Filtered by vendor Debian
Subscribe
Total
1328 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0839 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2023-12-10 | 7.2 HIGH | N/A |
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. | |||||
CVE-2004-0583 | 3 Debian, Usermin, Webmin | 3 Debian Linux, Usermin, Webmin | 2023-12-10 | 5.0 MEDIUM | N/A |
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. | |||||
CVE-1999-1496 | 3 Debian, Redhat, Todd Miller | 3 Debian Linux, Linux, Sudo | 2023-12-10 | 2.1 LOW | N/A |
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist. | |||||
CVE-2001-0416 | 3 Debian, Immunix, Mandrakesoft | 3 Sgml-tools, Immunix, Mandrake Linux | 2023-12-10 | 2.1 LOW | N/A |
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools. | |||||
CVE-1999-0381 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-12-10 | 7.2 HIGH | N/A |
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. | |||||
CVE-2001-0235 | 1 Debian | 1 Debian Linux | 2023-12-10 | 2.1 LOW | N/A |
Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running. | |||||
CVE-2001-0111 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. | |||||
CVE-2004-0564 | 2 Debian, Roaring Penguin | 2 Debian Linux, Pppoe | 2023-12-10 | 2.1 LOW | N/A |
Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings. | |||||
CVE-2001-0886 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. | |||||
CVE-2003-0440 | 2 Debian, Semi | 2 Debian Linux, Semi | 2023-12-10 | 4.6 MEDIUM | N/A |
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2023-12-10 | 7.2 HIGH | N/A |
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | |||||
CVE-2003-0098 | 2 Apcupsd, Debian | 2 Apcupsd, Debian Linux | 2023-12-10 | 10.0 HIGH | N/A |
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | |||||
CVE-2004-0488 | 3 Apache, Debian, Redhat | 4 Http Server, Debian Linux, Enterprise Linux Server and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | |||||
CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2023-12-10 | 1.2 LOW | N/A |
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2004-0456 | 3 Debian, Gentoo, Pavuk | 3 Debian Linux, Linux, Pavuk | 2023-12-10 | 7.6 HIGH | N/A |
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. | |||||
CVE-2001-0458 | 4 Debian, Mandrakesoft, Ralf S. Engelschall and 1 more | 4 Debian Linux, Mandrake Linux, Eperl and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. | |||||
CVE-1999-0831 | 4 Cobalt, Debian, Sun and 1 more | 6 Qube, Debian Linux, Cobalt Raq and 3 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in Linux syslogd via a large number of connections. | |||||
CVE-1999-0373 | 1 Debian | 1 Debian Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root. | |||||
CVE-2003-0615 | 3 Cgi.pm, Debian, Openpkg | 3 Cgi.pm, Debian Linux, Openpkg | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. | |||||
CVE-2001-0193 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. |