CVE-2001-1594 (GE Healthcare eNTEGRA P&R has a password of (1) entegra for the en ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1593 (The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlie ...) {DSA-2892-1} - a2ps 1:4.14-1.2 (low; bug #737385) CVE-2001-1592 REJECTED CVE-2001-1591 REJECTED CVE-2001-1590 REJECTED CVE-2001-1589 REJECTED CVE-2001-1588 REJECTED CVE-2001-1587 (NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows rem ...) NOT-FOR-US: Novell NetWare CVE-2001-1586 (Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1585 (SSH protocol 2 (aka SSH-2) public key authentication in the developmen ...) - openssh (fixed in 2001) CVE-2001-1584 (CardBoard 2.4 greeting card CGI by Michael Barretto allows remote atta ...) NOT-FOR-US: CardBoard CVE-2001-1583 (lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers t ...) NOT-FOR-US: Solaris CVE-2001-1582 (Buffer overflow in the LDAP naming services library (libsldap) in Sun ...) NOT-FOR-US: Solaris CVE-2001-1581 (The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows ...) NOT-FOR-US: MAILsweeper CVE-2001-XXXX [crypt++ passes passwords through the command line] - crypt++el 2.91-2.1 (bug #105562; low) CVE-2001-XXXX [gnupg: inproper flagging of signatures as being local] - gnupg 1.0.7-1 (bug #107374) CVE-2001-1580 (Directory traversal vulnerability in ScriptEase viewcode.jse for Netwa ...) NOT-FOR-US: ScriptEase CVE-2001-1579 (The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not ...) NOT-FOR-US: UnixWare/OpenUnix CVE-2001-1578 (Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local ...) NOT-FOR-US: SCO CVE-2001-1577 (Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 ...) NOT-FOR-US: CDE CVE-2001-1576 (Buffer overflow in cron in Caldera UnixWare 7 allows local users to ex ...) NOTE: insufficient info to check, but not same code base CVE-2001-1575 (Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing ...) NOT-FOR-US: Apple CVE-2001-1574 (Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Tren ...) NOT-FOR-US: Trend Micro InterScan VirusWall CVE-2001-1573 (Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3. ...) NOT-FOR-US: Trend Micro InterScan VirusWall CVE-2001-1572 (The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when ...) NOTE: presumably fixed in linux 2.4.12 CVE-2001-1571 (The Remote Desktop client in Windows XP sends the most recent user acc ...) NOT-FOR-US: Microsoft CVE-2001-1570 (Windows XP with fast user switching and account lockout enabled allows ...) NOT-FOR-US: Microsoft CVE-2001-1569 (Openwave WAP gateway does not verify the fully qualified domain name U ...) NOT-FOR-US: Openwave WAP gateway CVE-2001-1568 (CMG WAP gateway does not verify the fully qualified domain name URL wi ...) NOT-FOR-US: CMG WAP gateway CVE-2001-1567 (Lotus Domino server 5.0.9a and earlier allows remote attackers to bypa ...) NOT-FOR-US: Lotus Domino CVE-2001-1566 (Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0. ...) - vanessa-logger 0.0.2 CVE-2001-1565 (Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through ...) NOT-FOR-US: MacOS CVE-2001-1564 (setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 ...) NOT-FOR-US: HP-UX CVE-2001-1563 (Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linu ...) NOT-FOR-US: Tomcat 3.2.1 running on HP Secure OS CVE-2001-1562 (Format string vulnerability in nvi before 1.79 allows local users to g ...) - nvi 1.79-16a.1 NOTE: was DSA 085 CVE-2001-1561 (Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to e ...) NOTE: DSA 082 - xvt 2.1-13 CVE-2001-1560 (Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and X ...) NOT-FOR-US: Microsoft CVE-2001-1559 (The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide ...) NOT-FOR-US: OpenBSD CVE-2001-1558 (Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 ...) - snort 1.8.3 CVE-2001-1557 (Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gai ...) NOT-FOR-US: AIX CVE-2001-1556 (The log files in Apache web server contain information directly suppli ...) NOTE: documented issue in apache, unlikely to be changed NOTE: see http://httpd.apache.org/docs/logs.html CVE-2001-1555 (pt_chmod in Solaris 8 does not call fdetach to reset terminal privileg ...) NOT-FOR-US: Solaris CVE-2001-1554 (IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote ...) NOT-FOR-US: AIX CVE-2001-1553 (Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, ...) - setiathome (not suid in debian) CVE-2001-1552 (ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of ...) NOT-FOR-US: Microsoft CVE-2001-1551 (Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, whi ...) NOTE: no info in CVE db about fix CVE-2001-1550 (CentraOne 5.2 and Centra ASP with basic authentication enabled creates ...) NOT-FOR-US: Centra CVE-2001-1549 (Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filter ...) NOT-FOR-US: Tiny Personal Firewall CVE-2001-1548 (ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local u ...) NOT-FOR-US: Tiny Personal Firewall CVE-2001-1547 (Outlook Express 6.0, with "Do not allow attachments to be saved or ope ...) NOT-FOR-US: Outlook CVE-2001-1546 (Pathways Homecare 6.5 uses weak encryption for user names and password ...) NOT-FOR-US: Pathways Homecare CVE-2001-1545 (Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a. ...) NOT-FOR-US: Macromedia JRun CVE-2001-1544 (Directory traversal vulnerability in Macromedia JRun Web Server (JWS) ...) NOT-FOR-US: Macromedia JRun CVE-2001-1543 (Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default ...) NOT-FOR-US: Axis network camera CVE-2001-1542 (NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperl ...) NOT-FOR-US: NAI WebShield SMTP CVE-2001-1541 (Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3. ...) NOT-FOR-US: BSDI UUCP CVE-2001-1540 (IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denia ...) NOT-FOR-US: IPRoute router software NOTE: This is not for iproute/iproute2. NOTE: From Chris Gragsone's message on BUGTRAQ: NOTE: "IPRoute, by David F. Mischler, is PC-based router software NOTE: "for networks running the Internet Protocol (IP)." CVE-2001-1539 (Stack consumption vulnerability in Internet Explorer The JavaScript se ...) NOT-FOR-US: MSIE CVE-2001-1538 (SpeedXess HA-120 DSL router has a default administrative password of " ...) NOT-FOR-US: SpeedXess HA-120 DSL router CVE-2001-1537 (The default "basic" security setting' in config.php for TWIG webmail 2 ...) NOTE: current twig package seems to have secure cookies enabled NOTE: still uses "basic" security setting. CVE-2001-1536 (Autogalaxy stores usernames and passwords in cleartext in cookies, whi ...) NOT-FOR-US: Autogalaxy CVE-2001-1535 (Slashcode 2.0 creates new accounts with an 8-character random password ...) - slash 2.2.6-8 (bug #328927; low) [sarge] - slash (Lack of a security feature, minor security problem) CVE-2001-1534 (mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ...) - apache (bug #328919; unimportant) - apache2 (unimportant) NOTE: Cookies are only used for invading user privacy, NOTE: not for authentication, so apache and apache2 should be fine. CVE-2001-1533 (** DISPUTED * Microsoft Internet Security and Acceleration (ISA) Serve ...) NOT-FOR-US: Microsoft CVE-2001-1532 (WebX stores authentication information in the HTTP_REFERER variable, w ...) NOT-FOR-US: WebX CVE-2001-1531 (Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cau ...) NOT-FOR-US: Claris Emailer CVE-2001-1530 (run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-wri ...) NOTE: verified current webmin is ok CVE-2001-1529 (Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attac ...) NOT-FOR-US: AIX CVE-2001-1528 (AmTote International homebet program returns different error messages ...) NOT-FOR-US: AmTote International homebet CVE-2001-1527 (easyNews 1.5 and earlier stores administration passwords in cleartext ...) NOT-FOR-US: easynews CVE-2001-1526 (Cross-site scripting (XSS) vulnerability in the comments action in ind ...) NOT-FOR-US: easynews CVE-2001-1525 (Directory traversal vulnerability in the comments action in easyNews 1 ...) NOT-FOR-US: easynews CVE-2001-1524 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier ...) NOT-FOR-US: PHP-Nuke CVE-2001-1523 (Cross-site scripting (XSS) vulnerability in the DMOZGateway module for ...) NOT-FOR-US: PHP-Nuke CVE-2001-1522 (Cross-site scripting (XSS) vulnerability in im.php in IMessenger for P ...) NOT-FOR-US: PHP-Nuke CVE-2001-1521 (Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 ...) NOT-FOR-US: PHP-Nuke CVE-2001-1520 (Xircom REX 6000 allows local users to obtain the 10 digit PIN by start ...) NOT-FOR-US: Xircom REX CVE-2001-1519 (** DISPUTED ** RunAs (runas.exe) in Windows 2000 allows local users to ...) NOT-FOR-US: RunAs CVE-2001-1518 (RunAs (runas.exe) in Windows 2000 only creates one session instance at ...) NOT-FOR-US: RunAs CVE-2001-1517 (** DISPUTED ** RunAs (runas.exe) in Windows 2000 stores cleartext auth ...) NOT-FOR-US: RunAs CVE-2001-1516 (Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and ea ...) NOT-FOR-US: phpReview CVE-2001-1515 (Macintosh clients, when using NT file system volumes on Windows 2000 S ...) NOT-FOR-US: Macintosh clients, when using NT file system volumes on Windows CVE-2001-1514 (ColdFusion 4.5 and 5, when running on Windows with the advanced securi ...) NOT-FOR-US: ColdFusion CVE-2001-1513 (Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicat ...) NOT-FOR-US: JRun CVE-2001-1512 (Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to d ...) NOT-FOR-US: JRun CVE-2001-1511 (JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remot ...) NOT-FOR-US: JRun CVE-2001-1510 (Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, A ...) NOT-FOR-US: JRun CVE-2001-1509 (geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not p ...) NOT-FOR-US: HP-UX CVE-2001-1508 (Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows ...) - lprng (Not suid in Debian) - cups (Not suid in Debian) - cupsys (Not suid in Debian) CVE-2001-1507 (OpenSSH before 3.0.1 with Kerberos V enabled does not properly authent ...) - openssh 1:3.0.1 CVE-2001-1506 (Unknown vulnerability in the file system protection subsystem in HP Se ...) NOT-FOR-US: HP Secure OS layer CVE-2001-1505 (tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into u ...) - tinc 1.0pre5-1 CVE-2001-1504 (Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary ...) NOT-FOR-US: Lotus Notes CVE-2001-1503 (The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS ...) NOT-FOR-US: Sun CVE-2001-1502 (webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote atta ...) NOT-FOR-US: WebCart CVE-2001-1501 (The glob functionality in ProFTPD 1.2.1, and possibly other versions a ...) NOTE: Fix went into proftpd CVS on 2002-12-12 - proftpd 1.2.8-1 CVE-2001-1500 (ProFTPD 1.2.2rc2, and possibly other versions, does not properly verif ...) - proftpd 1.2.4-1 CVE-2001-1499 (Check Point VPN-1 4.1SP4 using SecuRemote returns different error mess ...) NOT-FOR-US: Check Point CVE-2001-1498 (Buffer overflow in mod_bf 0.2 allows local users to execute arbitrary ...) NOT-FOR-US: mod_bf CVE-2001-1497 (Microsoft Internet Explorer 4.0 through 6.0 could allow local users to ...) NOT-FOR-US: Microsoft CVE-2001-1496 (Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd ...) - thttpd 2.21 CVE-2001-1495 (network_query.php in Network Query Tool 1.0 allows remote attackers to ...) NOT-FOR-US: Network Query Tool CVE-2001-1494 (script command in the util-linux package before 2.11n allows local use ...) - util-linux 2.11n-1 CVE-2001-1492 REJECTED CVE-2001-1491 (Opera 5.11 allows remote attackers to cause a denial of service (CPU c ...) NOT-FOR-US: Opera CVE-2001-1490 (Mozilla 0.9.6 allows remote attackers to cause a denial of service (CP ...) NOTE: mozilla is quite easily DOSable with all sorts of large html NOTE: files, probably not worth following up on. CVE-2001-1489 (Microsoft Internet Explorer 6 allows remote attackers to cause a denia ...) NOT-FOR-US: Microsoft CVE-2001-1488 (Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 doe ...) NOT-FOR-US: Open Projects ircd CVE-2001-1487 (popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users ...) - qpopper (Vulnerable code verified not present) CVE-2001-1484 (Alcatel ADSL modems allow remote attackers to access the Trivial File ...) NOT-FOR-US: Alcatel hardware issue CVE-2001-1483 (One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remo ...) - libpam-opie (bug #112279; unimportant) NOTE: This is documented and not really important. In contrast to passwords NOTE: used by humans [sarge] - libpam-opie (Documented shortcoming, minor impact) CVE-2001-1482 (SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allow ...) NOTE: phpbb was initially uploaded as version 2 or phpbb has been removed now CVE-2001-1481 (Xitami 2.4 through 2.5 b4 stores the Administrator password in plainte ...) NOT-FOR-US: Xitami CVE-2001-1480 (Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows unt ...) NOT-FOR-US: Sun Java CVE-2001-1479 (smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows loc ...) NOT-FOR-US: Sun CVE-2001-1478 (Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0 ...) NOT-FOR-US: UnixWare CVE-2001-1477 (The Domain gateway in BEA Tuxedo 7.1 does not perform authorization ch ...) NOT-FOR-US: BEA Tuxedo CVE-2001-1476 (SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" ...) NOT-FOR-US: Commercial SSH CVE-2001-1475 (SSH before 2.0, when using RC4 and password authentication, allows rem ...) NOT-FOR-US: Commercial SSH CVE-2001-1474 (SSH before 2.0 disables host key checking when connecting to the local ...) NOT-FOR-US: Commercial SSH CVE-2001-1473 (The SSH-1 protocol allows remote servers to conduct man-in-the-middle ...) NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol. CVE-2001-1472 (SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allo ...) - phpbb2 2.0.6c-1 CVE-2001-1471 (prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users ...) - phpbb2 2.0.6c-1 CVE-2001-1470 (The IDEA cipher as implemented by SSH1 does not protect the final bloc ...) NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol CVE-2001-1469 (The RC4 stream cipher as used by SSH1 allows remote attackers to modif ...) NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol CVE-2001-1468 (PHP remote file inclusion vulnerability in checklogin.php in phpSecure ...) NOT-FOR-US: phpSecurePages CVE-2001-1467 (mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, se ...) - expect (in expect 5.42.1, mkpasswd does not seed by pid) NOTE: doesn't seem to seed at all; my tests indicate it generates no dups in NOTE: some 100000 passwords. CVE-2001-1466 (Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH- ...) NOT-FOR-US: VanDyke SecureCRT CVE-2001-1465 (SurfControl SuperScout only filters packets containing both an HTTP GE ...) NOT-FOR-US: SurfControl SuperScout CVE-2001-1464 (Crystal Reports, when displaying data for a password protected databas ...) NOT-FOR-US: Crystal Reports CVE-2001-1463 (The remote administration client for RhinoSoft Serv-U 3.0 sends the us ...) NOT-FOR-US: RhinoSoft Serv-U CVE-2001-1462 (WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Wi ...) NOT-FOR-US: RSA Security SecurID CVE-2001-1461 (Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 ...) NOT-FOR-US: RSA Security SecurID CVE-2001-1460 (SQL injection vulnerability in article.php in PostNuke 0.62 through 0. ...) NOT-FOR-US: PostNuke CVE-2001-1459 (OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication M ...) - openssh 1:3.0.1p1-1 CVE-2001-1458 (Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allo ...) NOT-FOR-US: Novell Groupwise CVE-2001-1457 (Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote att ...) NOT-FOR-US: CrazyWWWBoard CVE-2001-1456 (Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntl ...) NOT-FOR-US: Gauntlet Firewall CVE-2001-1455 (Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypa ...) NOT-FOR-US: Netegrity SiteMinder CVE-2001-1454 (Buffer overflow in MySQL before 3.23.33 allows remote attackers to exe ...) - mysql-dfsg 3.23.33-1 CVE-2001-1453 (Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allo ...) - mysql-dfsg 3.23.33-1 CVE-2001-1452 (By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cach ...) NOT-FOR-US: Windows CVE-2001-1451 (Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microso ...) NOT-FOR-US: Windows CVE-2001-1450 (Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause ...) NOT-FOR-US: Windows CVE-2001-1449 (The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 ...) - apache (Mandrake specific packaging flaw) CVE-2001-1448 (Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local us ...) NOT-FOR-US: Magic eDeveloper CVE-2001-1447 (NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to g ...) NOT-FOR-US: Windows CVE-2001-1446 (Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable ...) NOT-FOR-US: MacOS X CVE-2001-1445 (Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5 ...) NOT-FOR-US: Lotus Domino CVE-2001-1444 (The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Ke ...) NOT-FOR-US: Generic protocol flaw CVE-2001-1443 (KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not enc ...) NOT-FOR-US: Generic protocol flaw CVE-2001-1442 (Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 all ...) - inn2 2.3.3+20020922-1 - innfeed 0.10.1.7-7 CVE-2001-1441 (Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Pro ...) NOT-FOR-US: VisualAge for Java CVE-2001-1440 (Unknown vulnerability in login for AIX 5.1L, when using loadable authe ...) NOT-FOR-US: AIX CVE-2001-1439 (Buffer overflow in the text editor functionality in HP-UX 10.01 throug ...) NOT-FOR-US: HP-UX CVE-2001-1438 (Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module ...) NOT-FOR-US: Handspring Visor CVE-2001-1437 (easyScripts easyNews 1.5 allows remote attackers to obtain the full pa ...) NOT-FOR-US: easyScripts easyNews CVE-2001-1436 (Dallas Semiconductor iButton DS1991 returns predictable values when gi ...) NOT-FOR-US: Dallas Semiconductor iButton DS1991 CVE-2001-1435 (inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of s ...) NOT-FOR-US: Tru64 UNIX CVE-2001-1434 (Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read sy ...) NOT-FOR-US: IOS CVE-2001-1433 (Cherokee web server before 0.2.7 does not properly drop root privilege ...) NOT-FOR-US: Cherokee CVE-2001-1432 (Directory traversal vulnerability in Cherokee Web Server allows remote ...) NOT-FOR-US: Cherokee CVE-2001-1431 (Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Se ...) NOT-FOR-US: Nokia Firewall appliances CVE-2001-1430 (Cayman 3220-H DSL Router 1.0 ship without a password set, which allows ...) NOT-FOR-US: Cayman DSL router CVE-2001-1429 (Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local use ...) NOTE: I could track this down to this posting NOTE: http://web.archive.org/web/20051206035530/http://cert.uni-stuttgart.de:80/archive/vuln-dev/2001/11/msg00104.html NOTE: This looks very obscure an does not contain useful information on how this NOTE: was triggered and even then it's not a problem, as mcedit usage does not NOTE: have a remote impact and is not suid CVE-2001-1428 (The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped ...) NOT-FOR-US: IPC@CHIP Embedded web server CVE-2001-1427 (Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allow ...) NOT-FOR-US: ColdFusion CVE-2001-1426 (Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through ...) NOT-FOR-US: Alcatel Speed Touch CVE-2001-1425 (The challenge-response authentication of the EXPERT user for Alcatel S ...) NOT-FOR-US: Alcatel Speed Touch CVE-2001-1424 (Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132 ...) NOT-FOR-US: Alcatel Speed Touch CVE-2001-1423 (Advanced Poll before 1.61, when using a flat file database, allows rem ...) NOT-FOR-US: Advanced Poll CVE-2001-1422 (WinVNC 3.3.3 and earlier generates the same challenge string for multi ...) NOT-FOR-US: WinVNC CVE-2001-1421 (AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to ...) NOT-FOR-US: AOL Instant Messenger CVE-2001-1420 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a den ...) NOT-FOR-US: AOL Instant Messenger CVE-2001-1419 (AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attacke ...) NOT-FOR-US: AOL Instant Messenger CVE-2001-1418 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a den ...) NOT-FOR-US: AOL Instant Messenger CVE-2001-1417 (AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a den ...) NOT-FOR-US: AOL Instant Messenger CVE-2001-1416 (Multiple cross-site scripting (XSS) vulnerabilities in the log message ...) NOT-FOR-US: AOL Instant Messenger CVE-2001-1415 (vi.recover in OpenBSD before 3.1 allows local users to remove arbitrar ...) NOT-FOR-US: no_package NOTE: Debian's nvi recover script is very different CVE-2001-1414 (The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does ...) NOT-FOR-US: Solaris CVE-2001-1407 (Bugzilla before 2.14 allows Bugzilla users to bypass group security ch ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1406 (process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1391 (Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1386 (WFTPD 3.00 allows remote attackers to read arbitrary files by uploadin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1385 (The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1383 (initscript in setserial 2.17-4 and earlier uses predictable temporary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1382 (The "echo simulation" traffic analysis countermeasure in OpenSSH befor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1380 (OpenSSH before 2.9.9, while using keypairs and multiple keys of differ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1378 (fetchmailconf in fetchmail before 5.7.4 allows local users to overwrit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1375 (tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1374 (expect before 5.32 searches for its libraries in /var/tmp before other ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1373 (MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1372 (Oracle 9i Application Server 1.0.2 allows remote attackers to obtain t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1371 (The default configuration of Oracle Application Server 9iAS 1.0.2.2 en ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1370 (prepend.php3 in PHPLib before 7.2d, when register_globals is enabled f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1369 (Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1367 (The checkAccess function in PHPSlice 0.1.4, and all other versions bet ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1359 (Volution clients 1.0.7 and earlier attempt to contact the computer cre ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1352 (Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1351 (Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1350 (Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1349 (Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1347 (Windows 2000 allows local users to cause a denial of service and possi ...) NOT-FOR-US: Microsoft CVE-2001-1345 (bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PA ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1342 (Apache before 1.3.20 on Windows and OS/2 systems allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1334 (Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1328 (Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1327 (pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1322 (xinetd 2.1.8 and earlier runs with a default umask of 0, which could a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1303 (The default configuration of SecuRemote for Check Point Firewall-1 all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1302 (The change password option in the Windows Security interface for Windo ...) NOT-FOR-US: Microsoft CVE-2001-1301 (rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions befo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1299 (Zorbat Zorbstats PHP script before 0.9 allows remote attackers to incl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1297 (PHP remote file inclusion vulnerability in Actionpoll PHP script befor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1296 (More.groupware PHP script allows remote attackers to include arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1295 (Directory traversal vulnerability in Cerberus FTP Server 1.5 and earli ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1291 (The telnet server for 3Com hardware such as PS40 SuperStack II does no ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1279 (Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1277 (makewhatis in the man package before 1.5i2 allows an attacker in group ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1276 (ispell before 3.1.20 allows local users to overwrite files of other us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1267 (Directory traversal vulnerability in GNU tar 1.13.19 and earlier allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1266 (Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1252 (Network Associates PGP Keyserver 7.0 allows remote attackers to bypass ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1251 (SmallHTTP 1.204 through 3.00 beta 8 allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1247 (PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1246 (PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1240 (The default configuration of sudo in Engarde Secure Linux 1.0.1 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1237 (Phormation PHP script 0.9.1 and earlier allows remote attackers to exe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1236 (myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1235 (pSlash PHP script 0.7 and earlier allows remote attackers to execute a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1234 (Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1231 (GroupWise 5.5 and 6 running in live remote or smart caching mode allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1227 (Zope before 2.2.4 allows partially trusted users to bypass security co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1215 (Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1203 (Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1201 (Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1200 (Microsoft Windows XP allows local users to bypass a locked screen and ...) NOT-FOR-US: Microsoft CVE-2001-1199 (Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1193 (Directory traversal vulnerability in EFTP 2.0.8.346 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1186 (Microsoft IIS 5.0 allows remote attackers to cause a denial of service ...) NOT-FOR-US: Microsoft CVE-2001-1185 (Some AIO operations in FreeBSD 4.4 may be delayed until after a call t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1183 (PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers ...) NOT-FOR-US: Cisco CVE-2001-1180 (FreeBSD 4.3 does not properly clear shared signal handlers when execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1177 (ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1176 (Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1175 (vipw in the util-linux package before 2.10 causes /etc/shadow to be wo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1174 (Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1172 (OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileg ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1166 (linprocfs on FreeBSD 4.3 and earlier does not properly restrict access ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1162 (Directory traversal vulnerability in the %m macro in the smb.conf conf ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1161 (Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1160 (udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1158 (Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, ac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1155 (TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARA ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1153 (lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1149 (Panda Antivirus Platinum before 6.23.00 allows a remore attacker to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1147 (The PAM implementation in /bin/login of the util-linux package before ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1146 (AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1145 (fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and Open ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1144 (Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1141 (The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1132 (Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1130 (Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1121 (DEPRECATED. This entry has been deprecated. It is a duplicate of CVE ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1119 (cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1118 (A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1117 (LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1116 (Identix BioLogon 2.03 and earlier does not lock secondary displays on ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1113 (Buffer overflow in TrollFTPD 1.26 and earlier allows local users to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1108 (Directory traversal vulnerability in SnapStream PVS 1.2a allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1106 (The default configuration of Sambar Server 5 and earlier uses a symmet ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1103 (FTP Voyager ActiveX control before 8.0, when it is marked as safe for ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1100 (sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1099 (The default configuration of Norton AntiVirus for Microsoft Exchange 2 ...) NOT-FOR-US: Norton CVE-2001-1098 (Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in p ...) NOT-FOR-US: Cisco CVE-2001-1096 (Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a cor ...) NOT-FOR-US: AIX CVE-2001-1095 (Buffer overflow in uuq in AIX 4 could allow local users to execute arb ...) NOT-FOR-US: AIX CVE-2001-1089 (libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1088 (Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, ...) NOT-FOR-US: Microsoft CVE-2001-1085 (Lmail 2.7 and earlier allows local users to overwrite arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1084 (Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1083 (Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1081 (Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1080 (diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable ...) NOT-FOR-US: AIX CVE-2001-1079 (create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates ...) NOT-FOR-US: AIX CVE-2001-1075 (poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1074 (Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1072 (Apache with mod_rewrite enabled on most UNIX systems allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1071 (Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allo ...) NOT-FOR-US: Cisco CVE-2001-1069 (libCoolType library as used in Adobe Acrobat (acroread) on Linux creat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1067 (Buffer overflow in AOLserver 3.0 allows remote attackers to cause a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1066 (ns6install installation script for Netscape 6.01 on Solaris, and other ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1063 (Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1062 (Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1059 (VMWare creates a temporary file vmware-log.USERNAME with insecure perm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1056 (IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1055 (The Microsoft Windows network stack allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-2001-1054 (PHPAdsNew PHP script allows remote attackers to include arbitrary file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1053 (AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1049 (Phorecast PHP script before 0.40 allows remote attackers to include ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1048 (AWOL PHP script allows remote attackers to include arbitrary files fro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1046 (Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1043 (ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1038 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attacker ...) NOT-FOR-US: Cisco CVE-2001-1037 (Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to ...) NOT-FOR-US: Cisco CVE-2001-1036 (GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1035 (Binary decoding feature of slrn 0.9 and earlier allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1032 (admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1030 (Squid before 2.3STABLE5 in HTTP accelerator mode does not enable acces ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1029 (libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1028 (Buffer overflow in ultimate_source function of man 1.5 and earlier all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1027 (Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1022 (Format string vulnerability in pic utility in groff 1.16.1 and other v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1020 (edit_image.php in Vibechild Directory Manager before 0.91 allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1017 (rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.pas ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1016 (PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Free ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1011 (index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1010 (Directory traversal vulnerability in pagecount CGI script in Sambar Se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1008 (Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certif ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1002 (The default configuration of the DVI print filter (dvips) in Red Hat L ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0998 (IBM HACMP 4.4 allows remote attackers to cause a denial of service via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0995 (PHProjekt before 2.4a allows remote attackers to perform actions as ot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0993 (sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0987 (Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0982 (Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Directo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0981 (HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix passwor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0980 (docview before 1.0-15 allows remote attackers to execute arbitrary com ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0978 (login in HP-UX 10.26 does not record failed login attempts in /var/adm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0977 (slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0973 (BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0969 (ipfw in FreeBSD does not properly handle the use of "me" in its rules ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0965 (glFTPD 1.23 allows remote attackers to cause a denial of service (CPU ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0963 (Directory traversal vulnerability in SpoonFTP 1.1 allows local and som ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0962 (IBM WebSphere Application Server 3.02 through 3.53 uses predictable se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0961 (Buffer overflow in tab expansion capability of the most program allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0960 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 st ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0959 (Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 cr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0954 (Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0951 (Windows 2000 allows remote attackers to cause a denial of service (CPU ...) NOT-FOR-US: Microsoft CVE-2001-0946 (apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0940 (Buffer overflow in the GUI authentication code of Check Point VPN-1/Fi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0939 (Lotus Domino 5.08 and earlier allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0936 (Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0929 (Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC ...) NOT-FOR-US: Cisco CVE-2001-0921 (Netscape 4.79 and earlier for MacOS allows an attacker with access to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0920 (Format string vulnerability in auto nice daemon (AND) 1.0.4 and earlie ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0918 (Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0917 (Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0914 (Linux kernel before 2.4.11pre3 in multiple Linux distributions allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0912 (Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0909 (Buffer overflow in helpctr.exe program in Microsoft Help Center for Wi ...) NOT-FOR-US: Microsoft CVE-2001-0907 (Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows lo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0906 (teTeX filter before 1.0.7 allows local users to gain privileges via a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0905 (Race condition in signal handling of procmail 3.20 and earlier, when r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0902 (Microsoft IIS 5.0 allows remote attackers to spoof web log entries via ...) NOT-FOR-US: Microsoft CVE-2001-0901 (Hypermail allows remote attackers to execute arbitrary commands on a s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0900 (Directory traversal vulnerability in modules.php in Gallery before 1.2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0899 (Network Tools 0.2 for PHP-Nuke allows remote attackers to execute comm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0896 (Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0895 (Multiple Cisco networking products allow remote attackers to cause a d ...) NOT-FOR-US: Cisco CVE-2001-0894 (Vulnerability in Postfix SMTP server before 20010228-pl07, when config ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0891 (Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0889 (Exim 3.22 and earlier, in some configurations, does not properly verif ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0888 (Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0887 (xSANE 0.81 and earlier allows local users to modify files of other xSA ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0886 (Buffer overflow in glob function of glibc allows attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0884 (Cross-site scripting vulnerability in Mailman email archiver before 2. