999-0311 (fpkg2swpk in HP-UX allows local users to gain root access. ...)
+CVE-1999-0310 (SSH 1.2.25 on HP-UX allows access to new user accounts. ...)
+CVE-1999-0309 (HP-UX vgdisplay program gives root access to local users. ...)
+CVE-1999-0308 (HP-UX gwind program allows users to modify arbitrary files. ...)
+CVE-1999-0305 (BSD sysctl control does not properly restrict source routing.
...)
+CVE-1999-0304 (mmap function in BSD allows local attackers in the kmem group to
...)
+CVE-1999-0303 (Buffer overflow in BNU UUCP daemon (uucpd) through long
hostnames. ...)
+CVE-1999-0302 (SunOS/Solaris FTP clients can be forced to execute arbitrary
commands ...)
+CVE-1999-0301 (Buffer overflow in SunOS/Solaris ps command. ...)
+CVE-1999-0300 (nis_cachemgr for Solaris NIS+ allows attackers to add malicious
...)
+CVE-1999-0299 (Buffer overflow in FreeBSD lpd through long DNS hostnames. ...)
+CVE-1999-0297 (Buffer overflow in Vixie Cron library up to version 3.0 allows
local ...)
+CVE-1999-0296 (Solaris volrmmount program allows attackers to read any file.
...)
+CVE-1999-0295 (Solaris sysdef command allows local users to read kernel memory,
...)
+CVE-1999-0294 (All records in a WINS database can be deleted through SNMP for
...)
+CVE-1999-0293 (AAA authentication on Cisco systems allows attackers to execute
...)
+CVE-1999-0292 (Denial of service through Winpopup using large user names. ...)
+CVE-1999-0291 (The WinGate proxy is installed without a password, which allows
...)
+CVE-1999-0290 (The WinGate telnet proxy allows remote attackers to cause a
denial of ...)
+CVE-1999-0289 (The Apache web server for Win32 may provide access to restricted
...)
+CVE-1999-0288 (Denial of service in WINS with malformed data to port 137
(NETBIOS ...)
+CVE-1999-0281 (Denial of service in IIS using long URLs. ...)
+CVE-1999-0280 (Remote command execution in Microsoft Internet Explorer using
.lnk and ...)
+CVE-1999-0279 (Excite for Web Servers (EWS) allows remote command execution via
...)
+CVE-1999-0278 (In IIS, remote attackers can obtain source code for ASP files by
appending ...)
+CVE-1999-0277 (The WorkMan program can be used to overwrite any file to get
root access. ...)
+CVE-1999-0276 (mSQL v2.0.1 and below allows remote execution through a buffer
overflow. ...)
+CVE-1999-0275 (Denial of service in Windows NT DNS servers by flooding port 53
with ...)
+CVE-1999-0274 (Denial of service in Windows NT DNS servers through malicious
packet ...)
+CVE-1999-0273 (Denial of service through Solaris 2.5.1 telnet by sending ^D
characters. ...)
+CVE-1999-0272 (Denial of service in Slmail v2.5 through the POP3 port. ...)
+CVE-1999-0270 (pfdispaly CGI program for SGI''s Performer API Search
Tool allows read ...)
+CVE-1999-0269 (Netscape Enterprise servers may list files through the
PageServices query. ...)
+CVE-1999-0268 (MetaInfo MetaWeb web server allows users to upload and execute
scripts. ...)
+CVE-1999-0267 (Buffer overflow in NCSA HTTP daemon v1.3 allows remote command
execution. ...)
+CVE-1999-0266 (The info2www CGI script allows remote file access or remote ...)
+CVE-1999-0265 (ICMP redirect messages may crash or lock up a host. ...)
+CVE-1999-0264 (htmlscript CGI program allows remote read access to files. ...)
+CVE-1999-0263 (Solaris SUNWadmap can be exploited to obtain root access. ...)
+CVE-1999-0262 (faxsurvey CGI script on Linux allows remote command execution
via ...)
+CVE-1999-0260 (The jj CGI program allows command execution via shell
metacharacters. ...)
+CVE-1999-0259 (cfingerd lists all users on a system via search.**@target. ...)
+CVE-1999-0256 (Buffer overflow in War FTP allows remote execution of commands.
...)
+CVE-1999-0252 (Buffer overflow in listserv allows arbitrary command execution.
...)
+CVE-1999-0251 (Denial of service in talk program allows remote attackers to
...)
+CVE-1999-0248 (A race condition in the authentication agent mechanism of sshd
1.2.17 ...)
+CVE-1999-0247 (Buffer overflow in nnrpd program in INN up to version 1.6 allows
...)
