Vendor CVEs
Debian
All CVEs
3,303 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1145 | 0.00 | — | 0.04 | Dec 15, 2004 | Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read… | |||
| CVE-2004-0451 | 0.00 | — | 0.04 | Dec 6, 2004 | Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog. | |||
| CVE-2004-0455 | 0.00 | — | 0.01 | Dec 6, 2004 | Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. | |||
| CVE-2004-0456 | 0.00 | — | 0.03 | Dec 6, 2004 | Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. | |||
| CVE-2004-0837 | 0.00 | — | 0.05 | Nov 3, 2004 | MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs. | |||
| CVE-2004-0911 | 0.00 | — | 0.03 | Nov 3, 2004 | telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554. | |||
| CVE-2004-0793 | 0.00 | — | 0.01 | Oct 20, 2004 | The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file. | |||
| CVE-2004-0408 | 0.00 | — | 0.03 | Sep 28, 2004 | Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code. | |||
| CVE-2004-0643 | 0.00 | — | 0.01 | Sep 28, 2004 | Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. | |||
| CVE-2004-0583 | 0.00 | — | 0.02 | Aug 6, 2004 | The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. | |||
| CVE-2004-0522 | 0.00 | — | 0.03 | Aug 6, 2004 | Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. | |||
| CVE-2004-0579 | 0.00 | — | 0.00 | Aug 6, 2004 | Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root. | |||
| CVE-2004-0640 | 0.00 | — | 0.04 | Aug 6, 2004 | Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code. | |||
| CVE-2004-0404 | 0.00 | — | 0.00 | Jul 7, 2004 | logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp. | |||
| CVE-2004-0398 | 0.00 | — | 0.05 | Jul 7, 2004 | Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client. | |||
| CVE-2004-0488 | 0.00 | — | 0.38 | Jul 7, 2004 | Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | |||
| CVE-2003-0648 | 0.00 | — | 0.05 | May 4, 2004 | Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. | |||
| CVE-2003-0618 | 0.00 | — | 0.00 | May 4, 2004 | Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions. | |||
| CVE-2003-0202 | 0.00 | — | 0.00 | Apr 15, 2004 | The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | |||
| CVE-2004-0160 | 0.00 | — | 0.00 | Mar 29, 2004 | Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file. | |||
| CVE-2003-0828 | 0.00 | — | 0.00 | Mar 29, 2004 | Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables. | |||
| CVE-2004-1180 | 0.00 | — | 0.02 | Feb 16, 2004 | Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). | |||
| CVE-2003-1022 | 0.00 | — | 0.02 | Jan 20, 2004 | Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. | |||
| CVE-2004-0011 | 0.00 | — | 0.04 | Jan 20, 2004 | Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code. | |||
| CVE-2004-1000 | 0.00 | — | 0.00 | Jan 10, 2004 | lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack. | |||
| CVE-2003-0615 | 0.00 | — | 0.04 | Aug 27, 2003 | Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. | |||
| CVE-2003-0538 | 0.00 | — | 0.01 | Aug 18, 2003 | The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program. | |||
| CVE-2003-0440 | 0.00 | — | 0.00 | Aug 18, 2003 | The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||
| CVE-2003-0367 | 0.00 | — | 0.00 | Jul 2, 2003 | znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||
| CVE-2003-0382 | 0.00 | — | 0.00 | Jul 2, 2003 | Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. | |||
| CVE-2003-0360 | 0.00 | — | 0.02 | Jun 9, 2003 | Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. | |||
| CVE-2003-0361 | 0.00 | — | 0.02 | Jun 9, 2003 | gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp. | |||
| CVE-2003-0362 | 0.00 | — | 0.01 | Jun 9, 2003 | Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines. | |||
| CVE-2003-0308 | 0.00 | — | 0.00 | May 15, 2003 | The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | |||
| CVE-2003-0214 | 0.00 | — | 0.00 | May 12, 2003 | run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||
| CVE-2003-0120 | 0.00 | — | 0.00 | Mar 7, 2003 | adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name. | |||
| CVE-2003-0098 | 0.00 | — | 0.05 | Mar 3, 2003 | Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | |||
| CVE-2002-1395 | 0.00 | — | 0.00 | Jan 17, 2003 | Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz. | |||
| CVE-2002-2185 | 0.00 | — | 0.02 | Dec 31, 2002 | The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively… | |||
| CVE-2002-1232 | 0.00 | — | 0.03 | Nov 4, 2002 | Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. | |||
| CVE-2002-0839 | 0.00 | — | 0.01 | Oct 11, 2002 | The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be… | |||
| CVE-2002-0910 | 0.00 | — | 0.03 | Oct 4, 2002 | Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to. | |||
| CVE-2002-0912 | 0.00 | — | 0.03 | Oct 4, 2002 | in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow. | |||
| CVE-2002-0062 | 0.00 | — | 0.00 | Mar 8, 2002 | Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | |||
| CVE-2002-0044 | 0.00 | — | 0.00 | Jan 31, 2002 | GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. | |||
| CVE-2001-0886 | 0.00 | — | 0.01 | Dec 21, 2001 | Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. | |||
| CVE-2001-0834 | 0.00 | — | 0.03 | Dec 6, 2001 | htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read… | |||
| CVE-2001-0738 | 0.00 | — | 0.03 | Oct 18, 2001 | LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages. | |||
| CVE-2001-0755 | 0.00 | — | 0.02 | Oct 18, 2001 | Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command. | |||
| CVE-2001-0977 | 0.00 | — | 0.04 | Jul 16, 2001 | slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. |
- CVE-2004-1145Dec 15, 2004risk 0.00cvss —epss 0.04
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read…
- CVE-2004-0451Dec 6, 2004risk 0.00cvss —epss 0.04
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.
