Author: jmm-guest Date: 2005-12-29 00:57:37 +0000 (Thu, 29 Dec 2005) New Revision: 3176 Modified: data/CVE/list Log: more syntax conversions Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-12-28 09:14:21 UTC (rev 3175) +++ data/CVE/list 2005-12-29 00:57:37 UTC (rev 3176) @@ -21402,7 +21402,7 @@ CVE-2002-0996 (Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C ...) NOT-FOR-US: Novell CVE-2002-0994 (SunPCi II VNC uses a weak authentication scheme, which allows remote ...) - NOT-FOR-US: no_package + NOT-FOR-US:SunPci II VNC CVE-2002-0993 (Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) ...) NOT-FOR-US: HP CVE-2002-0992 (Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced ...) @@ -21434,51 +21434,51 @@ CVE-2002-0971 (Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to ...) NOT-FOR-US: Microsoft Windows specific CVE-2002-0966 (Buffer overflow in 4D web server 6.7.3 allow remote attackers to cause ...) - NOT-FOR-US: no_package + NOT-FOR-US: 4D web server CVE-2002-0963 (SQL injection vulnerability in comment.php for GeekLog 1.3.5 and ...) - NOT-FOR-US: no_package + NOT-FOR-US: GeekLog CVE-2002-0962 (Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier ...) - NOT-FOR-US: no_package + NOT-FOR-US: GeekLog CVE-2002-0961 (Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote ...) - NOT-FOR-US: no_package + NOT-FOR-US: Voxel Dot Net CBMS CVE-2002-0960 (Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS ...) - NOT-FOR-US: no_package + NOT-FOR-US: Voxel Dot Net CBMS CVE-2002-0959 (Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote ...) - NOT-FOR-US: no_package + NOT-FOR-US: Splatt Forum CVE-2002-0957 (The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a ...) - NOT-FOR-US: no_package + NOT-FOR-US: BlackICE Agent CVE-2002-0956 (BlackICE Agent 3.1.eal does not always reactivate after a system ...) - NOT-FOR-US: no_package + NOT-FOR-US: BlackICE Agent CVE-2002-0955 (Cross-site scripting vulnerability in YaBB.cgi for Yet Another ...) NOT-FOR-US: YaBB CVE-2002-0954 (The encryption algorithms for enable and passwd commands on Cisco PIX ...) NOT-FOR-US: Cisco CVE-2002-0951 (SQL injection vulnerability in Ruslan <Body>Builder allows remote ...) - NOT-FOR-US: no_package + NOT-FOR-US: Ruslan CVE-2002-0950 (Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and ...) - NOT-FOR-US: no_package + NOT-FOR-US: TransWARE Active! CVE-2002-0949 (Telindus 1100 series ADSL router allows remote attackers to gain ...) - NOT-FOR-US: no_package + NOT-FOR-US: Telindus ADSL router CVE-2002-0948 (Scripts For Educators MakeBook 2.2 CGI program allows remote attackers ...) - NOT-FOR-US: no_package + NOT-FOR-US: MakeBook CVE-2002-0944 (Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 ...) - NOT-FOR-US: no_package + NOT-FOR-US: DeepMetrix LiveStats CVE-2002-0943 (MetaCart2.sql stores the user database under the web document root ...) - NOT-FOR-US: no_package + NOT-FOR-US: MetaCart CVE-2002-0942 (Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers ...) - NOT-FOR-US: Microsoft + NOT-FOR-US: Lugiment Log Explorer CVE-2002-0940 (domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use ...) - NOT-FOR-US: no_package + NOT-FOR-US: nCipher MSCAPI CVE-2002-0939 (The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator ...) - NOT-FOR-US: no_package + NOT-FOR-US: nCipher MSCAPI CVE-2002-0937 (The Java Server Pages (JSP) engine in JRun allows web page owners to ...) NOT-FOR-US: JRun CVE-2002-0936 (The Java Server Pages (JSP) engine in Tomcat allows web page owners to ...) - tomcat 3.2.3-1 CVE-2002-0934 (Directory traversal vulnerability in Jon Hedley AlienForm2 (typically ...) - NOT-FOR-US: no_package + NOT-FOR-US: Jon Hedley AlienForm2 CVE-2002-0933 (Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords ...) - NOT-FOR-US: no_package + NOT-FOR-US: Datalex PLC BooktIt Consumer CVE-2002-0932 (SQL injection vulnerability in index.php for MyHelpDesk 20020509, and ...) NOT-FOR-US: MyHelpDesk CVE-2002-0931 (Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and ...) @@ -21510,13 +21510,13 @@ CVE-2002-0917 (CGIScript.net csPassword.cgi stores .htpasswd files under the web ...) NOT-FOR-US: CGIScript.net not int Debian CVE-2002-0915 (autorun in Xandros based Linux distributions allows local users to ...) - NOT-FOR-US: Xandros specific + NOT-FOR-US: Xandros specific tool CVE-2002-0913 (Format string vulnerability in log_doit function of Slurp NNTP client ...) NOT-FOR-US: Slurp NNTP CVE-2002-0912 (in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other ...) NOTE: DSA-129 CVE-2002-0910 (Buffer overflows in netstd 3.07-17 package allows remote DNS servers ...) - NOT-FOR-US: netstd not in Debian anymore + NOTE: netstd CVE-2002-0909 (Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote ...) NOT-FOR-US: mnews