+CVE-1999-0245 (Some configurations of NIS+ in Linux allowed attackers ...)
+CVE-1999-0244 (Livingston RADIUS code has a buffer overflow which can allow
remote ...)
+CVE-1999-0239 (Netscape FastTrack Web server lists files when a lowercase
"get" ...)
+CVE-1999-0237 (Remote execution of arbitrary commands through Guestbook CGI
program. ...)
+CVE-1999-0236 (ScriptAlias directory in NCSA and Apache httpd allowed attackers
to ...)
+CVE-1999-0234 (Bash treats any character with a value of 255 as a command
separator. ...)
+CVE-1999-0233 (IIS allows users to execute arbitrary commands using .bat or
.cmd ...)
+CVE-1999-0230 (Buffer overflow in Cisco 7xx routers through the telnet service.
...)
+CVE-1999-0228 (Denial of service in RPCSS.EXE program (RPC Locator) in Windows
NT. ...)
+CVE-1999-0227 (Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT
...)
+CVE-1999-0225 (Windows NT 4.0 allows remote attackers to cause a denial of
service ...)
+CVE-1999-0224 (Denial of service in Windows NT messenger service through a long
...)
+CVE-1999-0223 (Solaris syslogd crashes when receiving a message from a host
that ...)
+CVE-1999-0221 (Denial of service of Ascend routers through port 150 (remote
...)
+CVE-1999-0219 (Buffer overflow in Serv-U FTP server when user performs a cwd to
a ...)
+CVE-1999-0218 (Livingston portmaster machines could be rebooted via a series
...)
+CVE-1999-0217 (Malicious option settings in UDP packets could force a reboot in
SunOS ...)
+CVE-1999-0215 (Routed allows attackers to append data to files. ...)
+CVE-1999-0214 (Denial of service by sending forged ICMP unreachable packets.
...)
+CVE-1999-0212 (Solaris rpc.mountd generates error messages that allow a remote
...)
+CVE-1999-0211 (Extra long export lists over 256 characters in some mount
daemons ...)
+CVE-1999-0210 (Automount daemon automountd allows local or remote users to gain
...)
+CVE-1999-0209 (The SunView (SunTools) selection_svc facility allows remote
users to ...)
+CVE-1999-0208 (rpc.ypupdated (NIS) allows remote users to execute arbitrary
commands. ...)
+CVE-1999-0207 (Remote attacker can execute commands through Majordomo using the
...)
+CVE-1999-0206 (MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root
access. ...)
+CVE-1999-0204 (Sendmail 8.6.9 allows remote attackers to execute root commands,
using ...)
+CVE-1999-0203 (In Sendmail, attackers can gain root privileges via SMTP by
specifying ...)
+CVE-1999-0202 (The GNU tar command, when used in FTP sessions, may allow an
attacker ...)
+CVE-1999-0201 (A quote cwd command on FTP servers can reveal the full path of
the ...)
+CVE-1999-0196 (The websendmail program in the Webgais program allows a remote
user to ...)
+CVE-1999-0194 (Denial of service in in.comsat allows attackers to generate
messages. ...)
+CVE-1999-0192 (Buffer overflow in telnet daemon tgetent routing allows remote
...)
+CVE-1999-0191 (IIS newdsn.exe CGI script allows remote users to overwrite
files. ...)
+CVE-1999-0190 (Solaris rpcbind can be exploited to overwrite arbitrary files
and gain ...)
+CVE-1999-0189 (Solaris rpcbind listens on a high numbered UDP port, which may
not be ...)
+CVE-1999-0188 (The passwd command in Solaris can be subjected to a denial of
service. ...)
+CVE-1999-0185 (In SunOS or Solaris, a remote user could connect from an FTP
server''s ...)
+CVE-1999-0184 (When compiled with the -DALLOW_UPDATES option, bind allows
dynamic ...)
+CVE-1999-0183 (Linux implementations of TFTP would allow access to files
outside the ...)
+CVE-1999-0182 (Samba has a buffer overflow which allows a remote attacker to
obtain ...)
+CVE-1999-0181 (The wall daemon can be used for denial of service, social
engineering ...)
+CVE-1999-0180 (in.rshd allows users to login with a NULL username and execute
commands. ...)
+CVE-1999-0179 (Windows NT crashes or locks up when a Samba client executes a
"cd .." ...)
+CVE-1999-0178 (The win-c-sample program in the WebSite web server has a buffer
...)
+CVE-1999-0177 (The uploader program in the WebSite web server allows a remote
...)
+CVE-1999-0176 (The Webgais program allows a remote user to execute arbitrary
...)
