Page 24 of 156 results (0.007 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption). • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358210 http://secunia.com/advisories/19331 https://exchange.xforce.ibmcloud.com/vulnerabilities/25526 •

CVSS: 1.2EPSS: 0%CPEs: 25EXPL: 0

snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file. • http://secunia.com/advisories/19318 http://www.debian.org/security/2006/dsa-1013 http://www.securityfocus.com/bid/17182 https://exchange.xforce.ibmcloud.com/vulnerabilities/25442 •

CVSS: 7.6EPSS: 0%CPEs: 39EXPL: 0

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature. • http://secunia.com/advisories/18948 http://secunia.com/advisories/19021 http://secunia.com/advisories/19065 http://secunia.com/advisories/19091 http://secunia.com/advisories/19164 http://secunia.com/advisories/19364 http://secunia.com/advisories/19644 http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz http://www.debian.org/security/2006/dsa-1019 http://www.debian.org/security/2006/dsa-979 http://www.debian.org/security&#x •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity. Vulnerabilidad no especificada en las funciones (1) apreq_parse_headers y (2) apreq_parse_urlencoded en Apache2::Request (Libapreq2) en versiones anteriores a 2.07 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de vectores de ataque desconocidos que resultan en complejidad computacional cuadrática. • http://secunia.com/advisories/18846 http://secunia.com/advisories/19139 http://secunia.com/advisories/19658 http://securityreason.com/securityalert/737 http://svn.apache.org/viewcvs.cgi/httpd/apreq/tags/v2_07/CHANGES?rev=376998&view=markup http://www.debian.org/security/2006/dsa-1000 http://www.gentoo.org/security/en/glsa/glsa-200604-08.xml http://www.securityfocus.com/bid/16710 http://www.vupen.com/english/advisories/2006/0645 https://exchange.xforce.ibmcloud.com/vulnera •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver. • http://secunia.com/advisories/19339 http://www.debian.org/security/2006/dsa-1011 https://exchange.xforce.ibmcloud.com/vulnerabilities/25406 •