Vulnerabilities > Debian > Debian Linux > 3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-10 | CVE-2004-0915 | Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information. | 5.0 |
2005-01-10 | CVE-2004-0770 | Symbolic Link vulnerability in DGen Emulator romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files. | 2.1 |
2004-12-23 | CVE-2004-0833 | Unspecified vulnerability in Debian Linux 3.0 Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages. | 7.5 |
2004-12-23 | CVE-2004-0564 | Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. | 2.1 |
2004-12-15 | CVE-2004-1145 | Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | 5.0 |
2004-12-06 | CVE-2004-0456 | Remote Stack-Based Buffer Overrun vulnerability in Pavuk Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. | 7.6 |
2004-12-06 | CVE-2004-0455 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. | 7.2 |
2004-12-06 | CVE-2004-0451 | Remote Syslog Format String vulnerability in Sup Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog. | 10.0 |
2004-12-06 | CVE-2002-1581 | Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. | 5.0 |
2004-11-03 | CVE-2004-0836 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length). | 10.0 |