This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Debian First view 2000-11-14
Product Debian Linux Last view 2018-11-12
Version 2.2 Type Os
Update *  
Edition potato  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:debian:debian_linux

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2018-11-12 CVE-2018-19200

An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function.

7.8 2017-09-25 CVE-2014-8156

The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged) git master on 2015-01-19, the upstream framework.git 0.10.1 and git master on 2015-01-19, phonefsod 0.1+git20121018-1 as packaged in Debian, Ubuntu and potentially other packages, and potentially other fso modules do not properly filter D-Bus message paths, which might allow local users to cause a denial of service (dbus-daemon memory consumption), or execute arbitrary code as root by sending a crafted D-Bus message to any D-Bus system service.

8.8 2016-06-16 CVE-2016-3062

The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.

3.6 2001-07-02 CVE-2001-0430

Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files.

7.5 2001-06-27 CVE-2001-0441

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

7.2 2000-11-14 CVE-2000-0867

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

CWE : Common Weakness Enumeration

%idName
33% (1) CWE-476 NULL Pointer Dereference
33% (1) CWE-264 Permissions, Privileges, and Access Controls
33% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
13877 slrn News Reader Long Message Header Multiple Function Overflow
5824 klogd Malformed Kernel Message Format String
5642 Exuberant Ctags Insecure Temporary File Creation

OpenVAS Exploits

id Description
2008-01-17 Name : Debian Security Advisory DSA 040-1 (slrn)
File : nvt/deb_040_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 046-1 (exuberant-ctags)
File : nvt/deb_046_1.nasl

Nessus® Vulnerability Scanner

id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4003413459.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-96b48b34ae.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a3ef0a026f.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-c5c72a45ea.nasl - Type: ACT_GATHER_INFO
2018-12-03 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_3563fae5f60c11e8b5135404a68ad561.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote Debian host is missing a security update.
File: debian_DLA-1581.nasl - Type: ACT_GATHER_INFO
2017-05-10 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201705-08.nasl - Type: ACT_GATHER_INFO
2016-06-28 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-779.nasl - Type: ACT_GATHER_INFO
2016-06-15 Name: The remote Debian host is missing a security update.
File: debian_DLA-515.nasl - Type: ACT_GATHER_INFO
2016-06-15 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3603.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2000-050.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2001-028.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-040.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-046.nasl - Type: ACT_GATHER_INFO