Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-01-20 | CVE-2003-1022 | Unspecified vulnerability in Debian FSP 2.81.B18 Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. | 7.5 |
2003-07-02 | CVE-2003-0385 | Local Security vulnerability in Linux 3.0.18/3.0.23 Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. | 7.2 |
2003-06-09 | CVE-2003-0361 | Remote Security vulnerability in Linux gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp. | 7.5 |
2003-06-09 | CVE-2003-0360 | Denial-Of-Service vulnerability in Linux Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |
2003-05-15 | CVE-2003-0308 | Local Security vulnerability in Sendmail The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | 7.2 |
2002-12-26 | CVE-2002-1372 | Unchecked Return Value vulnerability in multiple products Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. | 7.5 |
2002-10-04 | CVE-2002-0910 | Buffer Overflow vulnerability in Debian Netstd 3.07 Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to. | 7.5 |
2002-06-18 | CVE-2002-0401 | NULL Pointer Dereference vulnerability in multiple products SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. | 7.5 |
2002-05-16 | CVE-2002-0184 | Incorrect Calculation of Buffer Size vulnerability in multiple products Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded. | 7.8 |
2002-02-27 | CVE-2002-0004 | Heap Overflow vulnerability in AT Maliciously Formatted Time Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | 7.2 |