Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2005-01-10 CVE-2004-1076 Local Buffer Overflow vulnerability in Atari800 Emulator
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
local
low complexity
atari800 debian
7.2
2004-12-23 CVE-2004-0833 Unspecified vulnerability in Debian Linux 3.0
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
network
low complexity
debian
7.5
2004-12-06 CVE-2004-0456 Remote Stack-Based Buffer Overrun vulnerability in Pavuk
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
network
high complexity
pavuk debian gentoo
7.6
2004-12-06 CVE-2004-0455 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.
local
low complexity
www-sql-project debian CWE-120
7.2
2004-11-03 CVE-2004-0835 Local vulnerability in MySQL
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
network
low complexity
mysql oracle debian
7.5
2004-10-20 CVE-2004-0793 Permissions, Privileges, and Access Controls vulnerability in Debian Bsdmainutils
The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file.
local
low complexity
debian CWE-264
7.2
2004-09-28 CVE-2004-0689 Link Following vulnerability in multiple products
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
local
low complexity
kde debian CWE-59
7.1
2004-09-28 CVE-2004-0458 NULL Pointer Dereference vulnerability in multiple products
mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.
network
low complexity
nicolas-boullis debian CWE-476
7.5
2004-08-06 CVE-2004-0579 Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
local
low complexity
william-deich debian
7.2
2004-01-20 CVE-2004-0011 Unspecified vulnerability in Debian FSP 2.81.B18
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
network
low complexity
debian
7.5