Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 4.0  Security Vulnerabilities
CVE-2006-6503
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.
CVSS Score
6.8
EPSS Score
0.216
Published
2006-12-20
CVE-2006-5868
Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
CVSS Score
9.3
EPSS Score
0.012
Published
2006-11-22
CVE-2001-0690
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
CVSS Score
7.5
EPSS Score
0.199
Published
2001-09-20
CVE-2000-0145
The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.
CVSS Score
7.5
EPSS Score
0.004
Published
2000-02-05
CVE-1999-1330
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
CVSS Score
4.6
EPSS Score
0.001
Published
1999-12-31
CVE-1999-0743
Trn allows local users to overwrite other users' files via symlinks.
CVSS Score
2.1
EPSS Score
0.001
Published
1999-08-20
CVE-1999-1565
Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVSS Score
4.6
EPSS Score
0.001
Published
1999-08-20
CVE-1999-0732
The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.
CVSS Score
2.1
EPSS Score
0.001
Published
1999-08-19
CVE-1999-0730
The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.
CVSS Score
10.0
EPSS Score
0.01
Published
1999-06-12
CVE-1999-1182
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
CVSS Score
7.2
EPSS Score
0.001
Published
1997-07-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved