Debian ≫ Debian Linux

Denial of service in Debian IRC Epic/epic4 client via a long string.

Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.

Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.

Trn allows local users to overwrite other users' files via symlinks.

Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.

The Debian mailman package uses weak authentication, which allows attackers to gain privileges.

The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.

Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.