Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2004-01-20 CVE-2003-1022 Unspecified vulnerability in Debian FSP 2.81.B18
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.
network
low complexity
debian
7.5
2003-07-02 CVE-2003-0385 Local Security vulnerability in Linux 3.0.18/3.0.23
Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option.
local
low complexity
debian
7.2
2003-06-09 CVE-2003-0361 Remote Security vulnerability in Linux
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp.
network
low complexity
debian
7.5
2003-06-09 CVE-2003-0360 Denial-Of-Service vulnerability in Linux
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
network
low complexity
debian
7.5
2003-05-15 CVE-2003-0308 Local Security vulnerability in Sendmail
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
local
low complexity
sendmail debian
7.2
2002-12-26 CVE-2002-1372 Unchecked Return Value vulnerability in multiple products
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.
network
low complexity
apple debian CWE-252
7.5
2002-10-04 CVE-2002-0910 Buffer Overflow vulnerability in Debian Netstd 3.07
Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to.
network
low complexity
debian
7.5
2002-06-18 CVE-2002-0401 NULL Pointer Dereference vulnerability in multiple products
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
network
low complexity
ethereal debian CWE-476
7.5
2002-05-16 CVE-2002-0184 Incorrect Calculation of Buffer Size vulnerability in multiple products
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
local
low complexity
sudo-project debian CWE-131
7.8
2002-02-27 CVE-2002-0004 Heap Overflow vulnerability in AT Maliciously Formatted Time
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
7.2