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0879 (Format string vulnerability in the C runtime functions in SQL Server 7 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0877 (Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows ...) NOT-FOR-US: Microsoft CVE-2001-0876 (Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ...) NOT-FOR-US: Microsoft CVE-2001-0875 (Internet Explorer 5.5 and 6.0 allows remote attackers to cause the Fil ...) NOT-FOR-US: Microsoft CVE-2001-0874 (Internet Explorer 5.5 and 6.0 allow remote attackers to read certain f ...) NOT-FOR-US: Microsoft CVE-2001-0873 (uuxqt in Taylor UUCP package does not properly remove dangerous long o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0872 (OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly clea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0869 (Format string vulnerability in the default logging callback function _ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0867 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not pr ...) NOT-FOR-US: Cisco CVE-2001-0866 (Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not pr ...) NOT-FOR-US: Cisco CVE-2001-0865 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not su ...) NOT-FOR-US: Cisco CVE-2001-0864 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not pr ...) NOT-FOR-US: Cisco CVE-2001-0863 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not ha ...) NOT-FOR-US: Cisco CVE-2001-0862 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not bl ...) NOT-FOR-US: Cisco CVE-2001-0861 (Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier ...) NOT-FOR-US: Cisco CVE-2001-0860 (Terminal Services Manager MMC in Windows 2000 and XP trusts the Client ...) NOT-FOR-US: Microsoft CVE-2001-0859 (2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0857 (Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0852 (TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0851 (Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0850 (A configuration error in the libdb1 package in OpenLinux 3.1 uses inse ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0846 (Lotus Domino 5.x allows remote attackers to read files or execute arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0843 (Squid proxy server 2.4 and earlier allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0837 (DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0836 (Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0834 (htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0833 (Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0830 (6tunnel 0.08 and earlier does not properly close sockets that were ini ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0828 (A cross-site scripting vulnerability in Caucho Technology Resin before ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0825 (Buffer overflow in internal string handling routines of xinetd before ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0823 (The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0822 (FPF kernel module 1.0 allows a remote attacker to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0819 (A buffer overflow in Linux fetchmail before 5.8.6 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0816 (OpenSSH before 2.9.9, when running sftp using sftp-server and using re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0815 (Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0806 (Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0805 (Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enter ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0804 (Directory traversal vulnerability in story.pl in Interactive Story 1.3 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0803 (Buffer overflow in the client connection routine of libDtSvc.so.1 in C ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0801 (lpstat in IRIX 6.5.13f and earlier allows local users to gain root pri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0797 (Buffer overflow in login in various System V based operating systems a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0796 (SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBS ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0792 (Format string vulnerability in XChat 1.2.x allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0787 (LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0784 (Directory traversal vulnerability in Icecast 1.3.10 and earlier allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0779 (Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0774 (Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0773 (Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0770 (Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to exe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0769 (Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0765 (BisonFTP V4R1 allows local users to access directories outside of thei ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0764 (Buffer overflow in ntping in scotty 2.1.0 allows local users to execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0763 (Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0760 (Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0757 (Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC ca ...) NOT-FOR-US: Cisco CVE-2001-0754 (Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial ...) NOT-FOR-US: Cisco CVE-2001-0752 (Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial ...) NOT-FOR-US: Cisco CVE-2001-0751 (Cisco switches and routers running CBOS 2.3.8 and earlier use predicta ...) NOT-FOR-US: Cisco CVE-2001-0750 (Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial ...) NOT-FOR-US: Cisco CVE-2001-0749 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0748 (Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other pr ...) NOT-FOR-US: Cisco CVE-2001-0745 (Netscape 4.7x allows remote attackers to obtain sensitive information ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0741 (Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to ca ...) NOT-FOR-US: Cisco CVE-2001-0740 (3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0739 (Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarte ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0738 (LogLine function in klogd in sysklogd 1.3 in various Linux distributio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0733 (The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0731 (Apache 1.3.20 with Multiviews enabled allows remote attackers to view ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0730 (split-logfile in Apache 1.3.20 allows remote attackers to overwrite ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0728 (Buffer overflow in Compaq Management Agents before 5.2, included in Co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0727 (Internet Explorer 6.0 allows remote attackers to execute arbitrary cod ...) NOT-FOR-US: Microsoft CVE-2001-0726 (Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used w ...) NOT-FOR-US: Microsoft CVE-2001-0724 (Internet Explorer 5.5 allows remote attackers to bypass security restr ...) NOT-FOR-US: Microsoft CVE-2001-0723 (Internet Explorer 5.5 and 6.0 allows remote attackers to read and modi ...) NOT-FOR-US: Microsoft CVE-2001-0722 (Internet Explorer 5.5 and 6.0 allows remote attackers to read and modi ...) NOT-FOR-US: Microsoft CVE-2001-0720 (Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attacker ...) NOT-FOR-US: Microsoft CVE-2001-0719 (Buffer overflow in Microsoft Windows Media Player 6.4 allows remote at ...) NOT-FOR-US: Microsoft CVE-2001-0718 (Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) Microsof ...) NOT-FOR-US: Microsoft CVE-2001-0717 (Format string vulnerability in ToolTalk database server rpc.ttdbserver ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0716 (Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0710 (NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0706 (Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0701 (Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and ear ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0700 (Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0699 (Buffer overflow in cb_reset in the System Service Processor (SSP) pack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0698 (Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0697 (NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a deni ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0696 (NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a deni ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0692 (SMTP proxy in WatchGuard Firebox (2500 and 4500) 4.5 and 4.6 allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0690 (Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0686 (Buffer overflow in mail included with SunOS 5.8 for x86 allows a local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0685 (Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0682 (ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0680 (Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/T ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0677 (Eudora 5.0.2 allows a remote attacker to read arbitrary files via an e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0676 (Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0675 (Rit Research Labs The Bat! 1.51 for Windows allows a remote attacker t ...) NOT-FOR-US: Microsoft CVE-2001-0670 (Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0668 (Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 thro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0667 (Internet Explorer 6 and earlier, when used with the Telnet client in S ...) NOT-FOR-US: Microsoft CVE-2001-0666 (Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenti ...) NOT-FOR-US: Microsoft CVE-2001-0665 (Internet Explorer 6 and earlier allows remote attackers to cause certa ...) NOT-FOR-US: Microsoft CVE-2001-0664 (Internet Explorer 5.5 and 5.01 allows remote attackers to bypass secur ...) NOT-FOR-US: Microsoft CVE-2001-0663 (Terminal Server in Windows NT and Windows 2000 allows remote attackers ...) NOT-FOR-US: Microsoft CVE-2001-0662 (RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause ...) NOT-FOR-US: Microsoft CVE-2001-0660 (Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, a ...) NOT-FOR-US: Microsoft CVE-2001-0659 (Buffer overflow in IrDA driver providing infrared data exchange on Win ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0658 (Cross-site scripting (CSS) vulnerability in Microsoft Internet Securit ...) NOT-FOR-US: Microsoft CVE-2001-0653 (Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0652 (Heap overflow in xlock in Solaris 2.6 through 8 allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0650 (Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a ...) NOT-FOR-US: Cisco CVE-2001-0648 (Directory traversal vulnerability in PHProjekt 2.1 and earlier allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0646 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0644 (Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plai ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0643 (Internet Explorer 5.5 does not display the Class ID (CLSID) when it is ...) NOT-FOR-US: Microsoft CVE-2001-0641 (Buffer overflow in man program in various distributions of Linux allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0635 (Red Hat Linux 7.1 sets insecure permissions on swap files created duri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0634 (Sun Chili!Soft ASP has weak permissions on various configuration files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0631 (Centrinity First Class Internet Services 5.50 allows for the circumven ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0630 (Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0629 (HP Event Correlation Service (ecsd) as included with OpenView Network ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0628 (Microsoft Word 2000 does not check AutoRecovery (.asd) files for macro ...) NOT-FOR-US: Microsoft CVE-2001-0627 (vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0626 (O'Reilly Website Professional 2.5.4 and earlier allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0625 (ftpdownload in Computer Associates InoculateIT 6.0 allows a local atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0622 (The web management service on Cisco Content Service series 11000 switc ...) NOT-FOR-US: Cisco CVE-2001-0621 (The FTP server on Cisco Content Service 11000 series switches (CSS) be ...) NOT-FOR-US: Cisco CVE-2001-0616 (Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0615 (Directory traversal vulnerability in Faust Informatics Freestyle Chat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0613 (Omnicron Technologies OmniHTTPD Professional 2.08 and earlier allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0612 (McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0611 (Becky! 2.00.05 and earlier can allow a remote attacker to gain additio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0596 (Netscape Communicator before 4.77 allows remote attackers to execute a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0595 (Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0594 (kcms_configure as included with Solaris 7 and 8 allows a local attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0593 (Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0591 (Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0590 (Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0589 (NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-10 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0586 (TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0585 (Gordano NTMail 6.0.3c allows a remote attacker to create a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0574 (Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0573 (lsfs in AIX 4.x allows a local user to gain additional privileges by c ...) NOT-FOR-US: AIX CVE-2001-0567 (Digital Creations Zope 2.3.2 and earlier allows a local attacker to ga ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0565 (Buffer overflow in mailx in Solaris 8 and earlier allows a local attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0564 (APC Web/SNMP Management Card prior to Firmware 310 only supports one t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0563 (ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0560 (Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0559 (crontab in Vixie cron 3.0.1 and earlier does not properly drop privile ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0558 (T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0554 (Buffer overflow in BSD-based telnetd telnet daemon on various operatin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0553 (SSH Secure Shell 3.0.0 on Unix systems does not properly perform passw ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0550 (wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0549 (Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a regis ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0548 (Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0547 (Memory leak in the proxy service in Microsoft Internet Security and Ac ...) NOT-FOR-US: Microsoft CVE-2001-0546 (Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security ...) NOT-FOR-US: Microsoft CVE-2001-0545 (IIS 4.0 with URL redirection enabled allows remote attackers to cause ...) NOT-FOR-US: Microsoft CVE-2001-0544 (IIS 5.0 allows local users to cause a denial of service (hang) via by ...) NOT-FOR-US: Microsoft CVE-2001-0543 (Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows ...) NOT-FOR-US: Microsoft CVE-2001-0541 (Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allo ...) NOT-FOR-US: Microsoft CVE-2001-0540 (Memory leak in Terminal servers in Windows NT and Windows 2000 allows ...) NOT-FOR-US: Microsoft CVE-2001-0538 (Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and e ...) NOT-FOR-US: Microsoft CVE-2001-0537 (HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass auth ...) NOT-FOR-US: Cisco CVE-2001-0533 (Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows loc ...) NOT-FOR-US: AIX CVE-2001-0530 (Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0529 (OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0528 (Oracle E-Business Suite Release 11i Applications Desktop Integrator (A ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0527 (DCScripts DCForum versions 2000 and earlier allow a remote attacker to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0526 (Buffer overflow in the Xview library as used by mailtool in Solaris 8 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0525 (Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0522 (Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0518 (Oracle listener before Oracle 9i allows attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0517 (Oracle listener in Oracle 8i on Solaris allows remote attackers to cau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0514 (SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0513 (Oracle listener process on Windows NT redirects connection requests to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0508 (Vulnerability in IIS 5.0 allows remote attackers to cause a denial of ...) NOT-FOR-US: Microsoft CVE-2001-0507 (IIS 5.0 uses relative paths to find system files that will run in-proc ...) NOT-FOR-US: Microsoft CVE-2001-0506 (Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to ...) NOT-FOR-US: Microsoft CVE-2001-0504 (Vulnerability in authentication process for SMTP service in Microsoft ...) NOT-FOR-US: Microsoft CVE-2001-0503 (Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows r ...) NOT-FOR-US: Microsoft CVE-2001-0502 (Running Windows 2000 LDAP Server over SSL, a function does not properl ...) NOT-FOR-US: Microsoft CVE-2001-0501 (Microsoft Word 2002 and earlier allows attackers to automatically exec ...) NOT-FOR-US: Microsoft CVE-2001-0500 (Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and I ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0497 (dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0495 (Directory traversal in DataWizard WebXQ server 1.204 allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0494 (Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0493 (Small HTTP server 2.03 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0489 (Format string vulnerability in gftp prior to 2.0.8 allows remote malic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0488 (pcltotiff in HP-UX 10.x has unnecessary set group id permissions, whic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0487 (AIX SNMP server snmpd allows remote attackers to cause a denial of ser ...) NOT-FOR-US: AIX CVE-2001-0486 (Remote attackers can cause a denial of service in Novell BorderManager ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0485 (Unknown vulnerability in netprint in IRIX 6.2, and possibly other vers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0482 (Configuration error in Argus PitBull LX allows root users to bypass sp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0481 (Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure te ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0475 (index.php in Jelsoft vBulletin does not properly initialize a PHP vari ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0474 (Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0473 (Format string vulnerability in Mutt before 1.2.5 allows a remote malic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0469 (rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other opera ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0467 (Directory traversal vulnerability in RobTex Viking Web server before 1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0465 (TurboTax saves