CVE-2000-1254 (crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shif ...) - openssl 0.9.6-1 NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=db82b8f9bd432a59aea8e1014694e15fc457c2bb CVE-2000-1253 RESERVED CVE-2000-1252 REJECTED CVE-2000-1251 REJECTED CVE-2000-1250 REJECTED CVE-2000-1249 REJECTED CVE-2000-1248 REJECTED CVE-2000-1247 (The default configuration of the jserv-status handler in jserv.conf in ...) - apache CVE-2000-1246 (NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 al ...) NOT-FOR-US: Novell NetWare CVE-2000-1245 (Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the ...) NOT-FOR-US: Novell NetWare CVE-2000-1244 (Computer Associates InoculateIT Agent for Exchange Server does not rec ...) NOT-FOR-US: Exchange Server CVE-2000-1243 (Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versio ...) NOT-FOR-US: Dansie Shopping Cart CVE-2000-1242 (The HTTP service in American Power Conversion (APC) PowerChute uses a ...) NOT-FOR-US: APC PowerChute CVE-2000-1241 (Unspecified vulnerability in Haakon Nilsen simple, integrated publishi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1240 (Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 ...) NOT-FOR-US: AnyPortal CVE-2000-1239 (The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM ...) NOT-FOR-US: Tivoli CVE-2000-1238 (BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows re ...) NOT-FOR-US: BEA Weblogic CVE-2000-1237 (The POP3 server in FTGate returns an -ERR code after receiving an inva ...) NOT-FOR-US: FTGate CVE-2000-1236 (SQL injection vulnerability in mod_sql in Oracle Internet Application ...) NOT-FOR-US: Oracle CVE-2000-1235 (The default configurations of (1) the port listener and (2) modplsql i ...) NOT-FOR-US: Oracle CVE-2000-1234 (violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails ...) NOT-FOR-US: Phorum CVE-2000-1233 (SQL injection vulnerability in read.php3 and other scripts in Phorum 3 ...) NOT-FOR-US: Phorum CVE-2000-1232 (upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify ce ...) NOT-FOR-US: Phorum CVE-2000-1231 (code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary fi ...) NOT-FOR-US: Phorum CVE-2000-1230 (Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to acces ...) NOT-FOR-US: Phorum CVE-2000-1229 (Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum ...) NOT-FOR-US: Phorum CVE-2000-1228 (Phorum 3.0.7 allows remote attackers to change the administrator passw ...) NOT-FOR-US: Phorum CVE-2000-1227 (Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause ...) NOT-FOR-US: microsoft CVE-2000-1226 (Snort 1.6, when running in straight ASCII packet logging mode or IDS m ...) - snort 1.6.1-1 CVE-2000-1225 (Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin ...) NOT-FOR-US: Xitami CVE-2000-1224 (Caucho Technology Resin 1.2 and possibly earlier allows remote attacke ...) NOT-FOR-US: Caucho Technology Resin CVE-2000-1223 (quikstore.cgi in Quikstore Shopping Cart allows remote attackers to ex ...) NOT-FOR-US: Quikstore Shopping Cart CVE-2000-1222 (AIX sysback before 4.2.1.13 uses a relative path to find and execute t ...) NOT-FOR-US: AIX CVE-2000-1221 (The line printer daemon (lpd) in the lpr package in multiple Linux ope ...) - lpr 1:0.48-1 CVE-2000-1220 (The line printer daemon (lpd) in the lpr package in multiple Linux ope ...) - lpr 1:0.48-1 CVE-2000-1219 (The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not ...) - gcc-3.3 1:3.3.4-1 CVE-2000-1218 (The default configuration for the domain name resolver for Microsoft W ...) NOT-FOR-US: Windows CVE-2000-1217 (Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a ...) NOT-FOR-US: Windows CVE-2000-1216 (Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt ...) NOT-FOR-US: AIX CVE-2000-1215 (The default configuration of Lotus Domino server 5.0.8 includes system ...) NOT-FOR-US: Lotus Domino CVE-2000-1212 (Zope 2.2.0 through 2.2.4 does not properly protect a data updating met ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1211 (Zope 2.2.0 through 2.2.4 does not properly perform security registrati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1210 (Directory traversal vulnerability in source.jsp of Apache Tomcat befor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1203 (Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1200 (Windows NT allows remote attackers to list all users in a domain by ob ...) NOT-FOR-US: Microsoft CVE-2000-1196 (PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1195 (telnet daemon (telnetd) from the Linux netkit package before netkit-te ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1193 (Performance Metrics Collector Daemon (PMCD) in Performance Copilot in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1190 (imwheel-solo in imwheel package allows local users to modify arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1189 (Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1187 (Buffer overflow in the HTML parser for Netscape 4.75 and earlier allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1184 (telnetd in FreeBSD 4.2 and earlier, and possibly other operating syste ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1182 (WatchGuard Firebox II allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1181 (Real Networks RealServer 7 and earlier allows remote attackers to obta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1180 (Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1179 (Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to rea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1178 (Joe text editor follows symbolic links when creating a rescue copy cal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1174 (Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and ea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1171 (Directory traversal vulnerability in cgiforum.pl script in CGIForum 1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1170 (Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1169 (OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1167 (ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict ac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1166 (Twig webmail system does not properly set the "vhosts" variable if it ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1165 (Balabit syslog-ng allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1164 (WinVNC installs the WinVNC3 registry key with permissions that give Sp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1163 (ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental var ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1162 (ghostscript before 5.10-16 allows local users to overwrite files of ot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1149 (Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server a ...) NOT-FOR-US: Microsoft CVE-2000-1148 (The installation of VolanoChatPro chat server sets world-readable perm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1146 (Recourse ManTrap 1.6 allows attackers to cause a denial of service via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1145 (Recourse ManTrap 1.6 allows attackers who have gained root access to u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1144 (Recourse ManTrap 1.6 sets up a chroot environment to hide the fact tha ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1143 (Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1142 (Recourse ManTrap 1.6 generates an error when an attacker cd's to /proc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1141 (Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1140 (Recourse ManTrap 1.6 does not properly hide processes from attackers, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1139 (The installation of Microsoft Exchange 2000 before Rev. A creates a us ...) NOT-FOR-US: Microsoft CVE-2000-1137 (GNU ed before 0.2-18.1 allows local users to overwrite the files of ot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1136 (elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1135 (fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1132 (DCForum cgforum.cgi CGI script allows remote attackers to read arbitra ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1131 (Bill Kendrick web site guestbook (GBook) allows remote attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1124 (Buffer overflow in piobe command in IBM AIX 4.3.x allows local users t ...) NOT-FOR-US: AIX CVE-2000-1123 (Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may all ...) NOT-FOR-US: AIX CVE-2000-1122 (Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may a ...) NOT-FOR-US: AIX CVE-2000-1121 (Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow ...) NOT-FOR-US: AIX CVE-2000-1120 (Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows ...) NOT-FOR-US: AIX CVE-2000-1119 (Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows ...) NOT-FOR-US: AIX CVE-2000-1115 (Buffer overflow in remote web administration component (webprox.dll) o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1113 (Buffer overflow in Microsoft Windows Media Player allows remote attack ...) NOT-FOR-US: Microsoft CVE-2000-1112 (Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS ...) NOT-FOR-US: Microsoft CVE-2000-1111 (Telnet Service for Windows 2000 Professional does not properly termina ...) NOT-FOR-US: Microsoft CVE-2000-1109 (Midnight Commander (mc) 4.5.51 and earlier does not properly process m ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1108 (cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not prop ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1107 (in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1106 (Trend Micro InterScan VirusWall creates an "Intscan" share to the "Int ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1101 (Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.4 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1099 (Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and ea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1097 (The web server for the SonicWALL SOHO firewall allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1096 (crontab by Paul Vixie uses predictable file names for a temporary file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1095 (modprobe in the modutils 2.3.x package on Linux systems allows a local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1094 (Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1089 (Buffer overflow in Microsoft Phone Book Service allows local users to ...) NOT-FOR-US: Microsoft CVE-2000-1080 (Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1077 (Buffer overflow in the SHTML logging functionality of iPlanet Web Serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1075 (Directory traversal vulnerability in iPlanet Certificate Management Sy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1074 (csstart program in iCal 2.1 Patch 2 uses relative pathnames to install ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1073 (csstart program in iCal 2.1 Patch 2 searches for the cshttpd program i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1072 (iCal 2.1 Patch 2 installs many files with world-writeable permissions, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1071 (The GUI installation for iCal 2.1 Patch 2 disables access control for ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1070 (pollit.cgi in Poll It 2.01 and earlier uses data files that are locate ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1069 (pollit.cgi in Poll It 2.01 and earlier allows remote attackers to acce ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1068 (pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1061 (Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows ...) NOT-FOR-US: Microsoft CVE-2000-1060 (The default configuration of XFCE 3.5.1 bypasses the Xauthority access ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1059 (The default configuration of the Xsession file in Mandrake Linux 7.1 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1058 (Buffer overflow in OverView5 CGI program in HP OpenView Network Node M ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1057 (Vulnerabilities in database configuration scripts in HP OpenView Netwo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1056 (CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to b ...) NOT-FOR-US: Cisco CVE-2000-1055 (Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows re ...) NOT-FOR-US: Cisco CVE-2000-1054 (Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and ...) NOT-FOR-US: Cisco CVE-2000-1051 (Directory traversal vulnerability in Allaire JRun 2.3 server allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1050 (Allaire JRun 3.0 http servlet server allows remote attackers to direct ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1049 (Allaire JRun 3.0 http servlet server allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1047 (Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1045 (nss_ldap earlier than 121, when run with nscd (name service caching da ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1044 (Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1043 (Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlie ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1042 (Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1041 (Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1040 (Format string vulnerability in logging function of ypbind 3.3, while r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1038 (The web administration interface for IBM AS/400 Firewall allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1036 (Directory traversal vulnerability in Extent RBS ISP web server allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1034 (Buffer overflow in the System Monitor ActiveX control in Windows 2000 ...) NOT-FOR-US: Microsoft CVE-2000-1032 (The client authentication interface for Check Point Firewall-1 4.0 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1031 (Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1027 (Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine ...) NOT-FOR-US: Cisco CVE-2000-1026 (Multiple buffer overflows in LBNL tcpdump allow remote attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1024 (eWave ServletExec 3.0C and earlier does not restrict access to the Upl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1022 (The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier ...) NOT-FOR-US: Cisco CVE-2000-1019 (Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1018 (shred 1.0 file wiping utility does not properly open a file for overwr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1016 (The default configuration of Apache (httpd.conf) on SuSE 6.4 includes ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1014 (Format string vulnerability in the search97.cgi CGI script in SCO help ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1011 (Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1010 (Format string vulnerability in talkd in OpenBSD and possibly other BSD ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1007 (I-gear 3.5.7 and earlier does not properly process log entries in whic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1006 (Microsoft Exchange Server 5.5 does not properly handle a MIME header w ...) NOT-FOR-US: Microsoft CVE-2000-1005 (Directory traversal vulnerability in html_web_store.cgi and web_store. