Vulnerabilities > Debian > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-07-07 | CVE-2004-0434 | Incorrect Calculation of Buffer Size vulnerability in multiple products k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. | 9.8 |
| 2004-05-04 | CVE-2003-0648 | Local Unspecified Buffer Overflow vulnerability in FTE Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. | 10.0 |
| 2003-03-03 | CVE-2003-0098 | Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | 10.0 |
| 2002-11-04 | CVE-2002-1235 | Remote Buffer Overflow vulnerability in Multiple Vendor kadmind The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 10.0 |
| 2001-08-14 | CVE-2001-0554 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | 10.0 |
| 2001-03-26 | CVE-2001-0233 | Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. | 10.0 |
| 2000-11-14 | CVE-2000-0844 | Permissions, Privileges, and Access Controls vulnerability in multiple products Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | 10.0 |
| 2000-07-16 | CVE-2000-0666 | Remote Format String vulnerability in Multiple Linux Vendor rpc.statd rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | 10.0 |
| 2000-07-02 | CVE-2000-0584 | Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | 10.0 |
| 2000-01-08 | CVE-2000-1221 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP. | 10.0 |