passwords in a temporary file when a user imports inves ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0463 (Directory traversal vulnerability in cal_make.pl in PerlCal allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0462 (Directory traversal vulnerability in Perl web server 0.3 and earlier a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0461 (template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0457 (man2html before 1.5-22 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0456 (postinst installation script for Proftpd in Debian 2.2 does not proper ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0455 (Cisco Aironet 340 Series wireless bridge before 8.55 does not properly ...) NOT-FOR-US: Cisco CVE-2001-0449 (Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0444 (Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") com ...) NOT-FOR-US: Cisco CVE-2001-0442 (Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlie ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0440 (Buffer overflow in logging functions of licq before 1.0.3 allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0439 (licq before 1.0.3 allows remote attackers to execute arbitrary command ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0434 (The LogDataListToFile ActiveX function used in (1) Knowledge Center an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0430 (Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0429 (Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an ...) NOT-FOR-US: Cisco CVE-2001-0428 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attac ...) NOT-FOR-US: Cisco CVE-2001-0427 (Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attac ...) NOT-FOR-US: Cisco CVE-2001-0423 (Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0422 (Buffer overflow in Xsun in Solaris 8 and earlier allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0416 (sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files wit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0414 (Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0413 (BinTec X4000 Access router, and possibly other versions, allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0412 (Cisco Content Services (CSS) switch products 11800 and earlier, aka Ar ...) NOT-FOR-US: Cisco CVE-2001-0409 (vim (aka gvim) allows local users to modify files being edited by othe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0408 (vim (aka gvim) processes VIM control codes that are embedded in a file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0407 (Directory traversal vulnerability in MySQL before 3.23.36 allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0405 (ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0402 (IPFilter 3.4.16 and earlier does not include sufficient session inform ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0394 (Remote manager service in Website Pro 3.0.37 allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0388 (time server daemon timed allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0387 (Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0386 (AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0383 (banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to mod ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0379 (Vulnerability in the newgrp program included with HP9000 servers runni ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0378 (readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0377 (Infradig Inframail prior to 3.98a allows a remote attacker to create a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0375 (Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authenticatio ...) NOT-FOR-US: Cisco CVE-2001-0373 (The default configuration of the Dr. Watson program in Windows NT and ...) NOT-FOR-US: Microsoft CVE-2001-0371 (Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0368 (Directory traversal vulnerability in BearShare 2.2.2 and earlier allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0366 (saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0365 (Eudora before 5.1 allows a remote attacker to execute arbitrary code, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0364 (SSH Communications Security sshd 2.4 for Windows allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0361 (Implementations of SSH version 1.5, including (1) OpenSSH up to versio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0353 (Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0351 (Microsoft Windows 2000 telnet service allows a local user to make a ce ...) NOT-FOR-US: Microsoft CVE-2001-0348 (Microsoft Windows 2000 telnet service allows attackers to cause a deni ...) NOT-FOR-US: Microsoft CVE-2001-0347 (Information disclosure vulnerability in Microsoft Windows 2000 telnet ...) NOT-FOR-US: Microsoft CVE-2001-0346 (Handle leak in Microsoft Windows 2000 telnet service allows attackers ...) NOT-FOR-US: Microsoft CVE-2001-0345 (Microsoft Windows 2000 telnet service allows attackers to prevent idle ...) NOT-FOR-US: Microsoft CVE-2001-0344 (An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mi ...) NOT-FOR-US: Microsoft CVE-2001-0341 (Buffer overflow in Microsoft Visual Studio RAD Support sub-component o ...) NOT-FOR-US: Microsoft CVE-2001-0340 (An interaction between the Outlook Web Access (OWA) service in Microso ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0339 (Internet Explorer 5.5 and earlier allows remote attackers to display a ...) NOT-FOR-US: Microsoft CVE-2001-0338 (Internet Explorer 5.5 and earlier does not properly validate digital c ...) NOT-FOR-US: Microsoft CVE-2001-0336 (The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an err ...) NOT-FOR-US: Microsoft CVE-2001-0335 (FTP service in IIS 5.0 and earlier allows remote attackers to enumerat ...) NOT-FOR-US: Microsoft CVE-2001-0334 (FTP service in IIS 5.0 and earlier allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-2001-0333 (Directory traversal vulnerability in IIS 5.0 and earlier allows remote ...) NOT-FOR-US: Microsoft CVE-2001-0331 (Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0330 (Bugzilla 2.10 allows remote attackers to access sensitive information, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0327 (iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0326 (Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Applica ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0321 (opendir.php script in PHP-Nuke allows remote attackers to read arbitra ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0319 (orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0318 (Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0317 (Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0316 (Linux kernel 2.4 and 2.2 allows local users to read kernel memory and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0311 (Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0310 (sort in FreeBSD 4.1.1 and earlier, and possibly other operating system ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0309 (inetd in Red Hat 6.2 does not properly close sockets for internal serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0301 (Buffer overflow in Analog before 4.16 allows remote attackers to execu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0299 (Buffer overflow in Voyager web administration server for Nokia IP440 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0295 (Directory traversal vulnerability in War FTP 1.67.04 allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0290 (Vulnerability in Mailman 2.0.1 and earlier allows list administrators ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0289 (Joe text editor 2.8 searches the current working directory (CWD) for t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0288 (Cisco switches and routers running IOS 12.1 and earlier produce predic ...) NOT-FOR-US: Cisco CVE-2001-0287 (VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0284 (Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0280 (Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0279 (Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gai ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0278 (Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0276 (ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0274 (kicq IRC client 1.0.0, and possibly later versions, allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0269 (pam_ldap authentication module in Solaris 8 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0268 (The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0267 (NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0266 (Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0265 (ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0260 (Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0259 (ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0252 (iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0245 (Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in ...) NOT-FOR-US: Microsoft CVE-2001-0244 (Buffer overflow in Microsoft Index Server 2.0 allows remote attackers ...) NOT-FOR-US: Microsoft CVE-2001-0243 (Windows Media Player 7 and earlier stores Internet shortcuts in a user ...) NOT-FOR-US: Microsoft CVE-2001-0241 (Buffer overflow in Internet Printing ISAPI extension in Windows 2000 a ...) NOT-FOR-US: Microsoft CVE-2001-0240 (Microsoft Word before Word 2002 allows attackers to automatically exec ...) NOT-FOR-US: Microsoft CVE-2001-0239 (Microsoft Internet Security and Acceleration (ISA) Server 2000 Web Pro ...) NOT-FOR-US: Microsoft CVE-2001-0238 (Microsoft Data Access Component Internet Publishing Provider 8.103.251 ...) NOT-FOR-US: Microsoft CVE-2001-0237 (Memory leak in Microsoft 2000 domain controller allows remote attacker ...) NOT-FOR-US: Microsoft CVE-2001-0236 (Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0235 (Vulnerability in crontab allows local users to read crontab files of o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0234 (NewsDaemon before 0.21b allows remote attackers to execute arbitrary S ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0233 (Buffer overflow in micq client 0.4.6 and earlier allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0230 (Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly othe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0222 (webmin 0.84 and earlier allows local users to overwrite and create arb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0221 (Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0219 (Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0218 (Format string vulnerability in mars_nwe 0.99.pl19 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0215 (ROADS search.pl program allows remote attackers to read arbitrary file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0207 (Buffer overflow in bing allows remote attackers to execute arbitrary c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0204 (Watchguard Firebox II allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0203 (Watchguard Firebox II firewall allows users with read-only access to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0197 (Format string vulnerability in print_client in icecast 1.3.8beta2 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0196 (inetd ident server in FreeBSD 4.x and earlier does not properly set gr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0195 (sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/sha ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0194 (Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0193 (Format string vulnerability in man in some Linux distributions allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0191 (gnuserv before 3.12, as shipped with XEmacs, does not properly check t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0190 (Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0189 (Directory traversal vulnerability in LocalWEB2000 HTTP server allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0187 (Format string vulnerability in wu-ftp 2.6.1 and earlier, when running ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0185 (Netopia R9100 router version 4.6 allows authenticated users to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0183 (ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to b ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0182 (FireWall-1 4.1 with a limited-IP license allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0179 (Allaire JRun 3.0 allows remote attackers to list contents of the WEB-I ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0178 (kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0176 (The setuid doroot program in Voyant Sonata 3.x executes arbitrary comm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0175 (The caching module in Netscape Fasttrack Server 4.1 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0174 (Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0170 (glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0169 (When using the LD_PRELOAD environmental variable in SUID or SGID appli ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0166 (Macromedia Shockwave Flash plugin version 8 and earlier allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0165 (Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0164 (Buffer overflow in Netscape Directory Server 4.12 and earlier allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0157 (Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0156 (VShell SSH gateway 1.0.1 and earlier has a default port forwarding rul ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0155 (Format string vulnerability in VShell SSH gateway 1.0.1 and earlier al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0154 (HTML e-mail feature in Internet Explorer 5.5 and earlier allows attack ...) NOT-FOR-US: Microsoft CVE-2001-0153 (Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual St ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0152 (The password protection option for the Compressed Folders feature in P ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0151 (IIS 5.0 allows remote attackers to cause a denial of service via a ser ...) NOT-FOR-US: Microsoft CVE-2001-0150 (Internet Explorer 5.5 and earlier executes Telnet sessions using comma ...) NOT-FOR-US: Microsoft CVE-2001-0149 (Windows Scripting Host in Internet Explorer 5.5 and earlier allows rem ...) NOT-FOR-US: Microsoft CVE-2001-0148 (The WMP ActiveX Control in Windows Media Player 7 allows remote attack ...) NOT-FOR-US: Microsoft CVE-2001-0147 (Buffer overflow in Windows 2000 event viewer snap-in allows attackers ...) NOT-FOR-US: Microsoft CVE-2001-0144 (CORE SDI SSH1 CRC-32 compensation attack detector allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0143 (vpop3d program in linuxconf 1.23r and earlier allows local users to ov ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0142 (squid 2.3 and earlier allows local users to overwrite arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0141 (mgetty 1.1.22 allows local users to overwrite arbitrary files via a sy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0140 (arpwatch 2.1a4 allows local users to overwrite arbitrary files via a s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0139 (inn 2.2.3 allows local users to overwrite arbitrary files via a symlin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0138 (privatepw program in wu-ftpd before 2.6.1-6 allows local users to over ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0137 (Windows Media Player 7 allows remote attackers to execute malicious Ja ...) NOT-FOR-US: Microsoft CVE-2001-0136 (Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a den ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0130 (Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0129 (Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0128 (Zope before 2.2.4 does not properly compute local roles, which could a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0126 (Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to exe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0125 (exmh 2.2 and earlier allows local users to overwrite arbitrary files v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0124 (Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0123 (Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0122 (Kernel leak in AfpaCache module of the Fast Response Cache Accelerator ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0121 (ImageCast Control Center 4.1.0 allows remote attackers to cause a deni ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0120 (useradd program in shadow-utils program may allow local users to overw ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0119 (getty_ps 2.0.7j allows local users to overwrite arbitrary files via a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0118 (rdist 6.1.5 allows local users to overwrite arbitrary files via a syml ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0117 (sdiff 2.7 in the diffutils package allows local users to overwrite fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0116 (gpm 1.19.3 allows local users to overwrite arbitrary files via a symli ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0115 (Buffer overflow in arp command in Solaris 7 and earlier allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0111 (Format string vulnerability in splitvt before 1.6.5 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0110 (Buffer overflow in jaZip Zip/Jaz drive manager allows local users to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0109 (rctab in SuSE 7.0 and earlier allows local users to create or overwrit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0108 (PHP Apache module 4.0.4 and earlier allows remote attackers to bypass ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0106 (Vulnerability in inetd server in HP-UX 11.04 and earlier allows attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0105 (Vulnerability in top in HP-UX 11.04 and earlier allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0100 (bslist.cgi mailing list script allows remote attackers to execute arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0099 (bsguest.cgi guestbook script allows remote attackers to execute arbitr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0096 (FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote at ...) NOT-FOR-US: Microsoft CVE-2001-0095 (catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0094 (Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authenticati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0092 (A function in Internet Explorer 5.0 through 5.5 does not properly veri ...) NOT-FOR-US: Microsoft CVE-2001-0091 (The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 ...) NOT-FOR-US: Microsoft CVE-2001-0090 (The Print Templates feature in Internet Explorer 5.5 executes arbitrar ...) NOT-FOR-US: Microsoft CVE-2001-0089 (Internet Explorer 5.0 through 5.5 allows remote attackers to read arbi ...) NOT-FOR-US: Microsoft CVE-2001-0085 (Buffer overflow in Kermit communications software in HP-UX 11.0 and ea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0083 (Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 do ...) NOT-FOR-US: Microsoft CVE-2001-0081 (swinit in nCipher does not properly disable the Operator Card Set reco ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0080 (Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to ...) NOT-FOR-US: Cisco CVE-2001-0078 (in.mond in Sun Cluster 2.x allows local users to read arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0077 (The clustmon service in Sun Cluster 2.x does not require authenticatio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0072 (gpg (aka GnuPG) 1.0.4 and other versions imports both public and priva ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0071 (gpg (aka GnuPG) 1.0.4 and other versions does not properly verify deta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0069 (dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0066 (Secure Locate (slocate) allows local users to corrupt memory via a mal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0063 (procfs in FreeBSD and possibly other operating systems allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0062 (procfs in FreeBSD and possibly other operating systems allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0061 (procfs in FreeBSD and possibly other operating systems does not proper ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0060 (Format string vulnerability in stunnel 3.8 and earlier allows attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0059 (patchadd in Solaris allows local users to overwrite arbitrary files vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0058 (The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier ...) NOT-FOR-US: Cisco CVE-2001-0057 (Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attacker ...) NOT-FOR-US: Cisco CVE-2001-0056 (The Cisco Web Management interface in routers running CBOS 2.4.1 and e ...) NOT-FOR-US: Cisco CVE-2001-0055 (CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to ...) NOT-FOR-US: Cisco CVE-2001-0054 (Directory traversal vulnerability in FTP Serv-U before 2.5i allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0053 (One-byte buffer overflow in replydirname function in BSD-based ftpd al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0050 (Buffer overflow in BitchX IRC client allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0043 (phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0042 (PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitra ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0041 (Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches all ...) NOT-FOR-US: Cisco CVE-2001-0040 (APC UPS daemon, apcupsd, saves its process ID in a world-writable file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0039 (IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0036 (KTH Kerberos IV allows local users to overwrite arbitrary files via a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0035 (Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0034 (KTH Kerberos IV allows local users to specify an alternate proxy using ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0033 (KTH Kerberos IV allows local users to change the configuration of a Ke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0028 (Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0026 (rp-pppoe PPPoE client allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0021 (MailMan Webmail 3.0.25 and earlier allows remote attackers to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0020 (Directory traversal vulnerability in Arrowpoint (aka Cisco Content Ser ...) NOT-FOR-US: Cisco CVE-2001-0018 (Windows 2000 domain controller in Windows 2000 Server, Advanced Server ...) NOT-FOR-US: Microsoft CVE-2001-0017 (Memory leak in PPTP server in Windows NT 4.0 allows remote attackers t ...) NOT-FOR-US: Microsoft CVE-2001-0016 (NTLM Security Support Provider (NTLMSSP) service does not properly che ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0015 (Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users ...) NOT-FOR-US: Microsoft CVE-2001-0014 (Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not p ...) NOT-FOR-US: Microsoft CVE-2001-0013 (Format string vulnerability in nslookupComplain function in BIND 4 all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0012 (BIND 4 and BIND 8 allow remote attackers to access sensitive informati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0011 (Buffer overflow in nslookupComplain function in BIND 4 allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0010 (Buffer overflow in transaction signature (TSIG) handling code in BIND ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0009 (Directory traversal vulnerability in Lotus Domino 5.0.5 web server all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0008 (Backdoor account in Interbase database server allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0007 (Buffer overflow in NetScreen Firewall WebUI allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0006 (The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropr ...) NOT-FOR-US: Microsoft CVE-2001-0005 (Buffer overflow in the parsing mechanism of the file loader in Microso ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0004 (IIS 5.0 and 4.0 allows remote attackers to read the source code for ex ...) NOT-FOR-US: Microsoft CVE-2001-0003 (Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and ...) NOT-FOR-US: Microsoft CVE-2001-0002 (Internet Explorer 5.5 and earlier allows remote attackers to obtain th ...) NOT-FOR-US: Microsoft CVE-2001-0001 (cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1413 (Stack-based buffer overflow in the comprexx function for ncompress 4.2 ...) NOTE: not vulnerable according to http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge NOTE: discussion at: NOTE: http://archives.neohapsis.com/archives/linux/lsap/2001-q2/0081.html NOTE: listed sarge version contains a fix like the patch from Gentoo - ncompress 4.2.4-15 CVE-2001-1412 (nidump on MacOS X before 10.3 allows local users to read the encrypted ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1411 (Format string vulnerability in gm4 (aka m4) on Mac OS X may allow loca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1410 (Internet Explorer 6 and earlier allows remote attackers to create chro ...) NOT-FOR-US: Microsoft CVE-2001-1409 (dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1408 (Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in C ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1405 (Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, whic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1404 (Bugzilla before 2.14 stores user passwords in plaintext and sends pass ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1403 (Bugzilla before 2.14 includes the username and password in URLs, which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1402 (Bugzilla before 2.14 does not properly escape untrusted parameters, wh ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1401 (Bugzilla before 2.14 does not properly restrict access to confidential ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1400 (Unknown vulnerabilities in the UDP port allocation for Linux kernel be ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1399 (Certain operations in Linux kernel before 2.2.19 on the x86 architectu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1398 (Masquerading code for Linux kernel before 2.2.19 does not fully check ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1397 (The System V (SYS5) shared memory implementation for Linux kernel befo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1396 (Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1395 (Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 rel ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1394 (Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1393 (Unknown vulnerability in classifier code for Linux kernel before 2.2.1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1392 (The Linux kernel before 2.2.19 does not have unregister calls for (1) ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1390 (Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1389 (Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1388 (iptables before 1.2.4 does not accurately convert rate limits that are ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1387 (iptables-save in iptables before 1.2.4 records the "--reject-with icmp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1384 (ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1379 (The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1377 (Multiple RADIUS implementations do not properly validate the Vendor-Le ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1376 (Buffer overflow in digest calculation function of multiple RADIUS impl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1368 (Vulnerability in iPlanet Web Server 4 included in Virtualvault Operati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1366 (netscript before 1.6.3 parses dynamic variables, which could allow rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1365 (Vulnerability in IntraGnat before 1.4. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1364 (Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1363 (Vulnerability in phpWebSite before 0.7.9 related to running multiple i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1362 (Vulnerability in the server for nPULSE before 0.53p4. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1361 (Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1360 (Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1358 (Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1357 (Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1356 (NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1355 (Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and ear ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1354 (NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1353 (ghostscript before 6.51 allows local users to read and write arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1348 (TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1346 (Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1344 (WSSecurity.pl in WebStore allows remote attackers to bypass authentica ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1343 (ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated Web ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1341 (The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1340 (Beck GmbH IPC@Chip TelnetD service supports only one connection and do ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1339 (Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1338 (Beck IPC GmbH IPC@CHIP TelnetD server generates different responses wh ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1337 (Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1336 (CesarFTP 0.98b and earlier stores usernames and passwords in plaintext ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1335 (Directory traversal vulnerability in CesarFTP 0.98b and earlier allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1333 (Linux CUPS before 1.1.6 does not securely handle temporary files, poss ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1332 (Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1331 (mandb in the man-db package before 2.3.16-3 allows local users to over ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1330 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ro ...) NOT-FOR-US: AIX CVE-2001-1329 (Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain ro ...) NOT-FOR-US: AIX CVE-2001-1326 (Eudora 5.1 allows remote attackers to execute arbitrary code when the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1325 (Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow ...) NOT-FOR-US: Microsoft CVE-2001-1324 (cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1323 (Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1321 (Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1320 (Network Associates PGP Keyserver 7.0 allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1319 (Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial ...) NOT-FOR-US: Microsoft CVE-2001-1318 (Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1317 (Teamware Office Enterprise Directory allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1316 (Buffer overflows in Teamware Office Enterprise Directory allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1315 (Critical Path (1) InJoin Directory Server or (2) LiveContent Directory ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1314 (Buffer overflows in Critical Path (1) InJoin Directory Server or (2) L ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1313 (Lotus Domino R5 before R5.0.7a allows remote attackers to cause a deni ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1312 (Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1311 (Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1310 (IBM SecureWay 3.2.1 allow remote attackers to cause a denial of servic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1309 (Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1308 (Format string vulnerabilities in iPlanet Directory Server 4.1.4 and ea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1307 (Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1306 (iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1305 (ICQ 2001a Alpha and earlier allows remote attackers to automatically a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1304 (Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1300 (Directory traversal vulnerability in Dynu FTP server 1.05 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1298 (Webodex PHP script 1.0 and earlier allows remote attackers to include ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1294 (Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1293 (Buffer overflow in web server of 3com HomeConnect Cable Modem External ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1292 (Sambar Telnet Proxy/Server allows remote attackers to cause a denial o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1290 (admin.cgi in Active Classifieds Free Edition 1.0, and possibly commerc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1289 (Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1288 (Windows 2000 and Windows NT allows local users to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1287 (Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1286 (Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1285 (Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1284 (Ipswitch IMail 7.04 and earlier uses predictable session IDs for authe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1283 (The webmail interface for Ipswitch IMail 7.04 and earlier allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1282 (Ipswitch IMail 7.04 and earlier records the physical path of attachmen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1281 (Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1280 (POP3 Server for Ipswitch IMail 7.04 and earlier generates different re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1278 (Zope before 2.2.4 allows partially trusted users to bypass security co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1275 (MySQL before 3.23.31 allows users with a MySQL account to use the SHOW ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1274 (Buffer overflow in MySQL before 3.23.31 allows attackers to cause a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1273 (The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, whe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1272 (wmtv 0.6.5 and earlier does not properly drop privileges, which allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1271 (Directory traversal vulnerability in rar 2.02 and earlier allows attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1270 (Directory traversal vulnerability in the console version of PKZip (pkz ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1269 (Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1268 (Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1265 (Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1264 (Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1263 (telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1262 (Avaya Argent Office 2.1 compares a user-provided SNMP community string ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1261 (Avaya Argent Office 2.1 may allow remote attackers to change hold musi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1260 (Avaya Argent Office uses weak encryption (trivial encoding) for passwo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1259 (Avaya Argent Office allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1258 (Horde Internet Messaging Program (IMP) before 2.2.6 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1257 (Cross-site scripting vulnerability in Horde Internet Messaging Program ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1256 (kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1255 (WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1254 (Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1253 (Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1250 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1249 (vWebServer 1.2.0 allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1248 (vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1245 (Opera 5.0 for Linux does not properly handle malformed HTTP headers, w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1244 (Multiple TCP implementations could allow remote attackers to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1243 (Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 al ...) NOT-FOR-US: Microsoft CVE-2001-1242 (Directory traversal vulnerability in Un-CGI 1.9 and earlier allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1241 (Un-CGI 1.9 and earlier does not verify that a CGI script has the execu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1239 (PowerNet IX allows remote attackers to cause a denial of service via a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1238 (Task Manager in Windows 2000 does not allow local users to end process ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1233 (Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1232 (GroupWise WebAccess 5.5 with directory indexing enabled allows a remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1230 (Buffer overflows in Icecast before 1.3.10 allow remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1229 (Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1228 (Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1226 (AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1225 (Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1224 (get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1223 (The web administration server for ELSA Lancom 1100 Office does not req ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1222 (Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1221 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1220 (D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point store ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1219 (Microsoft Internet Explorer 6.0 and earlier allows malicious website o ...) NOT-FOR-US: Microsoft CVE-2001-1218 (Microsoft Internet Explorer for Unix 5.0SP1 allows local users to poss ...) NOT-FOR-US: Microsoft CVE-2001-1217 (Directory traversal vulnerability in PL/SQL Apache module in Oracle Or ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1216 (Buffer overflow in PL/SQL Apache module in Oracle 9i Application Serve ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1214 (manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1213 (The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1212 (Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1211 (Ipswitch IMail 7.0.4 and earlier allows attackers with administrator p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1210 (Cisco ubr900 series routers that conform to the Data-over-Cable Servic ...) NOT-FOR-US: Cisco CVE-2001-1209 (Directory traversal vulnerability in zml.cgi allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1208 (Format string vulnerability in DayDream BBS allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1207 (Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1206 (Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1205 (Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1204 (Directory traversal vulnerability in phprocketaddin in Total PC Soluti ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1202 (Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does no ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1198 (RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1197 (klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1196 (Directory traversal vulnerability in edit_action.cgi of Webmin Directo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1195 (Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a defau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1194 (Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1192 (Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1191 (WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1190 (The default PAM files included with passwd in Mandrake Linux 8.1 do no ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1189 (IBM Websphere Application Server 3.5.3 and earlier stores a password i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1188 (mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1187 (csvform.pl 0.1 allows remote attackers to execute arbitrary commands v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1184 (wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1182 (Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restric ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1181 (Dynamically Loadable Kernel Module (dlkm) static kernel symbol table i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1179 (xman allows local users to gain privileges by modifying the MANPATH to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1178 (Buffer overflow in xman allows local users to gain privileges via a lo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1173 (Vulnerability in MasqMail before 0.1.15 allows local users to gain pri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1171 (Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1170 (AmTote International homebet program stores the homebet.log file in th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1169 (keyinit in S/Key does not require authentication to initialize a one-t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1168 (Directory traversal vulnerability in index.php in PhpMyExplorer before ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1167 REJECTED CVE-2001-1165 (Intego FileGuard 4.0 uses weak encryption to store user information an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1164 (Buffer overflow in uucp utilities in UnixWare 7 allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1163 (Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1159 (load_prefs.php and supporting include files in SquirrelMail 1.0.4 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1157 (Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filte ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1156 (TYPSoft FTP 0.95 allows remote attackers to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1154 (Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1152 (Baltimore Technologies WEBsweeper 4.02, when used to manage URL blackl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1151 (Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1150 (Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1148 (Multiple buffer overflows in programs used by scoadmin and sysadmsh in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1143 (IBM DB2 7.0 allows a remote attacker to cause a denial of service (cra ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1142 (ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1140 (BadBlue Personal Edition v1.02 beta allows remote attackers to read so ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1139 (Directory traversal vulnerability in ASCII NT WinWrapper Professional ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1138 (Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1137 (D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1136 (The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1135 (ZyXEL Prestige 642R and 642R-I routers do not filter the routers' Teln ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1134 (Xerox DocuPrint N40 Printers allow remote attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1133 (Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1131 (Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1129 (Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mpro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1128 (Buffer overflow in Progress database 8.3D and 9.1C allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1127 (Buffer overflow in Progress database 8.3D and 9.1C could allow a local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1126 (Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1125 (Symantec LiveUpdate before 1.6 does not use cryptography to ensure the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1124 (rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1123 (Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP Open ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1122 (Windows NT 4.0 SP 6a allows a local user with write access to winnt/sy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1120 (Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1115 (generate.cgi in SIX-webboard 2.01 and before allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1114 (book.cgi in NetCode NC Book 0.2b allows remote attackers to execute ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1112 (Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1111 (EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.da ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1110 (EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials b ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1109 (Directory traversal vulnerability in EFTP 2.0.7.337 allows remote auth ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1107 (SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1105 (RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches ...) NOT-FOR-US: Cisco CVE-2001-1104 (SonicWALL SOHO uses easily predictable TCP sequence numbers, which all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1102 (Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1101 (The Log Viewer function in the Check Point FireWall-1 GUI for Solaris ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1097 (Cisco routers and switches running IOS 12.0 through 12.2.1 allows a re ...) NOT-FOR-US: Cisco CVE-2001-1094 (NetOp School 1.5 allows local users to bypass access restrictions on t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1093 (Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows loca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1092 (msgchk in Digital UNIX 4.0G and earlier allows a local user to read th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1091 (The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1090 (nss_postgresql 0.6.1 and before allows a remote attacker to execute ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1087 (The default configuration of the config.http.tunnel.allow_ports option ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1086 (XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1082 (Directory traversal vulnerability in Livingston/Lucent RADIUS before 2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1078 (Format string vulnerability in flog function of eXtremail 1.1.9 and ea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1077 (Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1076 (Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows loc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1073 (Webridge PX Application Suite allows remote attackers to obtain sensit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1070 (Sage Software MAS 200 allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1068 (qpopper 4.01 with PAM based authentication on Red Hat systems generate ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1065 (Web-based configuration utility in Cisco 600 series routers running CB ...) NOT-FOR-US: Cisco CVE-2001-1064 (Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows rem ...) NOT-FOR-US: Cisco CVE-2001-1061 (Vulnerability in lsmcode in unknown versions of AIX, possibly related ...) NOT-FOR-US: AIX CVE-2001-1060 (phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1058 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1057 (The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1052 (Empris PHP script allows remote attackers to include arbitrary files f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1051 (Dark Hart Portal (darkportal) PHP script allows remote attackers to in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1050 (CCCSoftware CCC PHP script allows remote attackers to include arbitrar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1047 (Race condition in OpenBSD VFS allows local users to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1045 (Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1044 (Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1042 (Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1041 (oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1040 (HP LaserJet, and possibly other JetDirect devices, resets the admin pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1039 (The JetAdmin web interface for HP JetDirect does not set a password fo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1034 (Format string vulnerability in Hylafax on FreeBSD allows local users t ...) {DSA-148} - hylafax 4.1.2-2.1 CVE-2001-1033 (Compaq TruCluster 1.5 allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1031 (Directory traversal vulnerability in Meteor FTP 1.0 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1026 (Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs whe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1025 (PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operatio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1024 (login.gas.bat and other CGI scripts in Entrust getAccess allow remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1023 (Xcache 2.1 allows remote attackers to determine the absolute path of w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1021 (Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1019 (Directory traversal vulnerability in view_item CGI program in sglMerch ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1018 (Lotus Domino web server 5.08 allows remote attackers to determine the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1015 (Buffer overflow in Snes9x 1.37, when installed setuid root, allows loc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1014 (eshop.pl in WebDiscount(e)shop allows remote attackers to execute arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1013 (Apache on Red Hat Linux with with the UserDir directive enabled genera ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1012 (Vulnerability in screen before 3.9.10, related to a multi-attach error ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1009 (Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1007 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a smal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1006 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not en ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1005 (Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1004 (Cross-site scripting (CSS) vulnerability in gnut Gnutella client befor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1003 (Respondus 1.1.2 for WebCT uses weak encryption to remember usernames a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-1000 (rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0999 (Outlook Express 6.00 allows remote attackers to execute arbitrary scri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0997 (Textor Webmasters Ltd listrec.pl CGI program allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0996 (POP3Lite before 0.2.4 does not properly quote a . (dot) in an email me ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0994 (Marconi ForeThought 7.1 allows remote attackers to cause a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0992 (shopplus.cgi in ShopPlus shopping cart allows remote attackers to exec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0991 (Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0990 (Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, comp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0989 (Buffer overflows in Pileup before 1.2 allows local users to gain root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0988 (Arkeia backup server 4.2.8-2 and earlier creates its database files wi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0986 (SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote at ...) NOT-FOR-US: Microsoft CVE-2001-0985 (shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0984 (Password Safe 1.7(1) leaves cleartext passwords in memory when a user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0983 (UltraEdit uses weak encryption to record FTP passwords in the uedit32. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0979 (Buffer overflow in swverify in HP-UX 11.0, and possibly other programs ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0976 (Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earli ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0975 (Buffer overflow vulnerabilities in Oracle Internet Directory Server (L ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0974 (Format string vulnerabilities in Oracle Internet Directory Server (LDA ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0972 (Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0971 (Directory traversal vulnerability in ACI 4d webserver allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0970 (Cross-site scripting vulnerability in TDForum 1.2 CGI script (tdforum1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0968 (Knox Arkeia server 4.2, and possibly other versions, installs its root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0967 (Knox Arkeia server 4.2, and possibly other versions, uses a constant s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0966 (Directory traversal vulnerability in Nudester 1.10 and earlier allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0964 (Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows mal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0958 (Buffer overflows in eManager plugin for Trend Micro InterScan VirusWal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0956 (speechd 0.54 and earlier, with the Festival or rsynth speech synthesis ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0955 (Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0953 (Kebi WebMail allows remote attackers to access the administrator menu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0952 (THQ Volition Red Faction Game allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0950 (ValiCert Enterprise Validation Authority (EVA) Administration Server 3 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0949 (Buffer overflows in forms.exe CGI program in ValiCert Enterprise Valid ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0948 (Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Valida ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0947 (Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0945 (Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0944 (DDE in mIRC allows local users to launch applications under another us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0943 (dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0942 (dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment vari ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0941 (Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0938 (Directory traversal vulnerability in AspUpload 2.1, in certain configu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0937 (PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0935 (Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0934 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0933 (Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the con ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0932 (Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0931 (Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0930 (Sendpage.pl allows remote attackers to execute arbitrary commands via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0928 (Buffer overflow in the permitted function of GNOME gtop daemon (libgto ...) {DSA-301} - libgtop 1.0.13-4 CVE-2001-0927 (Format string vulnerability in the permitted function of GNOME libgtop ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0926 (SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0925 (The default installation of Apache before 1.3.19 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0924 (Directory traversal vulnerability in ifx CGI program in Informix Web D ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0923 (RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0922 (ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier version ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0919 (Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow c ...) NOT-FOR-US: Microsoft CVE-2001-0916 (Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0915 (Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0913 (Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0911 (PHP-Nuke 5.1 stores user and administrator passwords in a base-64 enco ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0910 (Legato Networker before 6.1 allows remote attackers to bypass access r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0908 (CITRIX Metaframe 1.8 logs the Client Address (IP address) that is prov ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0904 (Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies ...) NOT-FOR-US: Microsoft CVE-2001-0903 (Linear key exchange process in High-bandwidth Digital Content Protecti ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0898 (Opera 6.0 and earlier allows remote attackers to access sensitive info ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0897 (Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0893 (Acme mini_httpd before 1.16 allows remote attackers to view sensitive ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0892 (Acme Thttpd Secure Webserver before 2.22, with the chroot option enabl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0890 (Certain backend drivers in the SANE library 1.0.3 and earlier, as used ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0885 RESERVED CVE-2001-0883 RESERVED CVE-2001-0882 RESERVED CVE-2001-0881 RESERVED CVE-2001-0880 RESERVED CVE-2001-0878 RESERVED CVE-2001-0871 (Directory traversal vulnerability in HTTP server for Alchemy