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1004 (Format string vulnerability in OpenBSD photurisd allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1003 (NETBIOS client in Windows 95 and Windows 98 allows a remote attacker t ...) NOT-FOR-US: Microsoft CVE-2000-1002 (POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1001 (add_2_basket.asp in Element InstantShop allows remote attackers to mod ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1000 (Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0996 (Format string vulnerability in OpenBSD su program (and possibly other ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0995 (Format string vulnerability in OpenBSD yp_passwd program (and possibly ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0994 (Format string vulnerability in OpenBSD fstat program (and possibly oth ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0993 (Format string vulnerability in pw_error function in BSD libutil librar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0992 (Directory traversal vulnerability in scp in sshd 1.2.xx allows a remot ...) {CVE-2004-0175} - openssh 1:3.9p1-1 (low; bug #270770) [sarge] - openssh (Minor issue) NOTE: Rediscoved as CVE-2004-0175, see there. CVE-2000-0991 (Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ...) NOT-FOR-US: Microsoft CVE-2000-0990 (cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0989 (Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0984 (The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to c ...) NOT-FOR-US: Cisco CVE-2000-0983 (Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote ...) NOT-FOR-US: Microsoft CVE-2000-0982 (Internet Explorer before 5.5 forwards cached user credentials for a se ...) NOT-FOR-US: Microsoft CVE-2000-0981 (MySQL Database Engine uses a weak authentication method which leaks in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0980 (NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink do ...) NOT-FOR-US: Microsoft CVE-2000-0979 (File and Print Sharing service in Windows 95, Windows 98, and Windows ...) NOT-FOR-US: Microsoft CVE-2000-0978 (bbd server in Big Brother System and Network Monitor before 1.5c2 allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0977 (mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0976 (Buffer overflow in xlib in XFree 3.3.x possibly allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0975 (Directory traversal vulnerability in apexec.pl in Anaconda Foundation ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0974 (GnuPG (gpg) 1.0.3 does not properly check all signatures of a file con ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0973 (Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier tha ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0972 (HP-UX 11.00 crontab allows local users to read arbitrary files via the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0970 (IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure ...) NOT-FOR-US: Microsoft CVE-2000-0969 (Format string vulnerability in Half Life dedicated server build 3104 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0968 (Buffer overflow in Half Life dedicated server before build 3104 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0967 (PHP 3 and 4 do not properly cleanse user-injected format strings, whic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0966 (Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of H ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0965 (The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0964 (Buffer overflow in the web administration service for the HiNet LP5100 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0962 (The IPSEC implementation in OpenBSD 2.7 does not properly handle empty ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0961 (Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0960 (The POP3 server in Netscape Messaging Server 4.15p1 generates differen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0959 (glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG enviro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0958 (HotJava Browser 3.0 allows remote attackers to access the DOM of a web ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0957 (The pluggable authentication module for mysql (pam_mysql) before 0.4.7 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0956 (cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0953 (Shambala Server 4.5 allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0952 (global.cgi CGI program in Global 3.55 and earlier on NetBSD allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0951 (A misconfiguration in IIS 5.0 with Index Server enabled and the Index ...) NOT-FOR-US: Microsoft CVE-2000-0949 (Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0948 (GnoRPM before 0.95 allows local users to modify arbitrary files via a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0947 (Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0946 (Compaq Easy Access Keyboard software 1.3 does not properly disable acc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0945 (The web configuration interface for Catalyst 3500 XL switches allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0944 (CGI Script Center News Update 1.1 does not properly validate the origi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0943 (Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0942 (The CiWebHitsFile component in Microsoft Indexing Services for Windows ...) NOT-FOR-US: Microsoft CVE-2000-0941 (Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0938 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a differe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0937 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0936 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0935 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0934 (Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0933 (The Input Method Editor (IME) in the Simplified Chinese version of Win ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0932 (MAILsweeper for SMTP 3.x does not properly handle corrupt CDA document ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0930 (Pegasus Mail 3.12 allows remote attackers to read arbitrary files via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0929 (Microsoft Windows Media Player 7 allows attackers to cause a denial of ...) NOT-FOR-US: Microsoft CVE-2000-0928 (WQuinn QuotaAdvisor 4.1 allows users to list directories and files by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0927 (WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0926 (SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0925 (The default installation of SmartWin CyberOffice Shopping Cart 2 (aka ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0924 (Directory traversal vulnerability in search.cgi CGI script in Armada M ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0923 (authenticate.cgi CGI program in Aplio PRO allows remote attackers to e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0922 (Directory traversal vulnerability in Bytes Interactive Web Shopper sho ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0921 (Directory traversal vulnerability in Hassan Consulting shop.cgi shoppi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0920 (Directory traversal vulnerability in BOA web server 0.94.8.2 and earli ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0919 (Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earli ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0917 (Format string vulnerability in use_syslog() function in LPRng 3.6.24 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0915 (fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0914 (OpenBSD 2.6 and earlier allows remote attackers to cause a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0913 (mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0912 (MultiHTML CGI script allows remote attackers to read arbitrary files a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0911 (IMP 2.2 and earlier allows attackers to read and delete arbitrary file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0910 (Horde library 1.02 allows attackers to execute arbitrary commands via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0909 (Buffer overflow in the automatic mail checking component of Pine 4.21 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0908 (BrowseGate 2.80 allows remote attackers to cause a denial of service a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0901 (Format string vulnerability in screen 3.9.5 and earlier allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0900 (Directory traversal vulnerability in ssi CGI program in thttpd 2.19 an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0897 (Small HTTP Server 2.03 and earlier allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0896 (WatchGuard SOHO firewall allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0895 (Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0894 (HTTP server on the WatchGuard SOHO firewall does not properly restrict ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0892 (Some telnet clients allow remote telnet servers to request environment ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0891 (A default ECL in Lotus Notes before 5.02 allows remote attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0890 (periodic in FreeBSD 4.1.1 and earlier, and possibly other operating sy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0888 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0887 (named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0886 (IIS 5.0 allows remote attackers to execute arbitrary commands via a ma ...) NOT-FOR-US: Microsoft CVE-2000-0884 (IIS 4.0 and 5.0 allows remote attackers to read documents outside of t ...) NOT-FOR-US: Microsoft CVE-2000-0883 (The default configuration of mod_perl for Apache as installed on Mandr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0878 (The mailto CGI script allows remote attacker to execute arbitrary comm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0877 (mailform.pl CGI script in MailForm 2.0 allows remote attackers to read ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0876 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0875 (WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0874 (Eudora mail client includes the absolute path of the sender's host wit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0873 (netstat in AIX 4.x.x does not properly restrict access to the -Zi opti ...) NOT-FOR-US: AIX CVE-2000-0871 (Buffer overflow in EFTP allows remote attackers to cause a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0870 (Buffer overflow in EFTP allows remote attackers to cause a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0869 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables W ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0868 (The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0867 (Kernel logging daemon (klogd) in Linux does not properly cleanse user- ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0865 (Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0864 (Race condition in the creation of a Unix domain socket in GNOME esound ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0863 (Buffer overflow in listmanager earlier than 2.105.1 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0862 (Vulnerability in an administrative interface utility for Allaire Spect ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0861 (Mailman 1.1 allows list administrators to execute arbitrary commands v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0860 (The file upload capability in PHP versions 3 and 4 allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0859 (The web configuration server for NTMail V5 and V6 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0858 (Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to c ...) NOT-FOR-US: Microsoft CVE-2000-0856 (Buffer overflow in SunFTP build 9(1) allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0854 (When a Microsoft Office 2000 document is launched, the directory of th ...) NOT-FOR-US: Microsoft CVE-2000-0853 (YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0852 (Multiple buffer overflows in eject on FreeBSD and possibly other OSes ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0851 (Buffer overflow in the Still Image Service in Windows 2000 allows loca ...) NOT-FOR-US: Microsoft CVE-2000-0850 (Netegrity SiteMinder before 4.11 allows remote attackers to bypass its ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0849 (Race condition in Microsoft Windows Media server allows remote attacke ...) NOT-FOR-US: Microsoft CVE-2000-0848 (Buffer overflow in IBM WebSphere web application server (WAS) allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0847 (Buffer overflow in University of Washington c-client library (used by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0846 (Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0844 (Some functions that implement the locale subsystem on Unix do not pro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0839 (WinCOM LPD 1.00.90 allows remote attackers to cause a denial of servic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0838 (Fastream FUR HTTP server 1.0b allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0837 (FTP Serv-U 2.5e allows remote attackers to cause a denial of service b ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0834 (The Windows 2000 telnet client attempts to perform NTLM authentication ...) NOT-FOR-US: Microsoft CVE-2000-0830 (annclist.exe in webTV for Windows allows remote attackers to cause a d ...) NOT-FOR-US: Microsoft CVE-2000-0829 (The tmpwatch utility in Red Hat Linux forks a new process for each dir ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0825 (Ipswitch Imail 6.0 allows remote attackers to cause a denial of servic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0824 (The unsetenv function in glibc 2.1.1 does not properly unset an enviro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0818 (The default installation for the Oracle listener program 7.3.4, 8.0.6, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0816 (Linux tmpwatch --fuser option allows local users to execute arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0813 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0811 (Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0810 (Auction Weaver 1.0 through 1.04 does not properly validate the names o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0809 (Buffer overflow in Getkey in the protocol checker in the inter-module ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0808 (The seed generation mechanism in the inter-module S/Key authentication ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0807 (The OPSEC communications authentication mechanism (fwn1) in Check Poin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0806 (The inter-module authentication mechanism (fwa1) in Check Point VPN-1/ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0805 (Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits en ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0804 (Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0803 (GNU Groff uses the current working directory to find a device descript ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0799 (inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0797 (Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0796 (Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to ga ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0795 (Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to ga ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0792 (Gnome Lokkit firewall package before 0.41 does not properly restrict a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0790 (The web-based folder display capability in Microsoft Internet Explorer ...) NOT-FOR-US: Microsoft CVE-2000-0788 (The Mail Merge tool in Microsoft Word does not prompt the user before ...) NOT-FOR-US: Microsoft CVE-2000-0787 (IRC Xchat client versions 1.4.2 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0786 (GNU userv 1.0.0 and earlier does not properly perform file descriptor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0783 (Watchguard Firebox II allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0782 (netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0781 (uagentsetup in ARCServeIT Client Agent 6.62 does not properly check fo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0780 (The web server in IPSWITCH IMail 6.04 and earlier allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0779 (Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0778 (IIS 5.0 allows remote attackers to obtain source code for .ASP files a ...) NOT-FOR-US: Microsoft CVE-2000-0777 (The password protection feature of Microsoft Money can store the passw ...) NOT-FOR-US: Microsoft CVE-2000-0776 (Mediahouse Statistics Server 5.02x allows remote attackers to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0773 (Bajie HTTP web server 0.30a allows remote attackers to read arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0771 (Microsoft Windows 2000 allows local users to cause a denial of service ...) NOT-FOR-US: Microsoft CVE-2000-0770 (IIS 4.0 and 5.0 does not properly restrict access to certain types of ...) NOT-FOR-US: Microsoft CVE-2000-0768 (A function in Internet Explorer 4.x and 5.x does not properly verify t ...) NOT-FOR-US: Microsoft CVE-2000-0767 (The ActiveX control for invoking a scriptlet in Internet Explorer 4.x ...) NOT-FOR-US: Microsoft CVE-2000-0766 (Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0765 (Buffer overflow in the HTML interpreter in Microsoft Office 2000 allow ...) NOT-FOR-US: Microsoft CVE-2000-0764 (Intel Express 500 series switches allow a remote attacker to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0763 (xlockmore and xlockf do not properly cleanse user-injected format stri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0762 (The default installation of eTrust Access Control (formerly SeOS) uses ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0761 (OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0758 (The web interface for Lyris List Manager 3 and 4 allows list subscribe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0754 (Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0753 (The Microsoft Outlook mail client identifies the physical path of the ...) NOT-FOR-US: Microsoft CVE-2000-0751 (mopd (Maintenance Operations Protocol loader daemon) does not properly ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0750 (Buffer overflow in mopd (Maintenance Operations Protocol loader daemon ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0749 (Buffer overflow in the Linux binary compatibility module in FreeBSD 3. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0747 (The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0745 (admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0744 (DEPRECATED. This entry has been deprecated. It is a duplicate of CVE ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0743 (Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0742 (The IPX protocol implementation in Microsoft Windows 95 and 98 allows ...) NOT-FOR-US: Microsoft CVE-2000-0741 (Format string vulnerability in strong.exe program in NAI Net Tools PKI ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0740 (Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0739 (Directory traversal vulnerability in strong.exe program in NAI Net Too ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0738 (WebShield SMTP 4.5 allows remote attackers to cause a denial of servic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0737 (The Service Control Manager (SCM) in Windows 2000 creates predictable ...) NOT-FOR-US: Microsoft CVE-2000-0733 (Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0732 (Worm HTTP server allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0731 (Directory traversal vulnerability in Worm HTTP server allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0730 (Vulnerability in newgrp command in HP-UX 11.0 allows local users to ga ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0729 (FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0728 (xpdf PDF viewer client earlier than 0.91 allows local users to overwri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0727 (xpdf PDF viewer client earlier than 0.91 does not properly launch a we ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0726 (CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0725 (Zope before 2.2.1 does not properly restrict access to the getRoles me ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0720 (news.cgi in GWScripts News Publisher does not properly authenticate re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0718 (A race condition in MandrakeUpdate allows local users to modify RPM fi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0717 (GoodTech FTP server allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0716 (WorldClient email client in MDaemon 2.8 includes the session ID in the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0712 (Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to ga ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0711 (Netscape Communicator does not properly prevent a ServerSocket object ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0708 (Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0707 (PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0706 (Buffer overflows in ntop running in web mode allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0705 (ntop running in web mode allows remote attackers to read arbitrary fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0703 (suidperl (aka sperl) does not properly cleanse the escape sequence "~! ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0702 (The net.init rc script in HP-UX 11.00 (S008net.init) allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0700 (Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethern ...) NOT-FOR-US: Cisco CVE-2000-0699 (Format string vulnerability in ftpd in HP-UX 10.20 allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0698 (Minicom 1.82.1 and earlier on some Linux systems allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0694 (pgxconfig in the Raptor GFX configuration tool allows local users to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0693 (pgxconfig in the Raptor GFX configuration tool uses a relative path na ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0685 (BEA WebLogic 5.1.x does not properly restrict access to the PageCompil ...) NOT-FOR-US: BEA WebLogic CVE-2000-0684 (BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet ...) NOT-FOR-US: BEA WebLogic CVE-2000-0683 (BEA WebLogic 5.1.x allows remote attackers to read source code for par ...) NOT-FOR-US: BEA WebLogic CVE-2000-0682 (BEA WebLogic 5.1.x allows remote attackers to read source code for par ...) NOT-FOR-US: BEA WebLogic CVE-2000-0681 (Buffer overflow in BEA WebLogic server proxy plugin allows remote atta ...) NOT-FOR-US: BEA WebLogic CVE-2000-0679 (The CVS 1.10.8 client trusts pathnames that are provided by the CVS se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0678 (PGP 5.5.x through 6.5.3 does not properly check if an Additional Decry ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0677 (Buffer overflow in IBM Net.Data db2www CGI program allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0676 (Netscape Communicator and Navigator 4.04 through 4.74 allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0675 (Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0674 (ftp.pl CGI program for Virtual Visions FTP browser allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0673 (The NetBIOS Name Server (NBNS) protocol does not perform authenticatio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0672 (The default configuration of Jakarta Tomcat does not restrict access t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0671 (Roxen web server earlier than 2.0.69 allows allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0670 (The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with writ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0669 (Novell NetWare 5.0 allows remote attackers to cause a denial of servic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0668 (pam_console PAM module in Linux systems allows a user to access the sy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0666 (rpc.statd in the nfs-utils package in various Linux distributions does ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0665 (GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0664 (AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0663 (The registry entry for the Windows Shell executable (Explorer.exe) in ...) NOT-FOR-US: Microsoft CVE-2000-0662 (Internet Explorer 5.x and Microsoft Outlook allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-2000-0661 (WircSrv IRC Server 5.07s allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0660 (The WDaemon web server for WorldClient 2.1 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0655 (Netscape Communicator 4.73 and earlier allows remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0654 (Microsoft Enterprise Manager allows local users to obtain database pas ...) NOT-FOR-US: Microsoft CVE-2000-0652 (IBM WebSphere allows remote attackers to read source code for executab ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0651 (The ClientTrust program in Novell BorderManager does not properly veri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0650 (The default installation of VirusScan 4.5 and NetShield 4.5 has insecu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0644 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0643 (Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0642 (The default configuration of WebActive HTTP Server 1.00 stores the web ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0641 (Savant web server allows remote attackers to execute arbitrary command ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0640 (Guild FTPd allows remote attackers to determine the existence of files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0639 (The default configuration of Big Brother 1.4h2 and earlier does not in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0638 (bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0637 (Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary co ...) NOT-FOR-US: Microsoft CVE-2000-0636 (HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0635 (The view_page.html sample page in the MiniVend shopping cart program a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0634 (The web administration interface for CommuniGate Pro 3.2.5 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0633 (Vulnerability in Mandrake Linux usermode package allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0632 (Buffer overflow in the web archive component of L-Soft Listserv 1.8d a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0631 (An administrative script from IIS 3.0, later included in IIS 4.0 and 5 ...) NOT-FOR-US: Microsoft CVE-2000-0630 (IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source ...) NOT-FOR-US: Microsoft CVE-2000-0628 (The source.asp example script in the Apache ASP module Apache::ASP 1.9 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0627 (BlackBoard CourseInfo 4.0 does not properly authenticate users, which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0624 (Buffer overflow in Winamp 2.64 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0622 (Buffer overflow in Webfind CGI program in O'Reilly WebSite Professiona ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0621 (Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, allo ...) NOT-FOR-US: Microsoft CVE-2000-0620 (libX11 X library allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0619 (Top Layer AppSwitch 2500 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0616 (Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain addit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0615 (LPRng 3.6.x improperly installs lpd as setuid root, which can allow lo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0613 (Cisco Secure PIX Firewall does not properly identify forged TCP Reset ...) NOT-FOR-US: Cisco CVE-2000-0611 (The default configuration of NetWin dMailWeb and cwMail trusts all POP ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0610 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0604 (gkermit in Red Hat Linux is improperly installed with setgid uucp, whi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0603 (Microsoft SQL Server 7.0 allows a local user to bypass permissions for ...) NOT-FOR-US: Microsoft CVE-2000-0602 (Secure Locate (slocate) in Red Hat Linux allows local users to gain pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0601 (LeafChat 1.7 IRC client allows a remote IRC server to cause a denial o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0600 (Netscape Enterprise Server in NetWare 5.1 allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0599 (Buffer overflow in iMesh 1.02 allows remote attackers to execute arbit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0598 (Fortech Proxy+ allows remote attackers to bypass access restrictions f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0597 (Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are mar ...) NOT-FOR-US: Microsoft CVE-2000-0596 (Internet Explorer 5.x does not warn a user before opening a Microsoft ...) NOT-FOR-US: Microsoft CVE-2000-0595 (libedit searches for the .editrc file in the current directory instead ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0594 (BitchX IRC client does not properly cleanse an untrusted format string ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0593 (WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0591 (Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0590 (Poll It 2.0 CGI script allows remote attackers to read arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0588 (SawMill 5.0.21 CGI program allows remote attackers to read the first l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0587 (The privpath directive in glftpd 1.18 allows remote attackers to bypas ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0586 (Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0585 (ISC DHCP client program dhclient allows remote attackers to execute ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0584 (Buffer overflow in Canna input system allows remote attackers to execu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0583 (vchkpw program in vpopmail before version 4.8 does not properly cleans ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0582 (Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0581 (Windows 2000 Telnet Server allows remote attackers to cause a denial o ...) NOT-FOR-US: Microsoft CVE-2000-0579 (IRIX crontab creates temporary files with predictable file names and w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0577 (Netscape Professional Services FTP Server 1.3.6 allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0576 (Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows re ...) NOT-FOR-US: AIX CVE-2000-0575 (SSH 1.2.27 with Kerberos authentication support stores Kerberos ticket ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0573 (The lreply function in wu-ftpd 2.6.0 and earlier does not properly cle ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0571 (LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0570 (FirstClass Internet Services server 5.770, and other versions before 6 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0569 (Sybergen Sygate allows remote attackers to cause a denial of service b ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0568 (Sybergen Secure Desktop 2.1 does not properly protect against false ro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0567 (Buffer overflow in Microsoft Outlook and Outlook Express allows remote ...) NOT-FOR-US: Microsoft CVE-2000-0566 (makewhatis in Linux man package allows local users to overwrite files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0565 (SmartFTP Daemon 0.2 allows a local user to access arbitrary files by u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0561 (Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0558 (Buffer overflow in HP Openview Network Node Manager 6.1 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0557 (Buffer overflow in the web interface for Cmail 2.4.7 allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0556 (Buffer overflow in the web interface for Cmail 2.4.7 allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0555 (Ceilidh allows remote attackers to cause a denial of service via a lar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0553 (Race condition in IPFilter firewall 3.4.3 and earlier, when configured ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0552 (ICQwebmail client for ICQ 2000A creates a world readable temporary fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0551 (The file transfer mechanism in Danware NetOp 6.0 does not provide auth ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0550 (Kerberos 4 KDC program improperly frees memory twice (aka "double-free ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0549 (Kerberos 4 KDC program does not properly check for null termination of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0548 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0542 (Tigris remote access server before 11.5.4.22 does not properly record ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0541 (The Panda Antivirus console on port 2001 allows local users to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0540 (JSP sample files in Allaire JRun 2.3.x allow remote attackers to acces ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0539 (Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtai ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0538 (ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0537 (BRU backup software allows local users to append data to arbitrary fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0536 (xinetd 2.1.8.x does not properly restrict connections if hostnames are ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0534 (The apsfilter software in the FreeBSD ports package does not properly ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0533 (Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0532 (A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0530 (The KApplication class in the KDE 1.1.2 configuration file management ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0529 (Net Tools PKI Server allows remote attackers to cause a denial of serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0528 (Net Tools PKI Server does not properly restrict access to remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0525 (OpenSSH does not properly drop privileges when the UseLogin option is ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0523 (Buffer overflow in the logging feature of EServ 2.9.2 and earlier allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0522 (RSA ACE/Server allows remote attackers to cause a denial of service by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0521 (Savant web server allows remote attackers to read source code of CGI s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0519 (Internet Explorer 4.x and 5.x does not properly re-validate an SSL cer ...) NOT-FOR-US: Microsoft CVE-2000-0518 (Internet Explorer 4.x and 5.x does not properly verify all contents of ...) NOT-FOR-US: Microsoft CVE-2000-0517 (Netscape 4.73 and earlier does not properly warn users about a potenti ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0516 (When configured to store configuration information in an LDAP director ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0515 (The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0514 (GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict acces ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0513 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0512 (CUPS (Common Unix Printing System) 1.04 and earlier does not properly ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0511 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0510 (CUPS (Common Unix Printing System) 1.04 and earlier allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0508 (rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0507 (Imate Webmail Server 2.5 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0506 (The "capabilities" feature in Linux before 2.2.16 allows local users t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0505 (The Apache 1.3.x HTTP server for Windows platforms allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0504 (libICE in XFree86 allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0502 (Mcafee VirusScan 4.03 does not properly restrict access to the alert t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0501 (Race condition in MDaemon 2.8.5.0 POP server allows local users to cau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0500 (The default configuration of BEA WebLogic 5.1.0 allows a remote attack ...) NOT-FOR-US: BEA WebLogic CVE-2000-0499 (The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a ...) NOT-FOR-US: BEA WebLogic CVE-2000-0498 (Unify eWave ServletExec allows a remote attacker to view source code o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0497 (IBM WebSphere server 3.0.2 allows a remote attacker to view source cod ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0495 (Microsoft Windows Media Encoder allows remote attackers to cause a den ...) NOT-FOR-US: Microsoft CVE-2000-0494 (Veritas Volume Manager creates a world writable .server_pids file, whi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0493 (Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0490 (Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0489 (FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0488 (Buffer overflow in ITHouse mail server 1.04 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0486 (Buffer overflow in Cisco TACACS+ tac_plus server allows remote attacke ...) NOT-FOR-US: Cisco CVE-2000-0485 (Microsoft SQL Server allows local users to obtain database passwords v ...) NOT-FOR-US: Microsoft CVE-2000-0484 (Buffer overflow in Small HTTP Server allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0483 (The DocumentTemplate package in Zope 2.2 and earlier allows a remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0482 (Check Point Firewall-1 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0481 (Buffer overflow in KDE Kmail allows a remote attacker to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0478 (In some cases, Norton Antivirus for Exchange (NavExchange) enters a "f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0477 (Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0475 (Windows 2000 allows a local user process to access another user's desk ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0474 (Real Networks RealServer 7.x allows remote attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0472 (Buffer overflow in innd 2.2.2 allows remote attackers to execute arbit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0471 (Buffer overflow in ufsrestore in Solaris 8 and earlier allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0470 (Allegro RomPager HTTP server allows remote attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0469 (Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0468 (man in HP-UX 10.20 and 11 allows local attackers to overwrite files vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0467 (Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0466 (AIX cdmount allows local users to gain root privileges via shell metac ...) NOT-FOR-US: AIX CVE-2000-0465 (Internet Explorer 4.x and 5.x does not properly verify the domain of a ...) NOT-FOR-US: Microsoft CVE-2000-0464 (Internet Explorer 4.x and 5.x allows remote attackers to execute arbit ...) NOT-FOR-US: Microsoft CVE-2000-0463 (BeOS 5.0 allows remote attackers to cause a denial of service via frag ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0462 (ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0461 (The undocumented semconfig system call in BSD freezes the state of sem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0460 (Buffer overflow in KDE kdesud on Linux allows local uses to gain privi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0459 (IMP does not remove files properly if the MSWordView application quits ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0458 (The MSWordView application in IMP creates world-readable files in the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0457 (ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file conten ...) NOT-FOR-US: Microsoft CVE-2000-0456 (NetBSD 1.4.2 and earlier allows local users to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0455 (Buffer overflow in xlockmore xlock program version 4.16 and earlier al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0454 (Buffer overflow in Linux cdrecord allows local users to gain privilege ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0453 (XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0452 (Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0451 (The Intel express 8100 ISDN router allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0448 (The WebShield SMTP Management Tool version 4.5.44 does not properly re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0447 (Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0446 (Buffer overflow in MDBMS database server allows remote attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0445 (The pgpk command in PGP 5.x on Unix systems uses an insufficiently ran ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0443 (The web interface server in HP Web JetAdmin 5.6 allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0442 (Qpopper 2.53 and earlier allows local users to gain privileges via a f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0441 (Vulnerability in AIX 3.2.x and 4.x allows local users to gain write ac ...) NOT-FOR-US: AIX CVE-2000-0440 (NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0439 (Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain cl ...) NOT-FOR-US: Microsoft CVE-2000-0438 (Buffer overflow in fdmount on Linux systems allows local users in the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0437 (Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0436 (MetaProducts Offline Explorer 1.2 and earlier allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0435 (The allmanageup.pl file upload CGI script in the Allmanage Website adm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0432 (The calender.pl and the calendar_admin.pl calendar scripts by Matt Kru ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0431 (Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0430 (Cart32 allows remote attackers to access sensitive debugging informati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0428 (Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0427 (The Aladdin Knowledge Systems eToken device allows attackers with phys ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0426 (UltraBoard 1.6 and other versions allow remote attackers to cause a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0425 (Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0424 (The CGI counter 4.0.7 by George Burgyan allows remote attackers to exe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0421 (The process_bug.cgi script in Bugzilla allows remote attackers to exec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0419 (The Office 2000 UA ActiveX Control is marked as "safe for scripting," ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0418 (The Cayman 3220-H DSL router allows remote attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0417 (The HTTP administration interface to the Cayman 3220-H DSL router allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0416 (NTMail 5.x allows network users to bypass the NTMail proxy restriction ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0414 (Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0411 (Matt Wright's FormMail CGI script allows remote attackers to obtain en ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0410 (ColdFusion Server 4.5.1 allows remote attackers to cause a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0409 (Netscape 4.73 and earlier follows symlinks when it imports a new certi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0408 (IIS 4.05 and 5.0 allow remote attackers to cause a denial of service v ...) NOT-FOR-US: Microsoft CVE-2000-0407 (Buffer overflow in Solaris netpr program allows local users to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0406 (Netscape Communicator before version 4.73 and Navigator 4.07 do not pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0405 (Buffer overflow in L0pht AntiSniff allows remote attackers to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0404 (The CIFS Computer Browser service allows remote attackers to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0403 (The CIFS Computer Browser service on Windows NT 4.0 allows a remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0402 (The Mixed Mode authentication capability in Microsoft SQL Server 7.0 s ...) NOT-FOR-US: Microsoft CVE-2000-0399 (Buffer overflow in MDaemon POP server allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0398 (Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0397 (The EMURL web-based email account software encodes predictable identif ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0396 (The add.exe program in the Carello shopping cart software allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0395 (Buffer overflow in CProxy 3.3 allows remote users to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0394 (NetProwler 3.0 allows remote attackers to cause a denial of service by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0393 (The KDE kscd program does not drop privileges when executing a program ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0392 (Buffer overflow in ksu in Kerberos 5 allows local users to gain root p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0391 (Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0390 (Buffer overflow in krb425_conv_principal function in Kerberos 5 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0389 (Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0388 (Buffer overflow in FreeBSD libmytinfo library allows local users to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0387 (The makelev program in the golddig game from the FreeBSD ports collect ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0382 (ColdFusion ClusterCATS appends stale query string arguments to a URL d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0381 (The Gossamer Threads DBMan db.cgi CGI script allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0380 (The IOS HTTP service in Cisco routers and switches running IOS 11.1 th ...) NOT-FOR-US: Cisco CVE-2000-0379 (The Netopia R9100 router does not prevent authenticated users from mod ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0378 (The pam_console PAM module in Linux systems performs a chown on variou ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0377 (The Remote Registry server in Windows NT 4.0 allows local authenticate ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0376 (Buffer overflow in the HTTP proxy server for the i-drive Filo software ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0375 (The kernel in FreeBSD 3.2 follows symbolic links when it creates core ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0374 (The default configuration of kdm in Caldera and Mandrake Linux, and po ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0373 (Vulnerabilities in the KDE kvt terminal program allow local users to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0372 (Vulnerability in Caldera rmt command in the dump package 0.4b4 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0371 (The libmediatool library used for the KDE mediatool allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0370 (The debug option in Caldera Linux smail allows remote attackers to exe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0369 (The IDENT server in Caldera Linux 2.3 creates multiple threads for eac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0368 (Classic Cisco IOS 9.1 and later allows attackers with access to the lo ...) NOT-FOR-US: Cisco CVE-2000-0367 (Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0366 (dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0363 (Linux cdwtools 093 and earlier allows local users to gain root privile ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0362 (Buffer overflows in Linux cdwtools 093 and earlier allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0361 (The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0360 (Buffer overflow in INN 2.2.1 and earlier allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0359 (Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0356 (Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0354 (mirror 2.8.x in Linux systems allows remote attackers to create files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0353 (Pine 4.x allows a remote attacker to execute arbitrary commands via an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0352 (Pine before version 4.21 does not properly filter shell metacharacters ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0351 (Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0350 (A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0349 (Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0348 (A vulnerability in the Sendmail configuration file sendmail.cf as inst ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0347 (Windows 95 and Windows 98 allow a remote attacker to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0346 (AppleShare IP 6.1 and later allows a remote attacker to read potential ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0344 (The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0342 (Eudora 4.x allows remote attackers to bypass the user warning for exec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0341 (ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0340 (Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0339 (ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0338 (Concurrent Versions Software (CVS) uses predictable temporary file nam ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0337 (Buffer overflow in Xsun X server in Solaris 7 allows local users to ga ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0336 (Linux OpenLDAP server allows local users to modify arbitrary files via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0335 (The resolver in glibc 2.1.3 uses predictable IDs, which allows a local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0334 (The Allaire Spectra container editor preview tool does not properly en ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0332 (UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0331 (Buffer overflow in Microsoft command processor (CMD.EXE) for Windows N ...) NOT-FOR-US: Microsoft CVE-2000-0330 (The networking software in Windows 95 and Windows 98 allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0329 (A Microsoft ActiveX control allows a remote attacker to execute a mali ...) NOT-FOR-US: Microsoft CVE-2000-0328 (Windows NT 4.0 generates predictable random TCP initial sequence numbe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0327 (Microsoft Virtual Machine (VM) allows remote attackers to escape the J ...) NOT-FOR-US: Microsoft CVE-2000-0324 (pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0323 (The Microsoft Jet database engine allows an attacker to modify text fi ...) NOT-FOR-US: Microsoft CVE-2000-0322 (The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Packa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0320 (Qpopper 2.53 and 3.0 does not properly identify the \n string which id ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0319 (mail.local in Sendmail 8.10.x does not properly identify the .