GNU/Linux

CVEs (4)

CVE	Vendor / Product	Risk	CVSS	Published	Description
CVE-2006-7098	Apache HTTP Server	0.03	—	Mar 3, 2007	The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
CVE-2006-1376	Debian GNU/Linux	0.00	—	Mar 24, 2006	The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption).
CVE-2000-0145	Debian GNU/Linux	0.00	—	Feb 5, 2000	The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.
CVE-2000-0366	Debian GNU/Linux	0.00	—	Dec 2, 1999	dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files.

CVE-2006-7098Mar 3, 2007
Apache
HTTP Server
risk 0.03cvss —epss 0.00
The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
CVE-2006-1376Mar 24, 2006
Debian
GNU/Linux
risk 0.00cvss —epss 0.00
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption).
CVE-2000-0145Feb 5, 2000
Debian
GNU/Linux
risk 0.00cvss —epss 0.00
The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.
CVE-2000-0366Dec 2, 1999
Debian
GNU/Linux
risk 0.00cvss —epss 0.00
dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files.