Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2005-01-10 CVE-2004-1014 Remote Denial Of Service vulnerability in Linux NFS RPC.STATD
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
network
low complexity
nfs debian mandrakesoft redhat
5.0
2005-01-10 CVE-2004-0915 Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.
network
low complexity
viewcvs debian
5.0
2004-12-15 CVE-2004-1145 Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. 5.0
2004-12-15 CVE-2004-1142 Denial of Service and Potential Code Execution vulnerability in Ethereal
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
5.0
2004-12-15 CVE-2004-1139 Denial of Service and Potential Code Execution vulnerability in Ethereal
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
5.0
2004-12-06 CVE-2002-1581 Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via ..
network
low complexity
mailreader-com debian
5.0
2004-11-03 CVE-2004-0911 Unspecified vulnerability in Debian Netkit 0.07/0.17
telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554.
network
low complexity
debian
5.0
2004-09-28 CVE-2004-0643 Double Free vulnerability in multiple products
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
local
low complexity
mit debian redhat CWE-415
4.6
2004-09-16 CVE-2004-0809 The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. 5.0
2004-08-06 CVE-2004-0583 Multiple Unspecified vulnerability in Webmin
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
network
low complexity
usermin webmin debian
5.0