Eye and A ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0870 (HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0868 (Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve syst ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0858 (Buffer overflow in pppattach and other linked PPP utilities in Caldera ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0856 (Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0855 (Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0854 (PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0853 (Directory traversal vulnerability in Entrust GetAccess allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0849 (viralator CGI script in Viralator 0.9pre1 and earlier allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0848 (join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0847 (Lotus Domino Web Server 5.x allows remote attackers to gain sensitive ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0845 (Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0844 (Vulnerability in (1) Book of guests and (2) Post it! allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0842 (Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0841 (Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0840 (Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0839 (ibillpm.pl in iBill password management system generates weak password ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0838 (Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0835 (Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0832 (Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0831 (Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0829 (A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a m ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0827 (Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0826 (Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0824 (Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0821 (The default configuration of DCShop 1.002 beta places sensitive files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0820 (Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to exec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0818 (A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0817 (Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0814 REJECTED CVE-2001-0813 REJECTED CVE-2001-0812 REJECTED CVE-2001-0811 REJECTED CVE-2001-0810 REJECTED CVE-2001-0809 (Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0808 (gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0807 (Internet Explorer 5.0, and possibly other versions, may allow remote a ...) NOT-FOR-US: Microsoft CVE-2001-0802 REJECTED CVE-2001-0800 (lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0799 (Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0798 REJECTED CVE-2001-0795 (Perception LiteServe 1.25 allows remote attackers to obtain source cod ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0794 (Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0791 (Trend Micro InterScan VirusWall for Windows NT allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0790 (Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0789 (Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 fo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0788 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0786 (Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0785 (Directory traversal in Webpaging interface in Internet Software Soluti ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0783 (Cisco TFTP server 1.1 allows remote attackers to read arbitrary files ...) NOT-FOR-US: Cisco CVE-2001-0782 (KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0781 (Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0780 (Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Direc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0778 (OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0777 (Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0776 (Buffer overflow in DynFX MailServer version 2.10 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0775 (Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux all ...) {DSA-695-1} - xli 1.17.0-17 CVE-2001-0772 (Buffer overflows and other vulnerabilities in multiple Common Desktop ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0771 (Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0768 (GuildFTPd 0.9.7 stores user names and passwords in plaintext in the de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0767 (Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0766 (Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0762 (Buffer overflow in su-wrapper 1.1.1 allows local users to execute arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0761 (Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0759 (Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0758 (Directory traversal vulnerability in Shambala 4.5 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0756 (CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in VirtualC ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0755 (Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0753 (Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) ...) NOT-FOR-US: Cisco CVE-2001-0747 (Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0746 (Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0744 (Horde IMP 2.2.4 and earlier allows local users to overwrite files via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0743 (Paging function in O'Reilly WebBoard Pager 4.10 allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0742 (Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0737 (A long 'synch' delay in Logitech wireless mice and keyboard receivers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0736 (Vulnerability in (1) pine before 4.33 and (2) the pico editor, include ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0735 (Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARS ...) - cfingerd 1.4.3-1.1 (bug #104394) NOTE: 1.4.3-1.2 is not in the PTS, but 1.4.3-1.2 incorporates NOTE: its changes. CVE-2001-0734 (Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0729 (Apache 1.3.20 on Windows servers allows remote attackers to bypass the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0725 RESERVED CVE-2001-0721 (Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0715 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0714 (Sendmail before 8.12.1, without the RestrictQueueRun option enabled, a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0713 (Sendmail before 8.12.1 does not properly drop privileges when the -C o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0712 (The rendering engine in Internet Explorer determines the MIME type ind ...) NOT-FOR-US: Microsoft CVE-2001-0711 (Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a d ...) NOT-FOR-US: Cisco CVE-2001-0709 (Microsoft IIS 4.0 and before, when installed on a FAT partition, allow ...) NOT-FOR-US: Microsoft CVE-2001-0708 (Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0707 (Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a den ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0705 (Directory traversal vulnerability in tradecli.dll in Arcadia Internet ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0704 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0703 (tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0702 (Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0695 (WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0694 (Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0693 (WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view sc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0691 (Buffer overflows in Washington University imapd 2000a through 2000c co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0689 (Vulnerability in TrendMicro Virus Control System 1.8 allows a remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0688 (Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0687 (Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0684 (Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0683 (Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0681 (Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0679 (A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0678 (A buffer overflow in reggo.dll file used by Trend Micro InterScan Viru ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0674 (Directory traversal vulnerability in RobTex Viking Web server before 1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0673 RESERVED CVE-2001-0672 RESERVED CVE-2001-0671 (Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0669 (Various Intrusion Detection Systems (IDS) including (1) Cisco Secure I ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0661 RESERVED CVE-2001-0657 REJECTED CVE-2001-0656 REJECTED CVE-2001-0655 REJECTED CVE-2001-0654 REJECTED CVE-2001-0649 (Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0647 (Orange Web Server 2.1, based on GoAhead, allows a remote attacker to p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0645 (Symantec/AXENT NetProwler 3.5.x contains several default passwords, wh ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0642 (Directory traversal vulnerability in IncrediMail version 1400185 and e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0636 (Buffer overflows in Raytheon SilentRunner allow remote attackers to (1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0633 (Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Un ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0632 (Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0624 (QNX 2.4 allows a local user to read arbitrary files by directly access ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0623 (sendfiled, as included with Simple Asynchronous File Transfer (SAFT), ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0620 (iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0619 (The Lucent Closed Network protocol can allow remote attackers to join ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0618 (Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0617 (Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0614 (Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0610 (kfm as included with KDE 1.x can allow a local attacker to gain additi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0609 (Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0608 (HP architected interface facility (AIF) as includes with MPE/iX 5.5 th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0607 (asecure as included with HP-UX 10.01 through 11.00 can allow a local a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0606 (Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with Vir ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0605 (Headlight Software MyGetright prior to 1.0b allows a remote attacker t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0604 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0603 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0602 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0601 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0600 (Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0599 (Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0598 (Symantec Ghost 6.5 and earlier allows a remote attacker to create a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0597 (Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0592 (Watchguard Firebox II prior to 4.6 allows a remote attacker to create ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0588 (sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenS ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0587 (deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a lo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0584 (IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0583 (Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0582 (Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0581 (Spytech Spynet Chat Server 6.5 allows a remote attacker to create a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0580 (Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0579 (lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain add ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0578 (Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a loc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0577 (recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0576 (lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a lo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0575 (Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0572 (The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and ot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0571 (Directory traversal vulnerability in the web server for (1) Elron Inte ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0570 (minicom 1.83.1 and earlier allows a local attacker to gain additional ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0569 (Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0568 (Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Z ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0566 (Cisco Catalyst 2900XL switch allows a remote attacker to create a deni ...) NOT-FOR-US: Cisco CVE-2001-0562 (a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0561 (Directory traversal vulnerability in Drummond Miles A1Stats prior to 1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0557 (T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0556 (The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0555 (ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0552 (ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Net ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0551 (Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0542 (Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers ...) NOT-FOR-US: Microsoft CVE-2001-0539 RESERVED CVE-2001-0535 (Example applications (Exampleapps) in ColdFusion Server 4.x do not pro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0534 (Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0532 RESERVED CVE-2001-0531 RESERVED CVE-2001-0524 (eEye SecureIIS versions 1.0.3 and earlier does not perform length chec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0523 (eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0521 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0520 (Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0519 (Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0516 (Oracle listener between Oracle 9i and Oracle 8.0 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0515 (Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0509 (Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 a ...) NOT-FOR-US: Microsoft CVE-2001-0505 (Multiple memory leaks in Microsoft Services for Unix 2.0 allow remote ...) NOT-FOR-US: Microsoft CVE-2001-0499 (Buffer overflow in Transparent Network Substrate (TNS) Listener in Ora ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0498 (Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0496 (kdesu in kdelibs package creates world readable temporary files contai ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0492 (Netcruiser Web server version 0.1.2.8 and earlier allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0491 (Directory traversal vulnerability in RaidenFTPD Server 2.1 before buil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0490 (Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0484 (Tektronix PhaserLink 850 does not require authentication for access to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0483 (Configuration error in Axent Raptor Firewall 6.5 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0480 (Directory traversal vulnerability in Alex's FTP Server 0.7 allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0479 (Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier vers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0478 (Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier vers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0477 (Vulnerability in WebCalendar 0.9.26 allows remote command execution. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0476 (Multiple buffer overflows in s.cgi program in Aspseek search engine 1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0472 (Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0471 (SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0470 (Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0468 (Buffer overflow in FTPFS allows local users to gain root privileges vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0466 (Directory traversal vulnerability in ustorekeeper 1.61 allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0464 (Buffer overflow in websync.exe in Cyberscheduler allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0460 (Websweeper 4.0 does not limit the length of certain HTTP headers, whic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0459 (Buffer overflows in ascdc Afterstep while running setuid allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0458 (Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0454 (Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0453 (Directory traversal vulnerability in BRS WebWeaver HTTP server allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0452 (BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0451 (INDEXU 2.0 beta and earlier allows remote attackers to bypass authenti ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0450 (Directory traversal vulnerability in Transsoft FTP Broker before 5.5 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0448 (Web configuration server in 602Pro LAN SUITE allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0447 (Web configuration server in 602Pro LAN SUITE allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0446 (IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0443 (Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0441 (Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn n ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0438 (Preview version of Timbuktu for Mac OS X allows local users to modify ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0437 (upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0436 (dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0435 (The split key mechanism used by PGP 7.0 allows a key share holder to o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0433 (Buffer overflow in Savant 3.0 web server allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0432 (Buffer overflows in various CGI programs in the remote administration ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0431 (Vulnerability in iPlanet Web Server Enterprise Edition 4.x. