Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2005-07-26 CVE-2005-1920 Improper Preservation of Permissions vulnerability in multiple products
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.
network
low complexity
kde debian CWE-281
7.5
2004-09-28 CVE-2004-0689 Link Following vulnerability in multiple products
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
local
low complexity
kde debian CWE-59
7.1
2004-09-28 CVE-2004-0458 NULL Pointer Dereference vulnerability in multiple products
mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.
network
low complexity
nicolas-boullis debian CWE-476
7.5
2002-12-26 CVE-2002-1372 Unchecked Return Value vulnerability in multiple products
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.
network
low complexity
apple debian CWE-252
7.5
2002-06-18 CVE-2002-0401 NULL Pointer Dereference vulnerability in multiple products
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
network
low complexity
ethereal debian CWE-476
7.5
2002-05-16 CVE-2002-0184 Incorrect Calculation of Buffer Size vulnerability in multiple products
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
local
low complexity
sudo-project debian CWE-131
7.8
2001-03-26 CVE-2001-0195 Improper Preservation of Permissions vulnerability in Debian Linux 2.2
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
local
low complexity
debian CWE-281
7.8