Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2002-06-18 CVE-2002-0401 NULL Pointer Dereference vulnerability in multiple products
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
network
low complexity
ethereal debian CWE-476
7.5
2002-05-16 CVE-2002-0184 Incorrect Calculation of Buffer Size vulnerability in multiple products
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
local
low complexity
sudo-project debian CWE-131
7.8
2002-02-27 CVE-2002-0004 Heap Overflow vulnerability in AT Maliciously Formatted Time
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
7.2
2002-01-31 CVE-2002-0044 GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
local
low complexity
gnu debian redhat
3.6
2001-12-31 CVE-2001-1561 Buffer Overflow vulnerability in Xvt
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
local
low complexity
john-bovey debian
7.2
2001-12-21 CVE-2001-0886 Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.
local
low complexity
debian redhat
4.6
2001-12-06 CVE-2001-0834 Remote Denial of Service/File Disclosure vulnerability in ht://Dig
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
network
low complexity
htdig conectiva debian suse
6.4
2001-10-18 CVE-2001-0763 Buffer Overflow vulnerability in Xinetd
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
network
low complexity
debian suse
7.5
2001-10-18 CVE-2001-0755 Denial-Of-Service vulnerability in Debian Linux 6.2
Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command.
network
low complexity
debian
7.5
2001-10-18 CVE-2001-0738 Denial-Of-Service vulnerability in Immunix
LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages.
network
low complexity
immunix debian
5.0