+CVE-1999-0175 (The convert.bas program in the Novell web server allows a remote
...)
+CVE-1999-0174 (The view-source CGI program allows remote attackers to read
arbitrary ...)
+CVE-1999-0173 (FormMail CGI program can be used by web servers other than the
...)
+CVE-1999-0172 (FormMail CGI program allows remote execution of commands. ...)
+CVE-1999-0170 (Remote attackers can mount an NFS file system in Ultrix or OSF,
even ...)
+CVE-1999-0168 (The portmapper may act as a proxy and redirect service requests
from ...)
+CVE-1999-0167 (In SunOS, NFS file handles could be guessed, giving unauthorized
...)
+CVE-1999-0166 (NFS allows users to use a "cd .." command to
access other directories ...)
+CVE-1999-0164 (A race condition in the Solaris ps command allows an attacker to
...)
+CVE-1999-0162 (The "established" keyword in some Cisco IOS
software allowed ...)
+CVE-1999-0161 (In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an
extended ...)
+CVE-1999-0160 (Some classic Cisco IOS devices have a vulnerability in the PPP
CHAP ...)
+CVE-1999-0159 (Attackers can crash a Cisco IOS router or device, provided they
can ...)
+CVE-1999-0158 (Cisco PIX firewall manager (PFM) on Windows NT allows attackers
to ...)
+CVE-1999-0157 (Cisco PIX firewall and CBAC IP fragmentation attack results in a
...)
+CVE-1999-0155 (The ghostscript command with the -dSAFER option allows remote
...)
+CVE-1999-0153 (Windows 95/NT out of band (OOB) data denial of service through
NETBIOS ...)
+CVE-1999-0152 (The DG/UX finger daemon allows remote command execution through
shell ...)
+CVE-1999-0151 (The SATAN session key may be disclosed if the user points the
web ...)
+CVE-1999-0150 (The Perl fingerd program allows arbitrary command execution from
...)
+CVE-1999-0149 (The wrap CGI program in IRIX allows remote attackers to view
...)
+CVE-1999-0148 (The handler CGI program in IRIX allows arbitrary command
execution. ...)
+CVE-1999-0147 (The aglimpse CGI program of the Glimpse package allows remote
...)
+CVE-1999-0146 (The campas CGI program provided with some NCSA web servers
allows an ...)
+CVE-1999-0145 (Sendmail WIZ command enabled, allowing root access. ...)
+CVE-1999-0143 (Kerberos 4 key servers allow a user to masquerade as another by
...)
+CVE-1999-0142 (The Java Applet Security Manager implementation in Netscape
Navigator ...)
+CVE-1999-0141 (Java Bytecode Verifier allows malicious applets to execute ...)
+CVE-1999-0139 (Buffer overflow in Solaris x86 mkcookie allows local users to
...)
+CVE-1999-0138 (The suidperl and sperl program do not give up root privileges
when ...)
+CVE-1999-0137 (The dip program on many Linux systems allows local users to gain
root ...)
+CVE-1999-0136 (Kodak Color Management System (KCMS) on Solaris allows a local
user to ...)
+CVE-1999-0135 (admintool in Solaris allows a local user to write to arbitrary
files ...)
+CVE-1999-0134 (vold in Solaris 2.x allows local users to gain root access. ...)
+CVE-1999-0133 (fm_fls license server for Adobe Framemaker allows local users to
...)
+CVE-1999-0132 (Expreserve, used in vi and ex, allows local users to overwrite
...)
+CVE-1999-0131 (Buffer overflow and denial of service in Sendmail 8.7.5 and ...)
+CVE-1999-0130 (Local users can start Sendmail in daemon mode and gain root
privileges. ...)
+CVE-1999-0129 (Sendmail allows local users to write to a file and gain group
...)
+CVE-1999-0128 (Oversized ICMP ping packets can result in a denial of service,
...)
+CVE-1999-0126 (SGI IRIX buffer overflow in xterm and Xaw allows root access.
...)
+CVE-1999-0125 (Buffer overflow in SGI IRIX mailx program. ...)
+CVE-1999-0124 (Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x
allow ...)
+CVE-1999-0122 (Buffer overflow in AIX lchangelv gives root access. ...)
+CVE-1999-0120 (Sun/Solaris utmp file allows local users to gain root access if
it ...)
+CVE-1999-0118 (AIX infod allows local users to gain root access through an X
display. ...)
+CVE-1999-0117 (AIX passwd allows local users to gain root access. ...)
+CVE-1999-0116 (Denial of service when an attacker sends many SYN packets to
create ...)
