Debian ≫ Debian Linux

CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service.

IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.

gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.

The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.

The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.

Linux apcd program allows local attackers to modify arbitrary files via a symlink attack.

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote att...

The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.

nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover.

htdig allows remote attackers to execute commands via filenames with shell metacharacters.