Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2005-01-10 CVE-2004-0994 Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c.
network
low complexity
zgv debian
critical
10.0
2005-01-10 CVE-2004-0915 Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.
network
low complexity
viewcvs debian
5.0
2005-01-10 CVE-2004-0770 Symbolic Link vulnerability in DGen Emulator
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.
local
low complexity
dgen debian
2.1
2004-12-31 CVE-2004-1179 Local Insecure Temporary File Creation vulnerability in Debian Debmake
The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack on temporary directories.
local
low complexity
debian
2.1
2004-12-23 CVE-2004-1336 The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.
local
low complexity
debian gentoo
2.1
2004-12-23 CVE-2004-0833 Unspecified vulnerability in Debian Linux 3.0
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
network
low complexity
debian
7.5
2004-12-23 CVE-2004-0564 Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files.
local
low complexity
roaring-penguin debian
2.1
2004-12-15 CVE-2004-1145 Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. 5.0
2004-12-06 CVE-2004-0456 Remote Stack-Based Buffer Overrun vulnerability in Pavuk
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
network
high complexity
pavuk debian gentoo
7.6
2004-12-06 CVE-2004-0455 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.
local
low complexity
www-sql-project debian CWE-120
7.2