CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-3127 22 Dir. Trav. 2014-05-13 2014-06-05
7.1
None Remote High Not required None Complete Complete
dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. NOTE: this can be considered a release engineering problem in the effort to fix CVE-2014-0471.
2 CVE-2014-0490 20 Exec Code 2014-11-03 2014-11-04
7.5
None Remote Low Not required Partial Partial Partial
The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package.
3 CVE-2014-0489 20 Exec Code 2014-11-03 2014-11-04
7.5
None Remote Low Not required Partial Partial Partial
APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute arbitrary code via a crafted package.
4 CVE-2014-0487 2014-11-03 2014-11-04
7.5
None Remote Low Not required Partial Partial Partial
APT before 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors.
5 CVE-2013-4559 264 +Priv 2013-11-20 2014-01-23
7.6
None Remote High Not required Complete Complete Complete
lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.
6 CVE-2012-5519 264 2012-11-19 2013-06-05
7.2
None Local Low Not required Complete Complete Complete
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
7 CVE-2009-4015 89 Exec Code Sql 2010-02-02 2010-02-04
7.5
None Remote Low Not required Partial Partial Partial
Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allows remote attackers to execute arbitrary commands via shell metacharacters in filename arguments.
8 CVE-2009-4014 134 2010-02-02 2010-02-03
7.5
None Remote Low Not required Partial Partial Partial
Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module.
9 CVE-2008-5394 59 1 2008-12-08 2009-09-15
7.2
Admin Local Low Not required Complete Complete Complete
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
10 CVE-2008-4440 59 2008-10-03 2008-11-11
7.2
None Local Low Not required Complete Complete Complete
The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files.
11 CVE-2008-4406 59 2008-10-03 2009-02-18
7.2
Admin Local Low Not required Complete Complete Complete
A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files.
12 CVE-2008-1901 59 2008-04-22 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file.
13 CVE-2008-0302 94 Exec Code 2008-01-16 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
14 CVE-2007-5365 119 1 DoS Exec Code Overflow 2007-10-11 2011-08-02
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
15 CVE-2007-3912 264 +Priv 2007-09-10 2009-02-05
7.2
Admin Local Low Not required Complete Complete Complete
checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process.
16 CVE-2007-2839 Exec Code 2007-07-05 2008-11-15
7.2
Admin Local Low Not required Complete Complete Complete
gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.
17 CVE-2007-2833 DoS 2007-06-21 2008-09-05
7.8
None Remote Low Not required None None Complete
Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
18 CVE-2007-0956 Bypass 2007-04-05 2010-09-15
7.6
Admin Remote High Not required Complete Complete Complete
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.
19 CVE-2007-0454 Exec Code 2007-02-05 2010-09-15
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.
20 CVE-2006-5873 DoS Overflow 2006-12-11 2008-09-05
7.8
None Remote Low Not required None None Complete
Buffer overflow in the cluster_process_heartbeat function in cluster.c in layer 2 tunneling protocol network server (l2tpns) before 2.1.21 allows remote attackers to cause a denial of service via a large heartbeat packet.
21 CVE-2006-1772 2006-04-13 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which allows local users to view the password.
22 CVE-2006-1244 2006-03-15 2008-09-05
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
23 CVE-2005-1854 Exec Code 2005-08-05 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server.
24 CVE-2005-1151 2005-05-25 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root.
25 CVE-2005-0392 Exec Code 2005-05-19 2008-11-15
7.2
Admin Local Low Not required Complete Complete Complete
ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands.
26 CVE-2005-0206 Overflow 2005-04-27 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
27 CVE-2005-0107 Exec Code 2005-02-25 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, which allows remote attackers to execute arbitrary commands.
28 CVE-2005-0076 Exec Code Overflow 2005-05-02 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library.
29 CVE-2005-0005 Exec Code Overflow 2005-05-02 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
30 CVE-2004-2768 264 +Priv 2010-06-08 2010-06-18
7.2
None Local Low Not required Complete Complete Complete
dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-2059.
31 CVE-2004-1176 DoS Exec Code 2005-04-14 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
32 CVE-2004-1175 Exec Code 2005-04-14 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
fish.c in midnight commander allows remote attackers execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
33 CVE-2004-1076 Exec Code Overflow 2005-01-10 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
34 CVE-2004-1051 Exec Code 2005-03-01 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
35 CVE-2004-1005 Overflow 2005-04-14 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
36 CVE-2004-1004 2005-04-14 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
37 CVE-2004-0986 2005-03-01 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
38 CVE-2004-0833 2004-12-23 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
39 CVE-2004-0793 264 Exec Code 2004-10-20 2013-01-11
7.2
Admin Local Low Not required Complete Complete Complete
The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file.
40 CVE-2004-0579 Exec Code 2004-08-06 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
41 CVE-2004-0456 Exec Code Overflow 2004-12-06 2008-09-10
7.6
Admin Remote High Not required Complete Complete Complete
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
42 CVE-2004-0011 Exec Code Overflow 2004-01-20 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
43 CVE-2003-1022 Dir. Trav. 2004-01-20 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.
44 CVE-2003-0385 Overflow +Priv 2003-07-02 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option.
45 CVE-2003-0361 2003-06-09 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp.
46 CVE-2003-0360 DoS Exec Code Overflow 2003-06-09 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
47 CVE-2003-0308 +Priv 2003-05-15 2008-11-11
7.2
Admin Local Low Not required Complete Complete Complete
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
48 CVE-2002-0910 Exec Code Overflow 2002-10-04 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to.
49 CVE-2002-0062 Overflow +Priv 2002-03-08 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
50 CVE-2002-0004 Exec Code Mem. Corr. 2002-02-27 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
Total number of vulnerabilities : 85   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.