Author: alec-guest Date: 2006-05-22 20:56:56 +0000 (Mon, 22 May 2006) New Revision: 4051 Modified: data/CVE/list Log: NOT-FOR-US Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-22 20:52:03 UTC (rev 4050) +++ data/CVE/list 2006-05-22 20:56:56 UTC (rev 4051) @@ -30297,9 +30297,9 @@ CVE-2001-1098 (Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in ...) NOT-FOR-US: Cisco CVE-2001-1096 (Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-1095 (Buffer overflow in uuq in AIX 4 could alllow local users to execute ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-1089 (libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to ...) TODO: check CVE-2001-1088 (Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, ...) @@ -30313,9 +30313,9 @@ CVE-2001-1081 (Format string vulnerabilities in Livingston/Lucent RADIUS before ...) TODO: check CVE-2001-1080 (diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-1079 (create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-1075 (poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote ...) TODO: check CVE-2001-1074 (Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION ...) @@ -30765,7 +30765,7 @@ CVE-2001-0574 (Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows ...) TODO: check CVE-2001-0573 (lsfs in AIX 4.x allows a local user to gain additional privileges by ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-0567 (Digital Creations Zope 2.3.2 and earlier allows a local attacker ...) TODO: check CVE-2001-0565 (Buffer overflow in mailx in Solaris 8 and earlier allows a local ...) @@ -30809,7 +30809,7 @@ CVE-2001-0537 (HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass ...) NOT-FOR-US: Cisco CVE-2001-0533 (Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-0530 (Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker ...) TODO: check CVE-2001-0529 (OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a ...) @@ -30861,7 +30861,7 @@ CVE-2001-0488 (pcltotiff in HP-UX 10.x has unnecessary set group id permissions, ...) TODO: check CVE-2001-0487 (AIX SNMP server snmpd allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-0486 (Remote attackers can cause a denial of service in Novell BorderManager ...) TODO: check CVE-2001-0485 (Unknown vulnerability in netprint in IRIX 6.2, and possibly other ...) @@ -31441,17 +31441,17 @@ CVE-2000-1131 (Bill Kendrick web site guestbook (GBook) allows remote attackers to ...) TODO: check CVE-2000-1124 (Buffer overflow in piobe command in IBM AIX 4.3.x allows local users ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-1123 (Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-1122 (Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-1121 (Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-1120 (Buffer overflow in digest command in IBM AIX 4.3.x and earlier ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-1119 (Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-1115 (Buffer overflow in remote web administration component (webprox.dll) ...) TODO: check CVE-2000-1113 (Buffer overflow in Microsoft Windows Media Player allows remote ...) @@ -31775,7 +31775,7 @@ CVE-2000-0874 (Eudora mail client includes the absolute path of the sender''s host ...) TODO: check CVE-2000-0873 (netstat in AIX 4.x.x does not properly restrict access to the -Zi ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-0871 (Buffer overflow in EFTP allows remote attackers to cause a denial of ...) TODO: check CVE-2000-0870 (Buffer overflow in EFTP allows remote attackers to cause a denial of ...) @@ -32165,7 +32165,7 @@ CVE-2000-0577 (Netscape Professional Services FTP Server 1.3.6 allows remote ...) TODO: check CVE-2000-0576 (Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-0575 (SSH 1.2.27 with Kerberos authentication support stores Kerberos ...) TODO: check CVE-2000-0573 (The lreply function in wu-ftpd 2.6.0 and earlier does not properly ...) @@ -32327,7 +32327,7 @@ CVE-2000-0467 (Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users ...) TODO: check CVE-2000-0466 (AIX cdmount allows local users to gain root privileges via shell ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-0465 (Internet Explorer 4.x and 5.x does properly verify the domain of a ...) NOT-FOR-US: Microsoft CVE-2000-0464 (Internet Explorer 4.x and 5.x allows remote attackers to execute ...) @@ -32371,7 +32371,7 @@ CVE-2000-0442 (Qpopper 2.53 and earlier allows local users to gain privileges via a ...) TODO: check CVE-2000-0441 (Vulnerability in AIX 3.2.x and 4.x allows local users to gain write ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-0440 (NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of ...) TODO: check CVE-2000-0439 (Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain ...) @@ -32663,7 +32663,7 @@ CVE-2000-0251 (HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes ...) TODO: check CVE-2000-0249 (The AIX Fast Response Cache Accelerator (FRCA) allows local users to ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-0247 (Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain ...) TODO: check CVE-2000-0246 (IIS 4.0 and 5.0 does not properly perform ISAPI extension processing ...) @@ -32867,7 +32867,7 @@ CVE-2000-0083 (HP asecure creates the Audio Security File audio.sec with insecure ...) TODO: check CVE-2000-0080 (AIX techlibss allows local users to overwrite files via a symlink ...) - TODO: check + NOT-FOR-US: AIX CVE-2000-0076 (nviboot boot script in the Debian nvi package allows local users to ...) TODO: check