\n strin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0318 (Atrium Mercur Mail Server 3.2 allows local attackers to read other use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0316 (Buffer overflow in Solaris 7 lp allows local users to gain root privil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0315 (traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0314 (traceroute in NetBSD 1.3.3 and Linux systems allows local users to flo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0313 (Vulnerability in OpenBSD 2.6 allows a local user to change interface m ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0311 (The Windows 2000 domain controller allows a malicious user to modify A ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0310 (IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0309 (The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0308 (Insecure file permissions for Netscape FastTrack Server 2.x, Enterpris ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0307 (Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0306 (Buffer overflow in calserver in SCO OpenServer allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0305 (Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0304 (Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory install ...) NOT-FOR-US: Microsoft CVE-2000-0303 (Quake3 Arena allows malicious server operators to read or modify files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0302 (Microsoft Index Server allows remote attackers to view the source code ...) NOT-FOR-US: Microsoft CVE-2000-0301 (Ipswitch IMAIL server 6.02 and earlier allows remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0298 (The unattended installation of Windows 2000 with the OEMPreinstall opt ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0297 (Allaire Forums 2.0.5 allows remote attackers to bypass access restrict ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0296 (fcheck allows local users to gain privileges by embedding shell metach ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0294 (Buffer overflow in healthd for FreeBSD allows local users to gain root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0292 (The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0290 (Buffer overflow in Webstar HTTP server allows remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0289 (IP masquerading in Linux 2.2.x allows remote attackers to route UDP pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0287 (The BizDB CGI script bizdb-search.cgi allows remote attackers to execu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0285 (Buffer overflow in XFree86 3.3.x allows local users to execute arbitra ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0283 (The default installation of IRIX Performance Copilot allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0282 (TalentSoft webpsvr daemon in the Web+ shopping cart application allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0279 (BeOS allows remote attackers to cause a denial of service via malforme ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0278 (The SalesLogix Eviewer allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0277 (Microsoft Excel 97 and 2000 does not warn the user when executing Exce ...) NOT-FOR-US: Microsoft CVE-2000-0276 (BeOS 4.5 and 5.0 allow local users to cause a denial of service via ma ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0274 (The Linux trustees kernel patch allows attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0273 (PCAnywhere allows remote attackers to cause a denial of service by ter ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0272 (RealNetworks RealServer allows remote attackers to cause a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0268 (Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of s ...) NOT-FOR-US: Cisco CVE-2000-0267 (Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode ...) NOT-FOR-US: Cisco CVE-2000-0265 (Panda Security 3.0 allows users to uninstall the Panda software via it ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0264 (Panda Security 3.0 with registry editing disabled allows users to edit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0263 (The X font server xfs in Red Hat Linux 6.x allows an attacker to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0262 (The AVM KEN! ISDN Proxy server allows remote attackers to cause a deni ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0261 (The AVM KEN! web server allows remote attackers to read arbitrary file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0260 (Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 ...) NOT-FOR-US: Microsoft CVE-2000-0258 (IIS 4.0 and 5.0 allows remote attackers to cause a denial of service b ...) NOT-FOR-US: Microsoft CVE-2000-0257 (Buffer overflow in the NetWare remote web administration utility allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0255 (The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0254 (The dansie shopping cart application cart.pl allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0253 (The dansie shopping cart application cart.pl allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0252 (The dansie shopping cart application cart.pl allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0251 (HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0249 (The AIX Fast Response Cache Accelerator (FRCA) allows local users to m ...) NOT-FOR-US: AIX CVE-2000-0247 (Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0246 (IIS 4.0 and 5.0 does not properly perform ISAPI extension processing i ...) NOT-FOR-US: Microsoft CVE-2000-0245 (Vulnerability in SGI IRIX objectserver daemon allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0243 (AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0240 (vqSoft vqServer program allows remote attackers to read arbitrary file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0238 (Buffer overflow in the web server for Norton AntiVirus for Internet Em ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0237 (Netscape Enterprise Server with Web Publishing enabled allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0236 (Netscape Enterprise Server with Directory Indexing enabled allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0235 (Buffer overflow in the huh program in the orville-write package allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0234 (The default configuration of Cobalt RaQ2 and RaQ3 as specified in acce ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0233 (SuSE Linux IMAP server allows remote attackers to bypass IMAP authenti ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0232 (Microsoft TCP/IP Printing Services, aka Print Services for Unix, allow ...) NOT-FOR-US: Microsoft CVE-2000-0231 (Linux kreatecd trusts a user-supplied path that is used to find the cd ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0230 (Buffer overflow in imwheel allows local users to gain root privileges ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0229 (gpm-root in the gpm package does not properly drop privileges, which a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0228 (Microsoft Windows Media License Manager allows remote attackers to cau ...) NOT-FOR-US: Microsoft CVE-2000-0226 (IIS 4.0 allows attackers to cause a denial of service by requesting a ...) NOT-FOR-US: Microsoft CVE-2000-0225 (The Pocsag POC32 program does not properly prevent remote users from a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0224 (ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0223 (Buffer overflow in the wmcdplay CD player program for the WindowMaker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0222 (The installation for Windows 2000 does not activate the Administrator ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0221 (The Nautica Marlin bridge allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0218 (Buffer overflow in Linux mount and umount allows local users to gain r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0217 (The default configuration of SSH allows X forwarding, which could allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0215 (Vulnerability in SCO cu program in UnixWare 7.x allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0212 (InterAccess TelnetD Server 4.0 allows remote attackers to conduct a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0211 (The Windows Media server allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0210 (The lit program in Sun Flex License Manager (FlexLM) follows symlinks, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0209 (Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0208 (The htdig (ht://Dig) CGI program htsearch allows remote attackers to r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0207 (SGI InfoSearch CGI program infosrch.cgi allows remote attackers to exe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0206 (The installation of Oracle 8.1.5.x on Linux follows symlinks and creat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0202 (Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow re ...) NOT-FOR-US: Microsoft CVE-2000-0201 (The window.showHelp() method in Internet Explorer 5.x does not restric ...) NOT-FOR-US: Microsoft CVE-2000-0200 (Buffer overflow in Microsoft Clip Art Gallery allows remote attackers ...) NOT-FOR-US: Microsoft CVE-2000-0196 (Buffer overflow in mhshow in the Linux nmh package allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0195 (setxconf in Corel Linux allows local users to gain root access via the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0194 (buildxconf in Corel Linux allows local users to modify or create arbit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0193 (The default configuration of Dosemu in Corel Linux 1.0 allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0192 (The default installation of Caldera OpenLinux 2.3 includes the CGI pro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0191 (Axis StorPoint CD allows remote attackers to access administrator URLs ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0189 (ColdFusion Server 4.x allows remote attackers to determine the real pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0186 (Buffer overflow in the dump utility in the Linux ext2fs backup package ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0185 (RealMedia RealServer reveals the real IP address of a Real Server, eve ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0184 (Linux printtool sets the permissions of printer configuration files to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0183 (Buffer overflow in ircII 4.4 IRC client allows remote attackers to exe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0182 (iPlanet Web Server 4.1 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0181 (Firewall-1 3.0 and 4.0 leaks packets with private IP address informati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0180 (Sojourn search engine allows remote attackers to read arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0179 (HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0178 (ServerIron switches by Foundry Networks have predictable TCP/IP sequen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0175 (Buffer overflow in StarOffice StarScheduler web server allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0174 (StarOffice StarScheduler web server allows remote attackers to read ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0172 (The mtr program only uses a seteuid call when attempting to drop privi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0171 (atsadc in the atsar package for Linux does not properly check the perm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0170 (Buffer overflow in the man program in Linux allows local users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0169 (Batch files in the Oracle web listener ows-bin directory allow remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0168 (Microsoft Windows 9x operating systems allow an attacker to cause a de ...) NOT-FOR-US: Microsoft CVE-2000-0166 (Buffer overflow in the InterAccess telnet server TelnetD allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0165 (The Delegate application proxy has several buffer overflows which allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0164 (The installation of Sun Internet Mail Server (SIMS) creates a world-re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0162 (The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x al ...) NOT-FOR-US: Microsoft CVE-2000-0161 (Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not ...) NOT-FOR-US: Microsoft CVE-2000-0159 (HP Ignite-UX does not save /etc/passwd when it creates an image of a t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0157 (NetBSD ptrace call on VAX allows local users to gain privileges by mod ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0156 (Internet Explorer 4.x and 5.x allows remote web servers to access file ...) NOT-FOR-US: Microsoft CVE-2000-0152 (Remote attackers can cause a denial of service in Novell BorderManager ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0150 (Check Point Firewall-1 allows remote attackers to bypass port access r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0149 (Zeus web server allows remote attackers to view the source code for CG ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0148 (MySQL 3.22 allows remote attackers to bypass password authentication a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0146 (The Java Server in the Novell GroupWise Web Access Enhancement Pack al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0145 (The libguile.so library file used by gnucash in Debian GNU/Linux is in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0144 (Axis 700 Network Scanner does not properly restrict access to administ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0141 (Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0140 (Internet Anywhere POP3 Mail Server allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0139 (Internet Anywhere POP3 Mail Server allows local users to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0131 (Buffer overflow in War FTPd 1.6x allows users to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0130 (Buffer overflow in SCO scohelp program allows remote attackers to exec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0128 (The Finger Server 0.82 allows remote attackers to execute commands via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0127 (The Webspeed configuration program does not properly disable access to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0121 (The Recycle Bin utility in Windows NT and Windows 2000 allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0120 (The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0117 (The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Adm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0116 (Firewall-1 does not properly filter script tags, which allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0113 (The SyGate Remote Management program does not properly restrict access ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0112 (The default installation of Debian GNU/Linux uses an insecure Master B ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0111 (The RightFax web client uses predictable session numbers, which allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0107 (Linux apcd program allows local attackers to modify arbitrary files vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0100 (The SMS Remote Control program is installed with insecure permissions, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0099 (Buffer overflow in UnixWare ppptalk command allows local users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0098 (Microsoft Index Server allows remote attackers to determine the real p ...) NOT-FOR-US: Microsoft CVE-2000-0097 (The WebHits ISAPI filter in Microsoft Index Server allows remote attac ...) NOT-FOR-US: Microsoft CVE-2000-0095 (The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0094 (procfs in BSD systems allows local users to gain root privileges by mo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0092 (The BSD make program allows local users to modify files via a symlink ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0091 (Buffer overflow in vchkpw/vpopmail POP authentication package allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0090 (VMWare 1.1.2 allows local users to cause a denial of service via a sym ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0089 (The rdisk utility in Microsoft Terminal Server Edition and Windows NT ...) NOT-FOR-US: Microsoft CVE-2000-0088 (Buffer overflow in the conversion utilities for Japanese, Korean and C ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0087 (Netscape Mail Notification (nsnotify) utility in Netscape Communicator ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0083 (HP asecure creates the Audio Security File audio.sec with insecure per ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0080 (AIX techlibss allows local users to overwrite files via a symlink atta ...) NOT-FOR-US: AIX CVE-2000-0076 (nviboot boot script in the Debian nvi package allows local users to de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0075 (Super Mail Transfer Package (SMTP), later called MsgCore, has a memory ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0073 (Buffer overflow in Microsoft Rich Text Format (RTF) reader allows atta ...) NOT-FOR-US: Microsoft CVE-2000-0072 (Visual Casel (Vcasel) does not properly prevent users from executing f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0070 (NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0065 (Buffer overflow in InetServ 3.0 allows remote attackers to execute com ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0064 (cgiproc CGI script in Nortel Contivity HTTP server allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0063 (cgiproc CGI script in Nortel Contivity HTTP server allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0062 (The DTML implementation in the Z Object Publishing Environment (Zope) ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0060 (Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0057 (Cold Fusion CFCACHE tag places temporary cache files within the web do ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0056 (IMail IMONITOR status.cgi CGI script allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0053 (Microsoft Commercial Internet System (MCIS) IMAP server allows remote ...) NOT-FOR-US: Microsoft CVE-2000-0052 (Red Hat userhelper program in the usermode package allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0051 (The Allaire Spectra Configuration Wizard allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0050 (The Allaire Spectra Webtop allows authenticated users to access other ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0048 (get_it program in Corel Linux Update allows local users to gain root a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0045 (MySQL allows local users to modify passwords for arbitrary MySQL users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0044 (Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0043 (Buffer overflow in CamShot WebCam HTTP server allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0042 (Buffer overflow in CSM mail server allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0041 (Macintosh systems generate large ICMP datagrams in response to malform ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0040 (glFtpD allows local users to gain privileges via metacharacters in the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0039 (AltaVista search engine allows remote attackers to read files above th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0037 (Majordomo wrapper allows local users to gain privileges by specifying ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0036 (Outlook Express 5 for Macintosh downloads attachments to HTML mail wit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0034 (Netscape 4.7 records user passwords in the preferences.js file during ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0033 (InterScan VirusWall SMTP scanner does not properly scan messages with ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0032 (Solaris dmi_cmd allows local users to crash the dmispd daemon by addin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0031 (The initscripts package in Red Hat Linux allows local users to gain pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0030 (Solaris dmispd dmi_cmd allows local users to fill up restricted disk s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0029 (UnixWare pis and mkpis commands allow local users to gain privileges v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0027 (IBM Network Station Manager NetStation allows local users to gain priv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0026 (Buffer overflow in UnixWare i2odialogd daemon allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0025 (IIS 4.0 and Site Server 3.0 allow remote attackers to read source code ...) NOT-FOR-US: Microsoft CVE-2000-0024 (IIS does not properly canonicalize URLs, potentially allowing remote a ...) NOT-FOR-US: Microsoft CVE-2000-0023 (Buffer overflow in Lotus Domino HTTP server allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0022 (Lotus Domino HTTP server does not properly disable anonymous access fo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0020 (DNS PRO allows remote attackers to conduct a denial of service via a l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0018 (wmmon in FreeBSD allows local users to gain privileges via the .wmmonr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0015 (CascadeView TFTP server allows local users to gain privileges via a sy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0014 (Denial of service in Savant web server via a null character in the req ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0013 (IRIX soundplayer program allows local users to gain privileges by incl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0012 (Buffer overflow in w3-msql CGI program in miniSQL package allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0011 (Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0010 (WebWho+ whois.cgi program allows remote attackers to execute commands ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0009 (The bna_pass program in Optivity NETarchitect uses the PATH environmen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0007 (Trend Micro PC-Cillin does not restrict access to its internal proxy p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0006 (strace allows local users to read arbitrary files via memory mapped fi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0004 (ZBServer Pro allows remote attackers to read source code for executabl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0003 (Buffer overflow in UnixWare rtpm program allows local users to gain pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0002 (Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0001 (RealMedia server allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1214 (Buffer overflows in the (1) outpack or (2) buf variables of ping in ip ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1213 (ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1209 (The "sa" account is installed with a default null password on (1) Micr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1208 (Format string vulnerability in startprinting() function of printjob.c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1207 (userhelper in the usermode package on Red Hat Linux executes non-setui ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1206 (Vulnerability in Apache httpd before 1.3.11, when configured for mass ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1205 (Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 al ...) - apache 1.3.11 (unimportant) NOTE: only an example script /usr/share/doc/apache-common/examples/ CVE-2000-1204 (Vulnerability in the mod_vhost_alias virtual hosting module for Apache ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1202 (ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1201 (Check Point FireWall-1 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1199 (PostgreSQL stores usernames and passwords in plaintext in (1) pg_shado ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1198 (qpopper POP server creates lock files with predictable names, which al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1197 (POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and oth ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1194 (Argosoft FRP server 1.0 allows remote attackers to cause a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1192 (Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1191 (htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1188 (Directory traversal vulnerability in Quikstore shopping cart program a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1186 (Buffer overflow in phf CGI program allows remote attackers to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1185 (The telnet proxy in RideWay PN proxy server allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1183 (Buffer overflow in socks5 server on Linux allows attackers to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1177 (bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1176 (Directory traversal vulnerability in YaBB search.pl CGI script allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1175 (Buffer overflow in Koules 1.4 allows local users to execute arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1173 (Microsys CyberPatrol uses weak encryption (trivial encoding) for credi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1172 (Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1168 (IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1161 (The installation of AdCycle banner management system leaves the build. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1160 (NAI Sniffer Agent allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1159 (NAI Sniffer Agent allows remote attackers to gain privileges on the ag ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1158 (NAI Sniffer Agent uses base64 encoding for authentication, which allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1157 (Buffer overflow in NAI Sniffer Agent allows remote attackers to execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1156 (StarOffice 5.2 follows symlinks and sets world-readable permissions fo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1155 (RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1154 (RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1153 (PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1152 (Browser IRC client in BeOS r5 pro and earlier allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1151 (Baxter IRC client in BeOS r5 pro and earlier allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1150 (Felix IRC client in BeOS r5 pro and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1147 (Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers t ...) NOT-FOR-US: Microsoft CVE-2000-1138 (Lotus Notes R5 client R5.0.5 and earlier does not properly warn users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1134 (Multiple shell programs on various Unix systems, including (1) tcsh, ( ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1133 (Authentix Authentix100 allows remote attackers to bypass authenticatio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1130 (McAfee WebShield SMTP 4.5 allows remote attackers to bypass email cont ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1129 (McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1128 (The default configuration of McAfee VirusScan 4.5 does not quote the I ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1127 (registrar in the HP resource monitor service allows local users to rea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1126 (Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1125 (restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname sp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1118 (24Link 1.06 web server allows remote attackers to bypass access restri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1117 (The Extended Control List (ECL) feature of the Java Virtual Machine (J ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1116 (Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1114 (Unify ServletExec AS v3.0C allows remote attackers to read source code ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1110 (document.d2w CGI program in the IBM Net.Data db2www package allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1105 (The ixsso.query ActiveX Object is marked as safe for scripting, which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1104 (Variant of the "IIS Cross-Site Scripting" vulnerability as originally ...) NOT-FOR-US: Microsoft CVE-2000-1103 (rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before exe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1102 (PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1100 (The default configuration for PostACI webmail system installs the /inc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1098 (The web server for the SonicWALL SOHO firewall allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1093 (Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1092 (loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1090 (Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attacker ...) NOT-FOR-US: Microsoft CVE-2000-1088 (The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Se ...) NOT-FOR-US: Microsoft CVE-2000-1087 (The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL S ...) NOT-FOR-US: Microsoft CVE-2000-1086 (The xp_printstatements function in Microsoft SQL Server 2000 and SQL S ...) NOT-FOR-US: Microsoft CVE-2000-1085 (The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server ...) NOT-FOR-US: Microsoft CVE-2000-1084 (The xp_updatecolvbm function in SQL Server and Microsoft SQL Server De ...) NOT-FOR-US: Microsoft CVE-2000-1083 (The xp_showcolv function in SQL Server and Microsoft SQL Server Deskto ...) NOT-FOR-US: Microsoft CVE-2000-1082 (The xp_enumresultset function in SQL Server and Microsoft SQL Server D ...) NOT-FOR-US: Microsoft CVE-2000-1081 (The xp_displayparamstmt function in SQL Server and Microsoft SQL Serve ...) NOT-FOR-US: Microsoft CVE-2000-1079 (Interactions between the CIFS Browser Protocol and NetBIOS as implemen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1078 (ICQ Web Front HTTPd allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1076 (Netscape (iPlanet) Certificate Management System 4.2 and Directory Ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1066 (The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly ot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1065 (Vulnerability in IP implementation of HP JetDirect printer card Firmwa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1064 (Buffer overflow in the LPD service in HP JetDirect printer card Firmwa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1063 (Buffer overflow in the Telnet service in HP JetDirect printer card Fir ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1062 (Buffer overflow in the FTP service in HP JetDirect printer card Firmwa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1053 (Allaire JRun 2.3.3 server allows remote attackers to compile and execu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1052 (Allaire JRun 2.3 server allows remote attackers to obtain source code ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1048 (Directory traversal vulnerability in the logfile service of Wingate 4. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1046 (Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1039 (Various TCP/IP stacks and network applications allow remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1037 (Check Point Firewall-1 session agent 3.0 through 4.1 generates differe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1035 (Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1033 (Serv-U FTP Server allows remote attackers to bypass its anti-hammering ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1030 (CS&T CorporateTime for the Web returns different error messages fo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1029 (Buffer overflow in host command allows a remote attacker to execute ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1028 (Buffer overflow in cu program in HP-UX 11.0 may allow local users to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1025 (eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1023 (The Alabanza Control Panel does not require passwords to access admini ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1021 (Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1020 (Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1017 (Webteachers Webdata allows remote attackers with valid Webdata account ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1015 (The default configuration of Slashcode before version 2.0 Alpha has a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1013 (The setlocale function in FreeBSD 5.0 and earlier, and possibly other ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1012 (The catopen function in FreeBSD 5.0 and earlier, and possibly other OS ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1009 (dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH env ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-1008 (PalmOS 3.5.2 and earlier uses weak encryption to store the user passwo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0999 (Format string vulnerabilities in OpenBSD ssh program (and possibly oth ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0998 (Format string vulnerability in top program allows local attackers to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0997 (Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0988 (WinU 1.0 through 5.1 has a backdoor password that allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0987 (Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0986 (Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0985 (Buffer overflow in All-Mail 1.1 allows remote attackers to execute arb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0971 (Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0963 (Buffer overflow in ncurses library allows local users to execute arbit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0955 (Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to sto ...) NOT-FOR-US: Cisco CVE-2000-0954 (Shambala Server 4.5 stores passwords in plaintext, which could allow l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0950 (Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0940 (Directory traversal vulnerability in Metertek pagelog.cgi allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0939 (Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0931 (Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0918 (Format string vulnerability in kvt in KDE 1.1.2 may allow local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0916 (FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0907 (EServ 2.92 Build 2982 allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0906 (Directory traversal vulnerability in Moreover.com cached_feed.cgi scri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0905 (QNX Embedded Resource Manager in Voyager web server 2.01B in the demo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0904 (Voyager web server 2.01B in the demo disks for QNX 405 stores sensitiv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0903 (Directory traversal vulnerability in Voyager web server 2.01B in the d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0902 (getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to rea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0899 (Small HTTP Server 2.01 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0898 (Small HTTP Server 2.01 does not properly process Server Side Includes ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0893 (The presence of the Distributed GL Daemon (dgld) service on port 5232 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0889 (Two Sun security certificates have been compromised, which could allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0885 (Buffer overflows in Microsoft Network Monitor (Netmon) allow remote at ...) NOT-FOR-US: Microsoft CVE-2000-0882 (Intel Express 500 series switches allow a remote attacker to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0881 (The dccscan setuid program in LPPlus does not properly check if the us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0880 (LPPlus creates the lpdprocess file with world-writeable permissions, w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0879 (LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0872 (explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0866 (Interbase 6 SuperServer for Linux allows an attacker to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0857 (The logging capability in muh 2.05d IRC server does not properly clean ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0855 (SunFTP build 9(1) allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0845 (kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0843 (Buffer overflow in pam_smb and pam_ntdom pluggable authentication modu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0842 (The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0841 (Buffer overflow in XMail POP3 server before version 0.59 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0840 (Buffer overflow in XMail POP3 server before version 0.59 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0836 (Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0835 (search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0833 (Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0832 (Htgrep CGI program allows remote attackers to read arbitrary files by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0831 (Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0828 (Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Interne ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0827 (Buffer overflow in the web authorization form of Mobius DocumentDirect ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0826 (Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0817 (Buffer overflow in the HTTP protocol parser for Microsoft Network Moni ...) NOT-FOR-US: Microsoft CVE-2000-0812 (The administration module in Sun Java web server allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0802 (The BAIR program does not properly restrict access to the Internet Exp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0801 (Buffer overflow in bdf program in HP-UX 11.00 may allow local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0800 (String parsing error in rpc.kstatd in the linuxnfs or knfsd packages i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0798 (The truncate function in IRIX 6.x does not properly check for privileg ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0794 (Buffer overflow in IRIX libgl.so library allows local users to gain ro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0793 (Norton AntiVirus 5.00.01C with the Novell Netware client does not prop ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0791 (Trustix installs the httpsd program for Apache-SSL with world-writeabl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0789 (WinU 5.x and earlier uses weak encryption to store its configuration p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0785 (WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0784 (sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-code ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0775 (Buffer overflow in RobTex Viking server earlier than 1.06-370 allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0774 (The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0772 (The installation of Tumbleweed Messaging Management System (MMS) 4.6 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0769 (O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with exec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0760 (The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0759 (Jakarta Tomcat 3.1 under Apache reveals physical path information when ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0757 (The sysgen service in Aptis Totalbill does not perform authentication, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0756 (Microsoft Outlook 2000 does not properly process long or malformed fie ...) NOT-FOR-US: Microsoft CVE-2000-0755 (Vulnerability in the newgrp command in HP-UX 11.00 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0752 (Buffer overflows in brouted in FreeBSD and possibly other OSes allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0748 (OpenLDAP 1.2.11 and earlier improperly installs the ud binary with gro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0746 (Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cro ...) NOT-FOR-US: Microsoft CVE-2000-0736 (Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0735 (Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0734 (eEye IRIS 1.01 beta allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0724 (The go-gnome Helix GNOME pre-installer allows local users to overwrite ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0723 (Helix GNOME Updater helix-update 0.5 and earlier does not properly cre ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0722 (Helix GNOME Updater helix-update 0.5 and earlier allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0721 (The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip pack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0719 (VariCAD 7.0 is installed with world-writeable files, which allows loca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0715 (DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0714 (umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0713 (Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0710 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions ...) NOT-FOR-US: Microsoft CVE-2000-0709 (The shtml.exe component of Microsoft FrontPage 2000 Server Extensions ...) NOT-FOR-US: Microsoft CVE-2000-0704 (Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0701 (The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0697 (The administration interface for the dwhttpd web server in Solaris Ans ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0696 (The administration interface for the dwhttpd web server in Solaris Ans ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0695 (Buffer overflows in pgxconfig in the Raptor GFX configuration tool all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0692 (ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a deni ...) - kdebase 4:2.2.2-14.6 CVE-2000-0691 (The faxrunq and faxrunqd in the mgetty package allows local users to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0690 (Auction Weaver CGI script 1.02 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0689 (Account Manager LITE does not properly authenticate attempts to change ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0688 (Subscribe Me LITE does not properly authenticate attempts to change th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0687 (Auction Weaver CGI script 1.03 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0686 (Auction Weaver CGI script 1.03 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0680 (The CVS 1.10.8 server does not properly restrict users from creating a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0667 (Vulnerability in gpm in Caldera Linux allows local users to delete arb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0659 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0658 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0657 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0656 (Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0653 (Microsoft Outlook Express allows remote attackers to monitor a user's ...) NOT-FOR-US: Microsoft CVE-2000-0649 (IIS 4.0 allows remote attackers to obtain the internal IP address of t ...) NOT-FOR-US: Microsoft CVE-2000-0648 (WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0647 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0646 (WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0645 (WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0629 (The default configuration of the Sun Java web server 2.0 and earlier a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0626 (Buffer overflow in Alibaba web server allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0625 (NetZero 3.0 and earlier uses weak encryption for storing a user's logi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0623 (Buffer overflow in O'Reilly WebSite Professional web server 2.4 and ea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0618 (Buffer overflow in xconq and cconq game programs on Red Hat Linux allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0617 (Buffer overflow in xconq and cconq game programs on Red Hat Linux allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0614 (Tnef program in Linux systems allows remote attackers to overwrite arb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0612 (Windows 95 and Windows 98 do not properly process spoofed ARP packets, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0609 (NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0608 (NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0607 (Buffer overflow in fld program in Kanji on Console (KON) package on Li ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0606 (Buffer overflow in kon program in Kanji on Console (KON) package on Li ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0605 (Blackboard CourseInfo 4.0 stores the local and SQL administrator user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0592 (Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0589 (SawMill 5.0.21 uses weak encryption to store passwords, which allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0580 (Windows 2000 Server allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0578 (SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0574 (FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0572 (The Razor configuration management tool uses weak encryption for its p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0564 (The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0563 (The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0562 (BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0559 (eTrust Intrusion Detection System (formerly SessionWall-3) uses weak e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0554 (Ceilidh allows remote attackers to obtain the real path of the Ceilidh ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0547 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0546 (Buffer overflow in Kerberos 4 KDC program allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0545 (Buffer overflow in mailx mail command (aka Mail) on Linux systems allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0544 (Windows NT and Windows 2000 hosts allow a remote attacker to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0543 (The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0535 (OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0531 (Linux gpm program allows local users to cause a denial of service by f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0527 (userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0526 (mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0524 (Microsoft Outlook and Outlook Express allow remote attackers to cause ...) NOT-FOR-US: Microsoft CVE-2000-0520 (Buffer overflow in restore program 0.4b17 and earlier in dump package ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0509 (Buffer overflows in the finger and whois demonstration scripts in Samb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0503 (The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows ...) NOT-FOR-US: Microsoft CVE-2000-0492 (PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0491 (Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0487 (The Protected Store in Windows 2000 does not properly select the stron ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0480 (Dragon telnet server allows remote attackers to cause a denial of serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0479 (Dragon FTP server allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0476 (xterm, Eterm, and rxvt allow an attacker to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0473 (Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0450 (Vulnerability in bbd server in Big Brother System and Network Monitor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0449 (Omnis Studio 2.4 uses weak encryption (trivial encoding) for encryptin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0444 (HP Web JetAdmin 6.0 allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0434 (The administrative password for the Allmanage web site administration ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0433 (The SuSE aaa_base package installs some system accounts with home dire ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0429 (A backdoor password in Cart32 3.0 and earlier allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0423 (Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0422 (Buffer overflow in Netwin DMailWeb CGI program allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0420 (The default configuration of SYSKEY in Windows 2000 stores the startup ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0415 (Buffer overflow in Outlook Express 4.x allows attackers to cause a den ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0413 (The shtml.exe program in the FrontPage extensions package of IIS 4.0 a ...) NOT-FOR-US: Microsoft CVE-2000-0412 (The gnapster and knapster clients for Napster do not properly restrict ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0401 (Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0400 (The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does ...) NOT-FOR-US: Microsoft CVE-2000-0386 (FileMaker Pro 5 Web Companion allows remote attackers to send anonymou ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0385 (FileMaker Pro 5 Web Companion allows remote attackers to bypass Field- ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0384 (NetStructure 7110 and 7180 have undocumented accounts (servnow, root, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0383 (The file transfer component of AOL Instant Messenger (AIM) reveals the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0365 (Red Hat Linux 6.0 installs the /dev/pts file system with insecure mode ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0364 (screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0358 (ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0357 (ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random n ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0355 (pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0345 (The on-line help system options in Cisco routers allows non-privileged ...) NOT-FOR-US: Cisco CVE-2000-0343 (Buffer overflow in Sniffit 0.3.x with the -L logging option enabled al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0333 (tcpdump, Ethereal, and other sniffer packages allow remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0326 (Meeting Maker uses weak encryption (a polyalphabetic substitution ciph ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0325 (The Microsoft Jet database engine allows an attacker to execute comman ...) NOT-FOR-US: Microsoft CVE-2000-0321 (Buffer overflow in IC Radius package allows a remote attacker to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0317 (Buffer overflow in Solaris 7 lpset allows local users to gain root pri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0312 (cron in OpenBSD 2.5 allows local users to gain root privileges via an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0300 (The default encryption method of PcAnywhere 9.x uses weak encryption, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0299 (Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 pack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0295 (Buffer overflow in LCDproc allows remote attackers to gain root privil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0293 (aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0291 (Buffer overflow in Star Office 5.1 allows attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0288 (Infonautics getdoc.cgi allows remote attackers to bypass the payment p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0286 (X fontserver xfs allows local users to cause a denial of service via m ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0284 (Buffer overflow in University of Washington imapd version 4.7 allows u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0281 (Buffer overflow in the Napster client beta 5 allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0280 (Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0275 (CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0271 (read-passwd and other Lisp functions in Emacs 20 do not properly clear ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0270 (The make-temp-name Lisp function in Emacs 20 creates temporary files w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0269 (Emacs 20 does not properly set permissions for a slave PTY device when ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0266 (Internet Explorer 5.01 allows remote attackers to bypass the cross fra ...) NOT-FOR-US: Microsoft CVE-2000-0259 (The default permissions for the Cryptography\Offload registry key used ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0256 (Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 9 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0250 (The crypt function in QNX uses weak encryption, which allows local use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0248 (The web GUI for the Linux Virtual Server (LVS) software in the Red Hat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0244 (The Citrix ICA (Independent Computing Architecture) protocol uses weak ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0242 (WindMail allows remote attackers to read arbitrary files or execute co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0241 (vqSoft vqServer stores sensitive information such as passwords in clea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0239 (Buffer overflow in the MERCUR WebView WebMail server allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0227 (The Linux 2.2.x kernel does not restrict the number of Unix domain soc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0220 (ZoneAlarm sends sensitive system and network information in cleartext ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0219 (Red Hat 6.0 allows local users to gain root access by booting single u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0216 (Microsoft email clients in Outlook, Exchange, and Windows Messaging au ...) NOT-FOR-US: Microsoft CVE-2000-0214 (FTP Explorer uses weak encryption for storing the username, password, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0213 (The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the C ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0205 (Trend Micro OfficeScan allows remote attackers to replay administrativ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0204 (The Trend Micro OfficeScan client allows remote attackers to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0203 (The Trend Micro OfficeScan client tmlisten.exe allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0199 (When a new SQL Server is registered in Enterprise Manager for Microsof ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0198 (Buffer overflow in POP3 and IMAP servers in the MERCUR mail server sui ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0197 (The Windows NT scheduler uses the drive mapping of the interactive use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0190 (AOL Instant Messenger (AIM) client allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0188 (EZShopper 3.0 search.cgi CGI script allows remote attackers to read ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0187 (EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0177 (DNSTools CGI applications allow remote attackers to execute arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0176 (The default configuration of Serv-U 2.5d and earlier allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0173 (Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0167 (IIS Inetinfo.exe allows local users to cause a denial of service by cr ...) NOT-FOR-US: Microsoft CVE-2000-0163 (asmon and ascpu in FreeBSD allow local users to gain root privileges v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0160 (The Microsoft Active Setup ActiveX component in Internet Explorer 4.x ...) NOT-FOR-US: Microsoft CVE-2000-0158 (Buffer overflow in MMDF server allows remote attackers to gain privile ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0155 (Windows NT Autorun executes the autorun.inf file on non-removable medi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0154 (The ARCserve agent in UnixWare allows local attackers to modify arbitr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0153 (FrontPage Personal Web Server (PWS) allows remote attackers to read fi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0151 (GNU make follows symlinks when it reads a Makefile from stdin, which a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0147 (snmpd in SCO OpenServer has an SNMP community string that is writable ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0143 (The SSH protocol server sshd allows local users without shell access t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0142 (The authentication protocol in Timbuktu Pro 2.0b650 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0138 (A system has a distributed denial of service (DDOS) attack master, age ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0137 (The CartIt shopping cart application allows remote users to modify sen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0136 (The Cart32 shopping cart application allows remote users to modify sen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0135 (The @Retail shopping cart application allows remote users to modify se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0134 (The Check It Out shopping cart application allows remote users to modi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0133 (Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0132 (Microsoft Java Virtual Machine allows remote attackers to read files v ...) NOT-FOR-US: Microsoft CVE-2000-0129 (Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0126 (Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote a ...) NOT-FOR-US: Microsoft CVE-2000-0125 (wwwthreads does not properly cleanse numeric data or table names that ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0124 (surfCONTROL SuperScout does not properly asign a category to web sites ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0123 (The shopping cart application provided with Filemaker allows remote us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0122 (Frontpage Server Extensions allows remote attackers to determine the p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0119 (The default configurations for McAfee Virus Scan and Norton Anti-Virus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0118 (The Red Hat Linux su program does not log failed password guesses if t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0115 (IIS allows local users to cause a denial of service via invalid regula ...) NOT-FOR-US: Microsoft CVE-2000-0114 (Frontpage Server Extensions allows remote attackers to determine the n ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0110 (The WebSiteTool shopping cart application allows remote users to modif ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0109 (The mcsp Client Site Processor system (MultiCSP) in Standard and Poor' ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0108 (The Intellivend shopping cart application allows remote users to modif ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0106 (The EasyCart shopping cart application allows remote users to modify s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0105 (Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers ...) NOT-FOR-US: Microsoft CVE-2000-0104 (The Shoptron shopping cart application allows remote users to modify s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0103 (The SmartCart shopping cart application allows remote users to modify ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0102 (The SalesCart shopping cart application allows remote users to modify ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0101 (The Make-a-Store OrderPage shopping cart application allows remote use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0096 (Buffer overflow in qpopper 3.0 beta versions allows local users to gai ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0093 (An installation of Red Hat uses DES password encryption with crypt() f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0086 (Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0085 (Hotmail does not properly filter JavaScript code from a user's mailbox ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0084 (CuteFTP uses weak encryption to store password information in its tree ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0082 (WebTV email client allows remote attackers to force the client to send ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0081 (Hotmail does not properly filter JavaScript code from a user's mailbox ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0079 (The W3C CERN httpd HTTP server allows remote attackers to determine th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0078 (The June 1999 version of the HP-UX aserver program allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0077 (The October 1998 version of the HP-UX aserver program allows local use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0074 (PowerScripts PlusMail CGI program allows remote attackers to execute c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0071 (IIS 4.0 allows a remote attacker to obtain the real pathname of the do ...) NOT-FOR-US: Microsoft CVE-2000-0069 (The recover program in Solstice Backup allows local users to restore s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0068 (daynad program in Intel InBusiness E-mail Station does not require aut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0067 (CyberCash Merchant Connection Kit (MCK) allows local users to modify f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0066 (WebSite Pro allows remote attackers to determine the real pathname of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0061 (Internet Explorer 5 does not modify the security zone for a document t ...) NOT-FOR-US: Microsoft CVE-2000-0059 (PHP3 with safe_mode enabled does not properly filter shell metacharact ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0058 (Network HotSync program in Handspring Visor does not have authenticati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0055 (Buffer overflow in Solaris chkperm command allows local users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0054 (search.cgi in the SolutionScripts Home Free package allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0049 (Buffer overflow in Winamp client allows remote attackers to execute co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0047 (Buffer overflow in Yahoo Pager/Messenger client allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0046 (Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0038 (glFtpD includes a default glftpd user account with a default password ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0035 (resend command in Majordomo allows local users to gain privileges via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0028 (Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the c ...) NOT-FOR-US: Microsoft CVE-2000-0021 (Lotus Domino HTTP server allows remote attackers to determine the real ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0019 (IMail POP3 daemon uses weak encryption, which allows local users to re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0017 (Buffer overflow in Linux linuxconf package allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0016 (Buffer overflow in Internet Anywhere POP3 Mail Server allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0008 (FTPPro allows local users to read sensitive information, which is stor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2000-0005 (HP-UX aserver program allows local users to gain privileges via a syml ...) NOT-FOR-US: Data pre-dating the Security Tracker