- CVE-2004-0455Dec 6, 2004risk 0.00cvss —epss 0.01
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.
- CVE-2004-0456Dec 6, 2004risk 0.00cvss —epss 0.03
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
- CVE-2004-0837Nov 3, 2004risk 0.00cvss —epss 0.05
MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
- CVE-2004-0911Nov 3, 2004risk 0.00cvss —epss 0.03
telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554.
- CVE-2004-0793Oct 20, 2004risk 0.00cvss —epss 0.01
The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file.
- CVE-2004-0408Sep 28, 2004risk 0.00cvss —epss 0.03
Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code.
- CVE-2004-0643Sep 28, 2004risk 0.00cvss —epss 0.01
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
- CVE-2004-0583Aug 6, 2004risk 0.00cvss —epss 0.02
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
- CVE-2004-0522Aug 6, 2004risk 0.00cvss —epss 0.03
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.
- CVE-2004-0579Aug 6, 2004risk 0.00cvss —epss 0.00
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
- CVE-2004-0640Aug 6, 2004risk 0.00cvss —epss 0.04
Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code.
- CVE-2004-0404Jul 7, 2004risk 0.00cvss —epss 0.00
logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.
- CVE-2004-0398Jul 7, 2004risk 0.00cvss —epss 0.05
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
- CVE-2004-0488Jul 7, 2004risk 0.00cvss —epss 0.38
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
- CVE-2003-0648May 4, 2004risk 0.00cvss —epss 0.05
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.
- CVE-2003-0618May 4, 2004risk 0.00cvss —epss 0.00
Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
- CVE-2003-0202Apr 15, 2004risk 0.00cvss —epss 0.00
The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2004-0160Mar 29, 2004risk 0.00cvss —epss 0.00
Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file.
- CVE-2003-0828Mar 29, 2004risk 0.00cvss —epss 0.00
Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables.
- CVE-2004-1180Feb 16, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
- CVE-2003-1022Jan 20, 2004risk 0.00cvss —epss 0.02
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.
- CVE-2004-0011Jan 20, 2004risk 0.00cvss —epss 0.04
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
- CVE-2004-1000Jan 10, 2004risk 0.00cvss —epss 0.00
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.
- CVE-2003-0615Aug 27, 2003risk 0.00cvss —epss 0.04
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
- CVE-2003-0538Aug 18, 2003risk 0.00cvss —epss 0.01
The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program.
- CVE-2003-0440Aug 18, 2003risk 0.00cvss —epss 0.00
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2003-0367Jul 2, 2003risk 0.00cvss —epss 0.00
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2003-0382Jul 2, 2003risk 0.00cvss —epss 0.00
Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable.
- CVE-2003-0360Jun 9, 2003risk 0.00cvss —epss 0.02
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
- CVE-2003-0361Jun 9, 2003risk 0.00cvss —epss 0.02
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp.
- CVE-2003-0362Jun 9, 2003risk 0.00cvss —epss 0.01
Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines.
- CVE-2003-0308May 15, 2003risk 0.00cvss —epss 0.00
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
- CVE-2003-0214May 12, 2003risk 0.00cvss —epss 0.00
run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2003-0120Mar 7, 2003risk 0.00cvss —epss 0.00
adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name.
- CVE-2003-0098Mar 3, 2003risk 0.00cvss —epss 0.05
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
- CVE-2002-1395Jan 17, 2003risk 0.00cvss —epss 0.00
Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz.
- CVE-2002-2185Dec 31, 2002risk 0.00cvss —epss 0.02
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively…
- CVE-2002-1232Nov 4, 2002risk 0.00cvss —epss 0.03
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
- CVE-2002-0839Oct 11, 2002risk 0.00cvss —epss 0.01
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be…
- CVE-2002-0910Oct 4, 2002risk 0.00cvss —epss 0.03
Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to.
- CVE-2002-0912Oct 4, 2002risk 0.00cvss —epss 0.03
in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow.
- CVE-2002-0062Mar 8, 2002risk 0.00cvss —epss 0.00
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
- CVE-2002-0044Jan 31, 2002risk 0.00cvss —epss 0.00
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
- CVE-2001-0886Dec 21, 2001risk 0.00cvss —epss 0.01
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.
- CVE-2001-0834Dec 6, 2001risk 0.00cvss —epss 0.03
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read…
- CVE-2001-0738Oct 18, 2001risk 0.00cvss —epss 0.03
LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages.
- CVE-2001-0755Oct 18, 2001risk 0.00cvss —epss 0.02
Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command.
- CVE-2001-0977Jul 16, 2001risk 0.00cvss —epss 0.04
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
Page 65 of 67