Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
1999-02-26 | CVE-1999-0381 | super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. | Debian_linux, Linux_kernel | N/A | ||
1999-11-09 | CVE-1999-0832 | Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. | Debian_linux, Linux | N/A | ||
2000-06-21 | CVE-2000-0607 | Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. | Debian_linux, Mandrake_linux, Linux | N/A | ||
2000-06-21 | CVE-2000-0606 | Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. | Debian_linux, Mandrake_linux, Linux | N/A | ||
2001-03-12 | CVE-2001-0925 | The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex. | Http_server, Debian_linux | N/A | ||
2002-10-11 | CVE-2002-0839 | The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. | Http_server, Debian_linux | N/A | ||
2004-07-07 | CVE-2004-0488 | Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | Http_server, Debian_linux, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
2004-09-16 | CVE-2004-0809 | The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. | Http_server, Debian_linux, Linux, Hp\-Ux, Secure_web_server_for_tru64, Mandrake_linux, Enterprise_linux, Enterprise_linux_desktop, Secure_linux, Turbolinux_desktop, Turbolinux_home, Turbolinux_server | N/A | ||
2004-11-03 | CVE-2004-0837 | MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs. | Debian_linux, Mysql, Mysql | N/A | ||
2005-08-16 | CVE-2005-2555 | Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c. | Debian_linux, Linux_kernel | N/A |