Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2005-05-19 CVE-2005-0392 Local Privilege Escalation vulnerability in PPXP
ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands.
local
low complexity
debian
7.2
2005-05-11 CVE-2005-1513 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
network
low complexity
qmail-project canonical debian CWE-190
critical
9.8
2005-05-02 CVE-2005-1111 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
local
high complexity
gnu debian canonical CWE-367
4.7
2005-05-02 CVE-2005-0211 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.
network
low complexity
squid-cache debian CWE-119
7.5
2005-05-02 CVE-2005-0078 The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
local
low complexity
debian kde redhat
4.6
2005-05-02 CVE-2005-0077 Insecure Temporary File Creation vulnerability in Libdbi-perl
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
local
low complexity
debian gentoo redhat ubuntu
2.1
2005-05-02 CVE-2005-0076 Unspecified vulnerability in Debian Linux 3.0
Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library.
local
low complexity
debian
7.2
2005-05-02 CVE-2005-0073 Unspecified vulnerability in Debian Sympa 3.3.3
Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code.
local
low complexity
debian
4.6
2005-05-02 CVE-2005-0005 Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
network
low complexity
graphicsmagick imagemagick sgi debian gentoo suse
7.5
2005-04-27 CVE-2005-0206 Integer Overflow vulnerability in Xpdf PDFTOPS
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
7.5