VYPR

Vendor CVEs

Debian

All CVEs

3,303 total · sorted by risk
  • CVE-2001-0430Jul 2, 2001
    risk 0.00cvss epss 0.00

    Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files.

  • CVE-2001-0457Jun 27, 2001
    risk 0.00cvss epss 0.02

    man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion).

  • CVE-2001-0441Jun 27, 2001
    risk 0.00cvss epss 0.03

    Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

  • CVE-2001-0456Jun 27, 2001
    risk 0.00cvss epss 0.06

    postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.

  • CVE-2001-0416Jun 27, 2001
    risk 0.00cvss epss 0.00

    sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.

  • CVE-2001-0458Jun 27, 2001
    risk 0.00cvss epss 0.02

    Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.

  • CVE-2001-1331May 3, 2001
    risk 0.00cvss epss 0.00

    mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks.

  • CVE-2001-0235Mar 26, 2001
    risk 0.00cvss epss 0.00

    Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running.

  • CVE-2000-0315Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.

  • CVE-2001-0131Mar 12, 2001
    risk 0.00cvss epss 0.02

    htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0138Mar 12, 2001
    risk 0.00cvss epss 0.00

    privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0125Mar 12, 2001
    risk 0.00cvss epss 0.00

    exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

  • CVE-2000-0314Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.

  • CVE-2001-0128Mar 12, 2001
    risk 0.00cvss epss 0.00

    Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

  • CVE-2001-0139Mar 12, 2001
    risk 0.00cvss epss 0.00

    inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

  • CVE-2001-0069Feb 12, 2001
    risk 0.00cvss epss 0.00

    dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2000-1136Jan 9, 2001
    risk 0.00cvss epss 0.00

    elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows local users to overwrite files of other users via a symlink attack.

  • CVE-2000-1135Jan 9, 2001
    risk 0.00cvss epss 0.00

    fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack.

  • CVE-2000-0867Nov 14, 2000
    risk 0.00cvss epss 0.00

    Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

  • CVE-2000-0606Jun 21, 2000
    risk 0.00cvss epss 0.01

    Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.

  • CVE-2000-0510Jun 21, 2000
    risk 0.00cvss epss 0.02

    CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request.

  • CVE-2000-0513Jun 21, 2000
    risk 0.00cvss epss 0.02

    CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password.

  • CVE-2000-0511Jun 21, 2000
    risk 0.00cvss epss 0.02

    CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a CGI POST request.

  • CVE-2000-0512Jun 16, 2000
    risk 0.00cvss epss 0.02

    CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service.

  • CVE-2000-0289Mar 27, 2000
    risk 0.00cvss epss 0.03

    IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.

  • CVE-2000-0145Feb 5, 2000
    risk 0.00cvss epss 0.02

    The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.

  • CVE-2000-0112Feb 2, 2000
    risk 0.00cvss epss 0.00

    The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.

  • CVE-1999-1330Dec 31, 1999
    risk 0.00cvss epss 0.00

    The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.

  • CVE-2000-0076Dec 30, 1999
    risk 0.00cvss epss 0.00

    nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover.

  • CVE-1999-0978Dec 9, 1999
    risk 0.00cvss epss 0.02

    htdig allows remote attackers to execute commands via filenames with shell metacharacters.

  • CVE-2000-0366Dec 2, 1999
    risk 0.00cvss epss 0.00

    dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files.

  • CVE-1999-0831Nov 19, 1999
    risk 0.00cvss epss 0.01

    Denial of service in Linux syslogd via a large number of connections.

  • CVE-1999-0832Nov 9, 1999
    risk 0.00cvss epss 0.03

    Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.

  • CVE-1999-0939Aug 26, 1999
    risk 0.00cvss epss 0.01

    Denial of service in Debian IRC Epic/epic4 client via a long string.

  • CVE-1999-0872Aug 25, 1999
    risk 0.00cvss epss 0.00

    Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.

  • CVE-1999-1565Aug 20, 1999
    risk 0.00cvss epss 0.00

    Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

  • CVE-1999-0743Aug 20, 1999
    risk 0.00cvss epss 0.00

    Trn allows local users to overwrite other users' files via symlinks.

  • CVE-1999-0732Aug 19, 1999
    risk 0.00cvss epss 0.00

    The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.

  • CVE-1999-0742Jun 22, 1999
    risk 0.00cvss epss 0.01

    The Debian mailman package uses weak authentication, which allows attackers to gain privileges.

  • CVE-1999-1496Jun 8, 1999
    risk 0.00cvss epss 0.01

    Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.

  • CVE-1999-0434Mar 30, 1999
    risk 0.00cvss epss 0.01

    XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

  • CVE-2000-0367Feb 18, 1999
    risk 0.00cvss epss 0.00

    Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges.

  • CVE-1999-0374Feb 16, 1999
    risk 0.00cvss epss 0.00

    Debian GNU/Linux cfengine package is susceptible to a symlink attack.

  • CVE-1999-0373Feb 1, 1999
    risk 0.00cvss epss 0.00

    Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root.

  • CVE-1999-0457Jan 17, 1999
    risk 0.00cvss epss 0.00

    Linux ftpwatch program allows local users to gain root privileges.

  • CVE-1999-0389Jan 3, 1999
    risk 0.00cvss epss 0.00

    Buffer overflow in the bootp server in the Debian Linux netstd package.

  • CVE-1999-1276Dec 7, 1998
    risk 0.00cvss epss 0.00

    fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.

  • CVE-1999-1411Nov 26, 1998
    risk 0.00cvss epss 0.02

    The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.

  • CVE-1999-1048Sep 5, 1998
    risk 0.00cvss epss 0.01

    Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that…

  • CVE-1999-0341Jan 1, 1998
    risk 0.00cvss epss 0.00

    Buffer overflow in the Linux mail program "deliver" allows local users to gain root access.

Page 66 of 67