Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2003-05-12 CVE-2003-0214 Local Security vulnerability in mime-support
run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
local
low complexity
debian
4.6
2003-03-03 CVE-2003-0098 Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
network
low complexity
apcupsd debian
critical
10.0
2003-01-17 CVE-2002-1395 Unspecified vulnerability in Debian Internet Message 1330/1410
Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz.
local
low complexity
debian
2.1
2002-12-31 CVE-2002-2185 Denial Of Service vulnerability in Multiple Vendor Spoofed IGMP Report
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
local
low complexity
sgi debian mandrakesoft microsoft redhat suse
4.9
2002-12-26 CVE-2002-1372 Unchecked Return Value vulnerability in multiple products
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.
network
low complexity
apple debian CWE-252
7.5
2002-11-04 CVE-2002-1235 Remote Buffer Overflow vulnerability in Multiple Vendor kadmind
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
network
low complexity
kth mit debian
critical
10.0
2002-11-04 CVE-2002-1232 Remote Network Information Leakage vulnerability in YPServ
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
network
low complexity
debian hp redhat
5.0
2002-10-04 CVE-2002-0912 Remote Buffer Overflow vulnerability in Debian Linux 2.2
in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow.
network
low complexity
debian
5.0
2002-10-04 CVE-2002-0910 Buffer Overflow vulnerability in Debian Netstd 3.07
Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to.
network
low complexity
debian
7.5
2002-09-05 CVE-2002-0875 Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
local
low complexity
sgi debian
2.1