Vulnerabilities > Debian > Debian Linux > 3.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-10-05 | CVE-2005-2960 | cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | 2.1 |
2005-09-30 | CVE-2005-3106 | Improper Locking vulnerability in multiple products Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec. | 4.7 |
2005-09-28 | CVE-2005-2557 | Input Validation vulnerability in Mantis Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090. | 4.3 |
2005-09-26 | CVE-2005-3055 | Improper Input Validation vulnerability in multiple products Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference. | 2.1 |
2005-08-30 | CVE-2005-1855 | Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information. | 2.1 |
2005-08-23 | CVE-2005-2459 | Null Pointer Dereference vulnerability in multiple products The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458. | 5.0 |
2005-08-04 | CVE-2005-2456 | Improper Locking vulnerability in multiple products Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock->sk_policy array. | 5.5 |
2005-07-26 | CVE-2005-1920 | Improper Preservation of Permissions vulnerability in multiple products The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information. | 7.5 |
2005-07-18 | CVE-2005-1689 | Double Free vulnerability in multiple products Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. | 9.8 |
2005-07-06 | CVE-2005-1916 | Link Following vulnerability in multiple products linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | 5.5 |