This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Debian First view 2000-06-16
Product Debian Linux Last view 2018-11-12
Version 2.3 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:debian:debian_linux

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2018-11-12 CVE-2018-19200

An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function.

7.8 2017-09-25 CVE-2014-8156

The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged) git master on 2015-01-19, the upstream framework.git 0.10.1 and git master on 2015-01-19, phonefsod 0.1+git20121018-1 as packaged in Debian, Ubuntu and potentially other packages, and potentially other fso modules do not properly filter D-Bus message paths, which might allow local users to cause a denial of service (dbus-daemon memory consumption), or execute arbitrary code as root by sending a crafted D-Bus message to any D-Bus system service.

8.8 2016-06-16 CVE-2016-3062

The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.

4.6 2003-07-02 CVE-2003-0382

Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable.

3.6 2001-07-02 CVE-2001-0430

Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files.

2.1 2001-03-26 CVE-2001-0170

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.

10 2000-11-14 CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

10 2000-07-16 CVE-2000-0666

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

7.2 2000-06-21 CVE-2000-0607

Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.

7.2 2000-06-21 CVE-2000-0606

Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.

5 2000-06-21 CVE-2000-0513

CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password.

5 2000-06-21 CVE-2000-0511

CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a CGI POST request.

5 2000-06-21 CVE-2000-0510

CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request.

5 2000-06-16 CVE-2000-0512

CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-264 Permissions, Privileges, and Access Controls
25% (1) CWE-476 NULL Pointer Dereference
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
14794 Multiple Unix Vendor locale subsystem Multiple Function Format String
12029 Kanji on Console (KON) kon -StartupMessage Parameter Local Overflow
11526 Linux Console (KON) kon Overflow
11524 Kanji on Console (KON) fld Input File Overflow
8157 Eterm ETERMPATH Variable Local Overflow
7304 CUPS CGI Form POST DoS
7303 CUPS Request File Deletion DoS
7302 CUPS Invalid Username Authentication Remote DoS
5642 Exuberant Ctags Insecure Temporary File Creation
1710 GNU libc (glibc) Multiple Environment Variable Arbitrary File Access
1413 CUPS Malformed IPP Request DoS
443 Linux nfs-utils rpc.statd Remote Format String

OpenVAS Exploits

id Description
2011-09-09 Name : Nfs-utils rpc.statd Multiple Remote Format String Vulnerabilities
File : nvt/secpod_nfs_rpc_statd_mult_format_string_vuln.nasl
2008-01-17 Name : Debian Security Advisory DSA 046-1 (exuberant-ctags)
File : nvt/deb_046_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 309-1 (eterm)
File : nvt/deb_309_1.nasl

Snort® IPS/IDS

Date Description
2014-01-10 resolv_host_conf
RuleID : 714-community - Type : PROTOCOL-TELNET - Revision : 15
2014-01-10 resolv_host_conf
RuleID : 714 - Type : PROTOCOL-TELNET - Revision : 15
2014-01-10 STATD TCP monitor mon_name format string exploit attempt
RuleID : 1916-community - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 STATD TCP monitor mon_name format string exploit attempt
RuleID : 1916 - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 STATD UDP monitor mon_name format string exploit attempt
RuleID : 1915-community - Type : PROTOCOL-RPC - Revision : 19
2014-01-10 STATD UDP monitor mon_name format string exploit attempt
RuleID : 1915 - Type : PROTOCOL-RPC - Revision : 19
2014-01-10 STATD TCP stat mon_name format string exploit attempt
RuleID : 1914-community - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 STATD TCP stat mon_name format string exploit attempt
RuleID : 1914 - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 STATD UDP stat mon_name format string exploit attempt
RuleID : 1913-community - Type : PROTOCOL-RPC - Revision : 20
2014-01-10 STATD UDP stat mon_name format string exploit attempt
RuleID : 1913 - Type : PROTOCOL-RPC - Revision : 20
2014-01-10 status GHBN format string attack
RuleID : 1891-community - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 status GHBN format string attack
RuleID : 1891 - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 status GHBN format string attack
RuleID : 1890-community - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 status GHBN format string attack
RuleID : 1890 - Type : PROTOCOL-RPC - Revision : 18

Nessus® Vulnerability Scanner

id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4003413459.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-96b48b34ae.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a3ef0a026f.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-c5c72a45ea.nasl - Type: ACT_GATHER_INFO
2018-12-03 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_3563fae5f60c11e8b5135404a68ad561.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote Debian host is missing a security update.
File: debian_DLA-1581.nasl - Type: ACT_GATHER_INFO
2017-05-10 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201705-08.nasl - Type: ACT_GATHER_INFO
2016-06-28 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-779.nasl - Type: ACT_GATHER_INFO
2016-06-15 Name: The remote Debian host is missing a security update.
File: debian_DLA-515.nasl - Type: ACT_GATHER_INFO
2016-06-15 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3603.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2000-021.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-046.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-309.nasl - Type: ACT_GATHER_INFO
2004-07-06 Name: The RedHat version have been identified.
File: redhat_fixes.nasl - Type: ACT_GATHER_INFO
2000-11-10 Name: The remote service is vulnerable to a buffer overflow.
File: statd_format_string.nasl - Type: ACT_MIXED_ATTACK