CVE-2002-0908 (Directory traversal vulnerability in the web server for Cisco IDS ...) @@ -21536,17 +21536,17 @@ CVE-2002-0896 (The throttle capability in Swatch may fail to report certain events if ...) - swatch 3.0.4-1 CVE-2002-0894 (NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a ...) - NOT-FOR-US: no_package + NOT-FOR-US: NewAtlanta ServletExec CVE-2002-0893 (Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 ...) - NOT-FOR-US: no_package + NOT-FOR-US: NewAtlanta ServletExec CVE-2002-0888 (3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, ...) NOT-FOR-US: 3com CVE-2002-0886 (Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote ...) NOT-FOR-US: Cisco CVE-2002-0885 (Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and ...) - NOT-FOR-US: no_package + NOT-FOR-US: Solaris CVE-2002-0884 (Multiple format string vulnerabilities in in.rarpd (ARP server) on ...) - NOT-FOR-US: no_package + NOT-FOR-US: Solaris CVE-2002-0883 (Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator ...) NOT-FOR-US: Compaq CVE-2002-0882 (The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 ...) @@ -21628,11 +21628,11 @@ CVE-2002-0820 (FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 ...) NOT-FOR-US: FreeBSD CVE-2002-0819 (Format string vulnerability in artsd, when called by artswrapper, ...) - NOT-FOR-US: artscontrol not suid root + - arts <not-affected> (artscontrol not suid root) CVE-2002-0815 (The Javascript "Same Origin Policy" (SOP), as implemented in (1) ...) - mozilla 2:1.0.0-1 CVE-2002-0812 (Information leak in Compaq WL310, and the Orinoco Residential Gateway ...) - NOT-FOR-US: no_package + NOT-FOR-US: Compaq hardware CVE-2002-0811 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote ...) NOTE: bugzilla 2.16.0-2.1 CVE-2002-0807 (Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, ...) @@ -21640,9 +21640,9 @@ CVE-2002-0803 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote ...) NOTE: bugzilla 2.16.0-2.1 CVE-2002-0800 (BadBlue 1.7.0 allows remote attackers to list the contents of ...) - NOT-FOR-US: no_package + NOT-FOR-US: BadBlue CVE-2002-0799 (Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers ...) - NOT-FOR-US: no_package + NOT-FOR-US: YoungZoft CVE-2002-0798 (Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local ...) NOT-FOR-US: HP CVE-2002-0797 (Buffer overflow in the MIB parsing component of mibiisa for Solaris ...) @@ -21656,11 +21656,11 @@ CVE-2002-0791 (Novell Netware FTP server NWFTPD before 5.02r allows remote attackers ...) NOT-FOR-US: Novell CVE-2002-0787 (Cross-site scripting vulnerabilities in iCon administrative web server ...) - NOT-FOR-US: no_package + NOT-FOR-US: iCon CVE-2002-0786 (iCon administrative web server for Critical Path inJoin Directory ...) - NOT-FOR-US: no_package + NOT-FOR-US: Critical Path inJoin Directory Server CVE-2002-0784 (Directory traversal vulnerability in Lysias Lidik web server 0.7b ...) - NOT-FOR-US: no_package + NOT-FOR-US: Lidik web server CVE-2002-0783 (Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary ...) NOT-FOR-US: Opera CVE-2002-0782 (Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled ...) @@ -21672,17 +21672,17 @@ CVE-2002-0779 (FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote ...) NOT-FOR-US: Novell CVE-2002-0775 (browse.asp in Hosting Controller allows remote attackers to view ...) - NOT-FOR-US: no_package + NOT-FOR-US: Hosting Controller CVE-2002-0774 (Hosting Controller creates a default user AdvWebadmin with a default ...) - NOT-FOR-US: no_package + NOT-FOR-US: Hosting Controller CVE-2002-0773 (imp_rootdir.asp for Hosting Controller allows remote attackers to copy ...) - NOT-FOR-US: no_package + NOT-FOR-US: Hosting Controller CVE-2002-0772 (Directory traversal vulnerability in dsnmanager.asp for Hosting ...) - NOT-FOR-US: no_package + NOT-FOR-US: Hosting Controller CVE-2002-0771 (Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 ...) - viewcvs 0.9.2-5 CVE-2002-0770 (Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain ...) - NOT-FOR-US: Quake server + TODO: Check quake2 CVE-2002-0769 (The web-based configuration interface for the Cisco ATA 186 Analog ...) NOT-FOR-US: Cisco CVE-2002-0767 (simpleinit on Linux systems does not close a read/write FIFO file ...) @@ -21724,7 +21724,7 @@ CVE-2002-0739 (Cross-site scripting in PostCalendar 3.02 allows remote attackers to ...) NOT-FOR-US: PostCalendat CVE-2002-0735 (Format string vulnerability in the logging() function in C-Note Squid ...) - NOT-FOR-US: only potato was vulnerable + - squid <not-affected> (Historic vulnerability, fixed before Woody was released) CVE-2002-0732 (Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote ...) NOT-FOR-US: MyGuestbook CVE-2002-0731 (Cross-site scripting vulnerability in demonstration scripts for ...)