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0426 (Buffer overflow in dtsession on Solaris, and possibly other operating ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0425 (AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileg ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0424 (BubbleMon 1.31 does not properly drop group privileges before executin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0421 (FTP server in Solaris 8 and earlier allows local and remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0420 (Directory traversal vulnerability in talkback.cgi program allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0419 (Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iW ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0418 (content.pl script in NCM Content Management System allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0417 (Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0415 (REDIPlus program, REDI.exe, stores passwords and user names in clearte ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0411 (Reliant Unix 5.44 and earlier allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0410 (Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0406 (Samba before 2.2.0 allows local attackers to overwrite arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0404 (Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0403 (/opt/JSparm/bin/perfmon program in Solaris allows local users to creat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0401 (Buffer overflow in tip in Solaris 8 and earlier allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0400 (nph-maillist.pl allows remote attackers to execute arbitrary commands ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0399 (Caucho Resin 1.3b1 and earlier allows remote attackers to read source ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0398 (The BAT! mail client allows remote attackers to bypass user warnings o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0397 (Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0396 (The pre-login mode in the System Administrator interface of Lightwave ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0395 (Lightwave ConsoleServer 3200 does not disconnect users after unsuccess ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0393 (Navision Financials Server 2.0 allows remote attackers to cause a deni ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0392 (Navision Financials Server 2.60 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0391 (Xitami 2.5d4 and earlier allows remote attackers to crash the server v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0390 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0389 (IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0385 (GoAhead webserver 2.1 allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0384 (ppd in Reliant Sinix allows local users to corrupt arbitrary files via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0382 (Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0381 (The OpenPGP PGP standard allows an attacker to determine the private s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0380 (Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0376 (SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0374 (The HTTP server in Compaq web-enabled management software for (1) Foun ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0372 (Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a def ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0370 (fcheck prior to 2.57.59 calls the file signature checking program inse ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0369 (Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0367 (Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0360 (Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0359 (Format string vulnerability in Sierra Half-Life build 1573 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0358 (Buffer overflows in Sierra Half-Life build 1573 and earlier allow remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0357 (FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0355 (Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0354 (TheNet CheckBO 1.56 allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0352 (SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0350 (Microsoft Windows 2000 telnet service creates named pipes with predict ...) NOT-FOR-US: Microsoft CVE-2001-0349 (Microsoft Windows 2000 telnet service creates named pipes with predict ...) NOT-FOR-US: Microsoft CVE-2001-0343 RESERVED CVE-2001-0342 RESERVED CVE-2001-0337 (The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier in ...) NOT-FOR-US: Microsoft CVE-2001-0332 (Internet Explorer 5.5 and earlier does not properly verify the domain ...) NOT-FOR-US: Microsoft CVE-2001-0329 (Bugzilla 2.10 allows remote attackers to execute arbitrary commands vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0328 (TCP implementations that use random increments for initial sequence nu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0325 (Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a den ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0324 (Windows 98 and Windows 2000 Java clients allow remote attackers to cau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0323 (The ICMP path MTU (PMTU) discovery feature in various UNIX systems all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0322 (MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, a ...) NOT-FOR-US: Microsoft CVE-2001-0320 (bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0315 (The locking feature in mIRC 5.7 allows local users to bypass the passw ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0314 (Buffer overflow in www.tol module in America Online (AOL) 5.0 may allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0313 (Borderware Firewall Server 6.1.2 allows remote attackers to cause a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0312 (IBM WebSphere plugin for Netscape Enterprise server allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0308 (UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0307 (Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0306 (Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0305 (Directory traversal vulnerability in store.cgi in Thinking Arts ES.One ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0304 (Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0303 (tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to det ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0302 (Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0300 (oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (lda ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0298 (Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0297 (Directory traversal vulnerability in Simple Server HTTPd 1.0 (original ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0296 (Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0294 (Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0293 (Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0292 (PHP-Nuke 4.4.1a allows remote attackers to modify a user's email addre ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0291 (Buffer overflow in post-query sample CGI program allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0286 (Directory traversal vulnerability in A1 HTTP server 1.0a allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0285 (Buffer overflow in A1 HTTP server 1.0a allows remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0283 (Directory traversal vulnerability in SunFTP build 9 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0282 (SEDUM 2.1 HTTP server allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0281 (Format string vulnerability in DbgPrint function, used in debug messag ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0277 (Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0275 (Moby Netsuite Web Server 1.02 allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0273 (pgp4pine Pine/PGP interface version 1.75-6 does not properly check to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0272 (Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0271 (mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0270 (Marconi ASX-1000 ASX switches allow remote attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0264 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0263 (Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0262 (Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0261 (Microsoft Windows 2000 Encrypted File System does not properly destroy ...) NOT-FOR-US: Microsoft CVE-2001-0258 (The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0257 (Buffer overflow in Easycom/Safecom Print Server Web service, version 4 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0256 (FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0255 (FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary di ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0254 (FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0253 (Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0251 (The Web Publishing feature in Netscape Enterprise Server 3.x allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0250 (The Web Publishing feature in Netscape Enterprise Server 4.x and earli ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0249 (Heap overflow in FTP daemon in Solaris 8 allows remote attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0248 (Buffer overflow in FTP server in HPUX 11 allows remote attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0247 (Buffer overflows in BSD-based FTP servers allows remote attackers to e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0246 (Internet Explorer 5.5 and earlier does not properly verify the domain ...) NOT-FOR-US: Microsoft CVE-2001-0242 (Buffer overflows in Microsoft Windows Media Player 7 and earlier allow ...) NOT-FOR-US: Microsoft CVE-2001-0232 (newsdesk.cgi in News Desk 1.2 allows remote attackers to read arbitrar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0231 (Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0229 (Chili!Soft ASP for Linux before 3.6 does not properly set group privil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0228 (Directory traversal vulnerability in GoAhead web server 2.1 and earlie ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0227 (Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0226 (Directory traversal vulnerability in BiblioWeb web server 2.0 allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0225 (fortran math component in Infobot 0.44.5.3 and earlier allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0224 (Muscat Empower CGI program allows remote attackers to obtain the absol ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0223 (Buffer overflow in wwwwais allows remote attackers to execute arbitrar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0220 (Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0217 (Directory traversal vulnerability in PALS Library System pals-cgi prog ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0216 (PALS Library System pals-cgi program allows remote attackers to execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0214 (Way-board CGI program allows remote attackers to read arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0213 (Buffer overflow in pi program in PlanetIntra 2.5 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0212 (Directory traversal vulnerability in HIS Auktion 1.62 allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0211 (Directory traversal vulnerability in WebSPIRS 3.1 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0210 (Directory traversal vulnerability in commerce.cgi CGI program allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0209 (Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) 1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0208 (MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0206 (Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0205 (Directory traversal vulnerability in AOLserver 3.2 and earlier allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0202 (Picserver web server allows remote attackers to read arbitrary files v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0201 (The Postaci frontend for PostgreSQL does not properly filter character ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0200 (HSWeb 2.0 HTTP server allows remote attackers to obtain the physical p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0199 (Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0198 (Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0192 (Buffer overflows in CTRLServer in XMail allows attackers to execute ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0188 (GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0186 (Directory traversal vulnerability in Free Java Web Server 1.0 allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0184 (eEye Iris 1.01 beta allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0181 (Format string vulnerability in the error logging code of DHCP server a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0180 (Lars Ellingsen guestserver.cgi allows remote attackers to execute arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0177 (WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a deni ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0173 (Buffer overflow in qDecoder library 5.08 and earlier, as used in Crazy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0172 (Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0171 (Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0168 (Buffer overflow in AT&T WinVNC (Virtual Network Computing) server ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0167 (Buffer overflow in AT&T WinVNC (Virtual Network Computing) client ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0163 (Cisco AP340 base station produces predictable TCP Initial Sequence Num ...) NOT-FOR-US: Cisco CVE-2001-0162 (WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISN ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0161 (Cisco 340-series Aironet access point using firmware 11.01 does not us ...) NOT-FOR-US: Cisco CVE-2001-0160 (Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vecto ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0159 RESERVED CVE-2001-0158 RESERVED CVE-2001-0146 (IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-2001-0145 (Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook E ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0135 (The default installation of Ultraboard 2000 2.11 creates the Skins, Da ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0134 (Buffer overflow in cpqlogin.htm in web-enabled agents for various Comp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0133 (The web administration interface for Interscan VirusWall 3.6.x and ear ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0132 (Interscan VirusWall 3.6.x and earlier follows symbolic links when unin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0131 (htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local ...) {DSA-195 DSA-188 DSA-187} - apache-perl 1.3.26-1.1-1.27-3-1 - apache 1.3.27-1 CVE-2001-0127 (Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plug ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0114 (statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0113 (statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0112 (Multiple buffer overflows in splitvt before 1.6.5 allow local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0107 (Veritas Backup agent on Linux allows remote attackers to cause a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0104 (MDaemon Pro 3.5.1 and earlier allows local users to bypass the "lock s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0103 (CoffeeCup Direct and Free FTP clients uses weak encryption to store pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0102 ("Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0101 (Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSS ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0098 (Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0097 (The Web interface for Infinite Interchange 3.6.1 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0093 (Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain roo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0088 (common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CO ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0087 (itetris/xitetris 1.6.2 and earlier trusts the PATH environmental varia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0086 (CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0084 (GTK+ library allows local users to specify arbitrary modules via the G ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0082 (Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0079 (Support Tools Manager (STM) A.22.00 for HP-UX allows local users to ov ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0076 (register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0075 (Directory traversal vulnerability in main.cgi in Technote allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0074 (Directory traversal vulnerability in print.cgi in Technote allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0073 (Buffer overflow in the find_default_type function in libsecure in NSA ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0070 (Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0068 (Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use mal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0067 (The installation of J-Pilot creates the .jpilot directory with the use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0065 (Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a den ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0064 (Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0052 (IBM DB2 Universal Database version 6.1 allows users to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0051 (IBM DB2 Universal Database version 6.1 creates an account with a defau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0049 (WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0048 (The "Configure Your Server" tool in Microsoft 2000 domain controllers ...) NOT-FOR-US: Microsoft CVE-2001-0047 (The default permissions for the MTS Package Administration registry ke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0046 (The default permissions for the SNMP Parameters registry key in Window ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0045 (The default permissions for the RAS Administration key in Windows NT 4 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0044 (Multiple buffer overflows in Lexmark MarkVision printer driver program ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0038 (Offline Explorer 1.4 before Service Release 2 allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0037 (Directory traversal vulnerability in HomeSeer before 1.4.29 allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0032 (Format string vulnerability in ssldump possibly allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0031 (BroadVision One-To-One Enterprise allows remote attackers to determine ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0030 (FoolProof 3.9 allows local users to bypass program execution restricti ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0029 (Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other ver ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0027 (mod_sqlpw module in ProFTPD does not reset a cached password when a us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0025 (ad.cgi CGI program by Leif Wright allows remote attackers to execute a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0024 (simplestmail.cgi CGI program by Leif Wright allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0023 (everythingform.cgi CGI program by Leif Wright allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0022 (simplestguest.cgi CGI program by Leif Wright allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-2001-0019 (Arrowpoint (aka Cisco Content Services, or CSS) allows local users to ...) NOT-FOR-US: Cisco