+CVE-1999-0115 (AIX bugfiler program allows local users to gain root access.
...)
+CVE-1999-0113 (Some implementations of rlogin allow root access if given a ...)
+CVE-1999-0112 (Buffer overflow in AIX dtterm program for the CDE ...)
+CVE-1999-0111 (RIP v1 is susceptible to spoofing. ...)
+CVE-1999-0109 (Buffer overflow in ffbconfig in Solaris 2.5.1 ...)
+CVE-1999-0108 (The printers program in IRIX has a buffer overflow that gives
root ...)
+CVE-1999-0103 (Echo and chargen, or other combinations of UDP services, can be
used ...)
+CVE-1999-0102 (Buffer overflow in SLmail 3.x allows attackers to execute
commands ...)
+CVE-1999-0101 (Buffer overflow in AIX and Solaris
"gethostbyname" library call allows ...)
+CVE-1999-0100 (Remote access in AIX innd 1.5.1, using control messages. ...)
+CVE-1999-0099 (Buffer overflow in syslog utility allows local or remote
attackers to ...)
+CVE-1999-0097 (The AIX FTP client can be forced to execute commands from a
malicious ...)
+CVE-1999-0096 (Sendmail decode alias can be used to overwrite sensitive files
...)
+CVE-1999-0095 (The debug command in Sendmail is enabled, allowing attackers to
...)
+CVE-1999-0094 (AIX piodmgrsu command allows local users to gain additional ...)
+CVE-1999-0093 (AIX nslookup command allows local users to obtain root access by
not ...)
+CVE-1999-0091 (Buffer overflow in AIX writesrv command allows local users to
obtain ...)
+CVE-1999-0090 (Buffer overflow in AIX rcp command allows local users to obtain
...)
+CVE-1999-0087 (Denial of service in AIX telnet can freeze a system and prevent
...)
+CVE-1999-0085 (rwhod buffer overflow in AIX ...)
+CVE-1999-0084 (NFS mknod bug ...)
+CVE-1999-0083 (getcwd() file descriptor leak in FTP ...)
+CVE-1999-0082 (CWD ~root command in ftpd allows root access. ...)
+CVE-1999-0081 (wu-ftp allows files to be overwritten via the rnfr command. ...)
+CVE-1999-0080 (wu-ftp FTP server allows root access via "site
exec" command. ...)
+CVE-1999-0079 (Remote attackers can cause a denial of service in FTP by issuing
...)
+CVE-1999-0077 (Predictable TCP sequence numbers allow spoofing. ...)
+CVE-1999-0075 (PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV
...)
+CVE-1999-0074 (Listening TCP ports are sequentially allocated, allowing
spoofing ...)
+CVE-1999-0073 (Telnet allows a remote client to specify environment variables
including ...)
+CVE-1999-0072 (Buffer overflow in AIX xdat gives root access to local users.
...)
+CVE-1999-0071 (Apache httpd cookie buffer overflow for versions 1.1.1 and
earlier. ...)
+CVE-1999-0070 (test-cgi program allows an attacker to list files on the server
...)
+CVE-1999-0069 (Solaris ufsrestore buffer overflow. ...)
+CVE-1999-0068 (CGI PHP mylog script allows an attacker to read any file on the
...)
+CVE-1999-0067 (CGI phf program allows remote command execution through shell
...)
+CVE-1999-0066 (AnyForm CGI remote execution ...)
+CVE-1999-0065 (Multiple buffer overflows in how dtmail handles attachments
allows a ...)
+CVE-1999-0064 (Buffer overflow in AIX lquerylv program gives root access to
local users. ...)
+CVE-1999-0063 (Cisco IOS 12.0 and other versions can be crashed by malicious
UDP ...)
+CVE-1999-0062 (The chpass command in OpenBSD allows a local user to gain root
access ...)
+CVE-1999-0060 (Attackers can cause a denial of service in Ascend MAX and
Pipeline ...)
+CVE-1999-0059 (IRIX fam service allows an attacker to obtain a list of all
files ...)
+CVE-1999-0058 (Buffer overflow in PHP cgi program, php.cgi allows shell access.
...)
+CVE-1999-0057 (Vacation program allows command execution by remote users
through ...)
+CVE-1999-0056 (Buffer overflow in Sun''s ping program can give root
access to local users. ...)
+CVE-1999-0055 (Buffer overflows in Sun libnsl allow root access. ...)
+CVE-1999-0054 (Sun''s ftpd daemon can be subjected to a denial of
service. ...)
+CVE-1999-0053 (TCP RST denial of service in FreeBSD ...)
