CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian » Debian Linux » 2.2 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2003-0367 20 2003-07-02 2019-05-23
2.1
None Local Low Not required None Partial None
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
2 CVE-2003-0358 120 Overflow +Priv 2003-06-09 2020-12-09
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
3 CVE-2003-0098 +Priv 2003-03-03 2018-09-26
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
4 CVE-2002-1232 DoS 2002-11-04 2016-10-18
5.0
None Remote Low Not required None None Partial
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
5 CVE-2002-0392 DoS Exec Code 2002-07-03 2021-07-15
7.5
None Remote Low Not required Partial Partial Partial
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
6 CVE-2002-0184 787 Overflow +Priv 2002-05-16 2021-04-01
7.2
None Local Low Not required Complete Complete Complete
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
7 CVE-2002-0044 2002-01-31 2017-10-10
3.6
None Local Low Not required Partial Partial None
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
8 CVE-2001-1561 Exec Code Overflow 2001-12-31 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
9 CVE-2001-1331 2001-05-03 2008-09-10
1.2
None Local High Not required None Partial None
mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks.
10 CVE-2001-0977 DoS 2001-07-16 2017-10-10
5.0
None Remote Low Not required None None Partial
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
11 CVE-2001-0925 22 Dir. Trav. 2001-03-12 2021-07-06
5.0
None Remote Low Not required Partial None None
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
12 CVE-2001-0834 DoS 2001-12-06 2017-10-10
6.4
None Remote Low Not required Partial None Partial
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
13 CVE-2001-0738 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages.
14 CVE-2001-0554 120 Exec Code Overflow 2001-08-14 2022-01-21
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
15 CVE-2001-0458 Exec Code Overflow 2001-06-27 2017-12-19
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
16 CVE-2001-0457 DoS 2001-06-27 2017-10-10
5.0
None Remote Low Not required None None Partial
man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion).
17 CVE-2001-0456 2001-06-27 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
18 CVE-2001-0430 2001-07-02 2017-10-10
3.6
None Local Low Not required Partial Partial None
Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files.
19 CVE-2001-0279 Overflow +Priv 2001-05-03 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
20 CVE-2001-0235 2001-03-26 2017-10-10
2.1
None Local Low Not required Partial None None
Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running.
21 CVE-2001-0233 DoS Exec Code Overflow 2001-03-26 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
22 CVE-2001-0195 +Priv 2001-03-26 2017-10-10
2.1
None Local Low Not required Partial None None
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
23 CVE-2001-0193 +Priv 2001-05-03 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.
24 CVE-2001-0139 2001-03-12 2017-10-10
1.2
None Local High Not required None Partial None
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
25 CVE-2001-0138 2001-03-12 2017-10-10
1.2
None Local High Not required None Partial None
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
26 CVE-2001-0136 399 DoS 2001-03-12 2018-02-07
5.0
None Remote Low Not required None None Partial
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
27 CVE-2001-0131 59 2001-03-12 2020-10-09
3.3
None Local Medium Not required None Partial Partial
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
28 CVE-2001-0128 +Priv Bypass 2001-03-12 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
29 CVE-2001-0125 2001-03-12 2017-10-10
1.2
None Local High Not required None Partial None
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
30 CVE-2001-0112 Exec Code Overflow 2001-03-12 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands.
31 CVE-2001-0111 Exec Code 2001-03-12 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.
32 CVE-2001-0069 2001-02-12 2017-10-10
2.1
None Local Low Not required None Partial None
dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack.
33 CVE-2000-1135 2001-01-09 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack.
34 CVE-2000-0888 DoS 2000-12-19 2020-12-09
5.0
None Remote Low Not required None None Partial
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."
35 CVE-2000-0844 264 Exec Code 2000-11-14 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
36 CVE-2000-0666 +Priv 2000-07-16 2018-05-03
10.0
None Remote Low Not required Complete Complete Complete
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
37 CVE-2000-0607 Overflow +Priv 2000-06-21 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
38 CVE-2000-0606 Overflow +Priv 2000-06-21 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
39 CVE-2000-0513 DoS 2000-06-21 2017-10-10
5.0
None Remote Low Not required None None Partial
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password.
40 CVE-2000-0512 DoS 2000-06-16 2017-10-10
5.0
None Remote Low Not required None None Partial
CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service.
41 CVE-2000-0511 DoS 2000-06-21 2017-10-10
5.0
None Remote Low Not required None None Partial
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a CGI POST request.
42 CVE-2000-0510 DoS 2000-06-21 2017-10-10
5.0
None Remote Low Not required None None Partial
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request.
43 CVE-2000-0508 DoS 1994-12-19 2017-10-10
5.0
None Remote Low Not required None None Partial
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
44 CVE-2000-0289 2000-03-27 2008-09-10
5.0
None Remote Low Not required Partial None None
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
45 CVE-2000-0229 +Priv 2000-03-22 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
46 CVE-2000-0112 2000-02-02 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.
47 CVE-1999-0872 Overflow 1999-08-25 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
48 CVE-1999-0831 DoS 1999-11-19 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service in Linux syslogd via a large number of connections.
49 CVE-1999-0769 1999-08-25 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
Total number of vulnerabilities : 49   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.