Debian Linux Security Vulnerabilities and Issues — Debian Linux CVE List

Lucene search

DebianDebian Linux

12 matches found

CVE•added 2005/01/10 5:0 a.m.•85 views

CVE-2004-1014

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.

5CVSS6.2AI score0.02458EPSS

CVE•added 2005/01/27 5:0 a.m.•83 views

CVE-2004-0889

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

10CVSS7.3AI score0.04443EPSS

CVE•added 2005/01/29 5:0 a.m.•83 views

CVE-2005-0102

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

9.8CVSS9.4AI score0.00599EPSS

CVE•added 2005/01/10 5:0 a.m.•78 views

CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

2.1CVSS6AI score0.00393EPSS

CVE•added 2005/01/27 5:0 a.m.•72 views

CVE-2004-0888

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

10CVSS7.6AI score0.04443EPSS

CVE•added 2005/01/29 5:0 a.m.•68 views

CVE-1999-1572

cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.

2.1CVSS5.9AI score0.00112EPSS

CVE•added 2005/01/10 5:0 a.m.•57 views

CVE-2004-1095

Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calcul...

10CVSS7.5AI score0.15734EPSS

CVE•added 2005/01/10 5:0 a.m.•55 views

CVE-2004-1076

Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.

7.2CVSS7.3AI score0.00098EPSS

CVE•added 2005/01/10 5:0 a.m.•52 views

CVE-2004-0915

Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.

5CVSS6.6AI score0.00346EPSS

CVE•added 2005/01/10 5:0 a.m.•48 views

CVE-2004-0994

Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify s...

10CVSS7.5AI score0.15734EPSS

CVE•added 2005/01/29 5:0 a.m.•46 views

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.

2.1CVSS5.8AI score0.00058EPSS

CVE•added 2005/01/10 5:0 a.m.•44 views

CVE-2004-0770

romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.

2.1CVSS6.4AI score0.00064EPSS