Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2007-07-03 CVE-2007-2838 Unspecified vulnerability in Gsambad 0.1.4
The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.
local
low complexity
debian gsambad
7.2
2007-07-03 CVE-2007-2835 Buffer Overflow vulnerability in Unicon-Imc2 3.0.4
Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable.
local
low complexity
debian unicon-imc2
6.8
2007-06-27 CVE-2007-1665 Remote Denial of Service vulnerability in EKG 20050411
Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
network
low complexity
debian ekg
5.0
2007-06-27 CVE-2007-1664 Remote Denial of Service vulnerability in EKG 20050411
ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.
network
low complexity
debian ekg
5.0
2007-06-27 CVE-2007-1663 Remote Denial of Service vulnerability in EKG 20050411
Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
network
low complexity
debian ekg
5.0
2007-06-26 CVE-2007-2798 Out-Of-Bounds Write vulnerability in multiple products
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
network
low complexity
mit canonical debian CWE-787
critical
9.0
2007-06-26 CVE-2007-2443 Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
low complexity
mit debian canonical
8.3
2007-06-26 CVE-2007-3409 Uncontrolled Recursion vulnerability in multiple products
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.
network
low complexity
net-dns debian canonical CWE-674
7.5
2007-06-21 CVE-2007-2833 Remote Denial of Service vulnerability in GNU Emacs Image Processing
Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
network
low complexity
debian mandrakesoft gnu
7.8
2007-06-11 CVE-2007-2875 Numeric Errors vulnerability in Linux Kernel
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.
local
low complexity
linux debian canonical CWE-189
2.1