Filtered by vendor Debian
Subscribe
Total
9006 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1561 | 2 Debian, John Bovey | 2 Debian Linux, Xvt | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments. | |||||
CVE-2002-0875 | 2 Debian, Sgi | 3 Debian Linux, Fam, Irix | 2024-02-28 | 2.1 LOW | N/A |
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. | |||||
CVE-2003-0214 | 1 Debian | 1 Mime-support | 2024-02-28 | 4.6 MEDIUM | N/A |
run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | |||||
CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2024-02-28 | 1.2 LOW | N/A |
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2000-0289 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection. | |||||
CVE-2004-1145 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | |||||
CVE-2002-1235 | 3 Debian, Kth, Mit | 4 Debian Linux, Kth Kerberos 4, Kth Kerberos 5 and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2024-02-28 | 7.2 HIGH | N/A |
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | |||||
CVE-2003-0382 | 2 Debian, Michael Jennings | 2 Debian Linux, Eterm | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. | |||||
CVE-2004-0583 | 3 Debian, Usermin, Webmin | 3 Debian Linux, Usermin, Webmin | 2024-02-28 | 5.0 MEDIUM | N/A |
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. | |||||
CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2024-02-28 | 7.2 HIGH | N/A |
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
CVE-1999-1390 | 1 Debian | 1 Debian Linux | 2024-02-28 | 7.2 HIGH | N/A |
suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line. | |||||
CVE-2003-0098 | 2 Apcupsd, Debian | 2 Apcupsd, Debian Linux | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | |||||
CVE-2003-0358 | 3 Debian, Falconseye Project, Nethack | 3 Debian Linux, Falconseye, Nethack | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option. | |||||
CVE-2001-0416 | 3 Debian, Immunix, Mandrakesoft | 3 Sgml-tools, Immunix, Mandrake Linux | 2024-02-28 | 2.1 LOW | N/A |
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools. | |||||
CVE-2001-0441 | 3 Debian, Mandrakesoft, Redhat | 4 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header. | |||||
CVE-1999-0368 | 7 Caldera, Debian, Proftpd Project and 4 more | 8 Openlinux, Debian Linux, Proftpd and 5 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. | |||||
CVE-2004-1142 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | |||||
CVE-2001-0195 | 1 Debian | 1 Debian Linux | 2024-02-28 | 2.1 LOW | 7.8 HIGH |
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. |