+CVE-1999-0052 (IP fragmentation denial of service in FreeBSD allows a remote
attacker ...)
+CVE-1999-0051 (Arbitrary file creation and program execution using FLEXlm ...)
+CVE-1999-0050 (Buffer overflow in HP-UX newgrp program ...)
+CVE-1999-0049 (Csetup under IRIX allows arbitrary file creation or overwriting.
...)
+CVE-1999-0048 (Talkd, when given corrupt DNS information, can be used to
execute ...)
+CVE-1999-0047 (MIME conversion buffer overflow in sendmail versions 8.8.3 and
8.8.4. ...)
+CVE-1999-0046 (Buffer overflow of rlogin program using TERM environmental
variable. ...)
+CVE-1999-0045 (List of arbitrary files on Web host via nph-test-cgi script ...)
+CVE-1999-0044 (fsdump command in IRIX allows local users to obtain root access
...)
+CVE-1999-0043 (Command execution via shell metachars in INN daemon (innd) 1.5
...)
+CVE-1999-0042 (Buffer overflow in University of Washington''s
implementation of ...)
+CVE-1999-0041 (Buffer overflow in NLS (Natural Language Service) ...)
+CVE-1999-0040 (Buffer overflow in Xt library of X Windowing System allows local
...)
+CVE-1999-0039 (Arbitrary command execution using webdist CGI program in IRIX.
...)
+CVE-1999-0038 (Buffer overflow in xlock program allows local users to execute
...)
+CVE-1999-0037 (Arbitrary command execution via metamail package using message
...)
+CVE-1999-0036 (IRIX login program with a nonzero LOCKOUT parameter allows
creation or ...)
+CVE-1999-0035 (Race condition in signal handling routine in ftpd, allowing
read/write ...)
+CVE-1999-0034 (Buffer overflow in suidperl (sperl), Perl 4.x and 5.x ...)
+CVE-1999-0032 (Buffer overflow in BSD-based lpr package allows local users to
gain ...)
+CVE-1999-0031 (JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x,
3.x and ...)
+CVE-1999-0029 (root privileges via buffer overflow in ordist command on SGI
IRIX ...)
+CVE-1999-0028 (root privileges via buffer overflow in login/scheme command on
SGI ...)
+CVE-1999-0027 (root privileges via buffer overflow in eject command on SGI IRIX
...)
+CVE-1999-0026 (root privileges via buffer overflow in pset command on SGI IRIX
...)
+CVE-1999-0025 (root privileges via buffer overflow in df command on SGI IRIX
...)
+CVE-1999-0024 (DNS cache poisoning via BIND, by predictable query IDs. ...)
+CVE-1999-0023 (Local user gains root privileges via buffer overflow in rdist,
via ...)
+CVE-1999-0022 (Local user gains root privileges via buffer overflow in rdist,
via ...)
+CVE-1999-0021 (Arbitrary command execution via buffer overflow in Count.cgi
...)
+CVE-1999-0019 (Delete or create a file via rpc.statd, due to invalid
information. ...)
+CVE-1999-0018 (Buffer overflow in statd allows root privileges. ...)
+CVE-1999-0017 (FTP servers can allow an attacker to connect to arbitrary ports
on ...)
+CVE-1999-0016 (Land IP denial of service ...)
+CVE-1999-0014 (Unauthorized privileged access or denial of service via
dtappgather ...)
+CVE-1999-0013 (Stolen credentials from SSH clients via ssh-agent program,
allowing ...)
+CVE-1999-0012 (Some web servers under Microsoft Windows allow remote attackers
...)
+CVE-1999-0011 (Denial of Service vulnerabilities in BIND 4.9 and BIND 8
Releases ...)
+CVE-1999-0010 (Denial of Service vulnerability in BIND 8 Releases via
maliciously ...)
+CVE-1999-0009 (Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
...)
+CVE-1999-0008 (Buffer overflow in NIS+, in Sun''s rpc.nisd program ...)
+CVE-1999-0007 (Information from SSL-encrypted sessions via PKCS #1 ...)
+CVE-1999-0006 (Buffer overflow in POP servers based on BSD/Qualcomm''s
qpopper allows ...)
+CVE-1999-0005 (Arbitrary command execution via IMAP buffer overflow in
authenticate ...)
+CVE-1999-0003 (Execute commands as root via buffer overflow in Tooltalk
database ...)
+CVE-1999-0002 (Buffer overflow in NFS mountd gives root access to remote
attackers, ...)
CVE-2002-0654 (Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows
remote ...)
- apache2 2.0.40
CVE-2002-0652 (xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to
execute ...)