CVE-2000-0075 (Super Mail Transfer Package (SMTP), later called MsgCore, has a memory ...) @@ -33005,7 +33005,7 @@ CVE-1999-1488 (sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote ...) TODO: check CVE-1999-1486 (sadc in IBM AIX 4.1 through 4.3, when called from programs such as ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1481 (Squid 2.2.STABLE5 and below, when using external authentication, ...) TODO: check CVE-1999-1478 (The Sun HotSpot Performance Engine VM allows a remote attacker to ...) @@ -33166,7 +33166,7 @@ CVE-1999-1209 (Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open ...) TODO: check CVE-1999-1208 (Buffer overflow in ping in AIX 4.2 and earlier allows local users to ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1205 (nettune in HP-UX 10.01 and 10.00 is installed setuid root, which ...) TODO: check CVE-1999-1204 (Check Point Firewall-1 does not properly handle certain restricted ...) @@ -33248,15 +33248,15 @@ CVE-1999-1122 (Vulnerability in restore in SunOS 4.0.3 and earlier allows local users ...) TODO: check CVE-1999-1121 (The default configuration for UUCP in AIX before 3.2 allows local ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1120 (netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental ...) TODO: check CVE-1999-1119 (FTP installation script anon.ftp in AIX insecurely configures ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1118 (ndd in Solaris 2.6 allows local users to cause a denial of service by ...) TODO: check CVE-1999-1117 (lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1116 (Vulnerability in runpriv in Indigo Magic System Administration ...) TODO: check CVE-1999-1115 (Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS ...) @@ -33497,7 +33497,7 @@ CVE-1999-0904 (Buffer overflow in BFTelnet allows remote attackers to cause a denial ...) TODO: check CVE-1999-0903 (genfilt in the AIX Packet Filtering Module does not properly filter ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0902 (ypserv allows local administrators to modify password tables. ...) TODO: check CVE-1999-0901 (ypserv allows a local user to modify the GECOS and login shells ...) @@ -33643,7 +33643,7 @@ CVE-1999-0804 (Denial of service in Linux 2.2.x kernels via malformed ICMP packets ...) TODO: check CVE-1999-0803 (The fwluser script in AIX eNetwork Firewall allows local users to ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0802 (Buffer overflow in Internet Explorer 5 allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-1999-0801 (BMC Patrol allows remote attackers to gain access to an agent by ...) @@ -33665,7 +33665,7 @@ CVE-1999-0790 (A remote attacker can read information from a Netscape user''s cache ...) TODO: check CVE-1999-0789 (Buffer overflow in AIX ftpd in the libc library. ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0788 (Arkiea nlservd allows remote attackers to conduct a denial of service. ...) TODO: check CVE-1999-0787 (The SSH authentication agent follows symlinks via a UNIX domain ...) @@ -33828,7 +33828,7 @@ CVE-1999-0695 (The Sybase PowerDynamo personal web server allows attackers to ...) TODO: check CVE-1999-0694 (Denial of service in AIX ptrace system call allows local users to ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0693 (Buffer overflow in TT_SESSION environment variable in ToolTalk shared ...) TODO: check CVE-1999-0692 (The default configuration of the Array Services daemon (arrayd) ...) @@ -34104,9 +34104,9 @@ CVE-1999-0339 (Buffer overflow in the libauth library in Solaris allows local users ...) TODO: check CVE-1999-0338 (AIX Licensed Program Product performance tools allow local users to ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0337 (AIX batch queue (bsh) allows local and remote users to gain additional ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0335 (Buffer overflow in BSD and linux lpr command allows local users to ...) TODO: check CVE-1999-0334 (In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local ...) @@ -34420,21 +34420,21 @@ CVE-1999-0124 (Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow ...) TODO: check CVE-1999-0122 (Buffer overflow in AIX lchangelv gives root access. ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0120 (Sun/Solaris utmp file allows local users to gain root access if it ...) TODO: check CVE-1999-0118 (AIX infod allows local users to gain root access through an X display. ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0117 (AIX passwd allows local users to gain root access. ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0116 (Denial of service when an attacker sends many SYN packets to create ...) TODO: check CVE-1999-0115 (AIX bugfiler program allows local users to gain root access. ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0113 (Some implementations of rlogin allow root access if given a ...) TODO: check CVE-1999-0112 (Buffer overflow in AIX dtterm program for the CDE ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0111 (RIP v1 is susceptible to spoofing. ...) TODO: check CVE-1999-0109 (Buffer overflow in ffbconfig in Solaris 2.5.1 ...) @@ -34446,29 +34446,29 @@ CVE-1999-0102 (Buffer overflow in SLmail 3.x allows attackers to execute commands ...) TODO: check CVE-1999-0101 (Buffer overflow in AIX and Solaris "gethostbyname" library call allows ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0100 (Remote access in AIX innd 1.5.1, using control messages. ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0099 (Buffer overflow in syslog utility allows local or remote attackers to ...) TODO: check CVE-1999-0097 (The AIX FTP client can be forced to execute commands from a malicious ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0096 (Sendmail decode alias can be used to overwrite sensitive files ...) TODO: check CVE-1999-0095 (The debug command in Sendmail is enabled, allowing attackers to ...) TODO: check CVE-1999-0094 (AIX piodmgrsu command allows local users to gain additional ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0093 (AIX nslookup command allows local users to obtain root access by not ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0091 (Buffer overflow in AIX writesrv command allows local users to obtain ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0090 (Buffer overflow in AIX rcp command allows local users to obtain ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0087 (Denial of service in AIX telnet can freeze a system and prevent ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0085 (rwhod buffer overflow in AIX ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0084 (NFS mknod bug ...) TODO: check CVE-1999-0083 (getcwd() file descriptor leak in FTP ...) @@ -34490,7 +34490,7 @@ CVE-1999-0073 (Telnet allows a remote client to specify environment variables including ...) TODO: check CVE-1999-0072 (Buffer overflow in AIX xdat gives root access to local users. ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0071 (Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. ...) TODO: check CVE-1999-0070 (test-cgi program allows an attacker to list files on the server ...) @@ -34506,7 +34506,7 @@ CVE-1999-0065 (Multiple buffer overflows in how dtmail handles attachments allows a ...) TODO: check CVE-1999-0064 (Buffer overflow in AIX lquerylv program gives root access to local users. ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-0063 (Cisco IOS 12.0 and other versions can be crashed by malicious UDP ...) NOT-FOR-US: Cisco CVE-1999-0062 (The chpass command in OpenBSD allows a local user to gain root access ...) @@ -35522,9 +35522,9 @@ CVE-2001-1331 (mandb in the man-db package before 2.3.16-3 allows local users to ...) TODO: check CVE-2001-1330 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-1329 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-1326 (Eudora 5.1 allows remote attackers to execute arbitrary code when the ...) TODO: check CVE-2001-1325 (Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow ...) @@ -35884,7 +35884,7 @@ CVE-2001-1064 (Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows ...) NOT-FOR-US: Cisco CVE-2001-1061 (Vulnerability in lsmcode in unknown versions of AIX, possibly related ...) - TODO: check + NOT-FOR-US: AIX CVE-2001-1060 (phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute ...) TODO: check CVE-2001-1058 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...) @@ -37888,7 +37888,7 @@ CVE-1999-1489 (Buffer overflow in TestChip function in XFree86 SuperProbe in ...) TODO: check CVE-1999-1487 (Vulnerability in digest in AIX 4.3 allows printq users to gain root ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1485 (nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP ...) TODO: check CVE-1999-1484 (Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control ...) @@ -37898,7 +37898,7 @@ CVE-1999-1482 (SVGAlib zgv 3.0-7 and earlier allows local users to gain root access ...) TODO: check CVE-1999-1480 ((1) acledit and (2) aclput in AIX 4.3 allow local users to create or ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1479 (The textcounter.pl by Matt Wright allows remote attackers to execute ...) TODO: check CVE-1999-1477 (Buffer overflow in GNOME libraries 1.0.8 allows local user to gain ...) @@ -38010,11 +38010,11 @@ CVE-1999-1410 (addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary ...) TODO: check CVE-1999-1408 (Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1406 (dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which ...) TODO: check CVE-1999-1405 (snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1404 (IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote ...) TODO: check CVE-1999-1403 (IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, ...) @@ -38416,7 +38416,7 @@ CVE-1999-1081 (Vulnerability in files.pl script in Novell WebServer Examples Toolkit ...) TODO: check CVE-1999-1079 (Vulnerability in ptrace in AIX 4.3 allows local users to gain ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1078 (WS_FTP Pro 6.0 uses weak encryption for passwords in its ...) TODO: check CVE-1999-1077 (Idle locking function in MacOS 9 allows local attackers to bypass the ...) @@ -38424,7 +38424,7 @@ CVE-1999-1076 (Idle locking function in MacOS 9 allows local users to bypass the ...) TODO: check CVE-1999-1075 (inetd in AIX 4.1.5 dynamically assigns a port N when starting ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1073 (Excite for Web Servers (EWS) 1.1 records the first two characters of a ...) TODO: check CVE-1999-1072 (Excite for Web Servers (EWS) 1.1 allows local users to gain privileges ...) @@ -38514,7 +38514,7 @@ CVE-1999-1015 (Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and ...) TODO: check CVE-1999-1013 (named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group ...) - TODO: check + NOT-FOR-US: AIX CVE-1999-1012 (SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other ...) TODO: check CVE-1999-1009 (The Disney Go Express Search allows remote attackers to access and ...)