Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2008-08-08 CVE-2008-3535 Off-By-One Error vulnerability in Linux Kernel
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project.
local
low complexity
linux debian canonical CWE-193
4.9
2008-08-08 CVE-2008-1945 QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
local
low complexity
qemu opensuse suse debian canonical redhat
2.1
2008-08-01 CVE-2008-3142 Classic Buffer Overflow vulnerability in multiple products
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.
network
low complexity
python canonical debian CWE-120
7.5
2008-07-27 CVE-2008-3330 Cross-Site Scripting vulnerability in Debian Horde and Turba
Cross-site scripting (XSS) vulnerability in services/obrowser/index.php in Horde 3.2 and Turba 2.2 allows remote attackers to inject arbitrary web script or HTML via the contact name.
network
debian CWE-79
4.3
2008-07-25 CVE-2008-3325 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page.
6.0
2008-07-18 CVE-2008-3234 Permissions, Privileges, and Access Controls vulnerability in Openbsd Openssh 4.0
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
network
low complexity
openbsd debian CWE-264
6.5
2008-07-18 CVE-2008-3216 Link Following vulnerability in Debian Projectl 1.001
The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.
local
low complexity
debian CWE-59
4.6
2008-07-09 CVE-2008-2931 Improper Privilege Management vulnerability in multiple products
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
local
low complexity
linux debian novell opensuse canonical CWE-269
7.8
2008-07-09 CVE-2008-2812 NULL Pointer Dereference vulnerability in multiple products
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
7.8
2008-07-08 CVE-2008-1447 Insufficient Entropy vulnerability in ISC Bind 4/8/9.2.9
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
network
low complexity
canonical cisco debian microsoft redhat isc CWE-331
5.0