Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2008-01-25 CVE-2007-6415 Code Injection vulnerability in Debian Linux 3.1/4.0
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options.
network
low complexity
debian CWE-94
8.5
2008-01-10 CVE-2008-0226 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
network
low complexity
yassl mysql oracle apple debian canonical CWE-119
7.5
2007-12-04 CVE-2007-6211 Permissions, Privileges, and Access Controls vulnerability in Sing 1.1
Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option.
local
low complexity
debian sing CWE-264
7.2
2007-11-07 CVE-2007-5116 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
7.5
2007-11-02 CVE-2007-5197 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mono
Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods.
network
low complexity
suse debian opensuse mono CWE-119
7.5
2007-10-30 CVE-2007-5730 Out-Of-Bounds Write vulnerability in multiple products
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow.
local
low complexity
qemu debian CWE-787
7.2
2007-10-30 CVE-2007-5729 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow.
local
low complexity
qemu debian opensuse CWE-119
7.2
2007-10-30 CVE-2007-1321 Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error.
local
low complexity
qemu fedoraproject debian
7.2
2007-10-11 CVE-2007-5365 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
local
low complexity
debian openbsd redhat sun ubuntu CWE-119
7.2
2007-09-10 CVE-2007-3912 Improper Input Validation vulnerability in Debian Debian-Goodies 0.27/0.33
checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process.
local
low complexity
debian CWE-20
7.2