Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Total 9011 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-1689 3 Apple, Debian, Mit 4 Mac Os X, Mac Os X Server, Debian Linux and 1 more 2024-11-20 7.5 HIGH 9.8 CRITICAL
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
CVE-2005-1527 3 Awstats, Canonical, Debian 3 Awstats, Ubuntu Linux, Debian Linux 2024-11-20 5.0 MEDIUM N/A
Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call.
CVE-2005-1513 3 Canonical, Debian, Qmail Project 3 Ubuntu Linux, Debian Linux, Qmail 2024-11-20 5.0 MEDIUM 9.8 CRITICAL
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
CVE-2005-1268 3 Apache, Debian, Redhat 5 Http Server, Debian Linux, Enterprise Linux Desktop and 2 more 2024-11-20 5.0 MEDIUM N/A
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
CVE-2005-1260 4 Apple, Bzip, Canonical and 1 more 4 Mac Os X, Bzip2, Ubuntu Linux and 1 more 2024-11-20 5.0 MEDIUM N/A
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
CVE-2005-1152 1 Debian 1 Qpopper 2024-11-20 2.1 LOW N/A
popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to create files with group or world-writable permissions.
CVE-2005-1151 1 Debian 1 Qpopper 2024-11-20 7.2 HIGH N/A
qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root.
CVE-2005-1111 3 Canonical, Debian, Gnu 3 Ubuntu Linux, Debian Linux, Cpio 2024-11-20 3.7 LOW 4.7 MEDIUM
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
CVE-2005-0625 1 Debian 1 Reportbug 2024-11-20 2.1 LOW N/A
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.
CVE-2005-0624 1 Debian 1 Reportbug 2024-11-20 2.1 LOW N/A
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords.
CVE-2005-0392 1 Debian 1 Ppxp 2024-11-20 7.2 HIGH N/A
ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands.
CVE-2005-0211 2 Debian, Squid-cache 2 Debian Linux, Squid 2024-11-20 7.5 HIGH N/A
Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.
CVE-2005-0206 15 Ascii, Cstex, Debian and 12 more 22 Ptex, Cstetex, Debian Linux and 19 more 2024-11-20 7.5 HIGH N/A
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2005-0159 1 Debian 2 Debian Linux, Toolchain-source 2024-11-20 4.6 MEDIUM N/A
The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-0107 1 Debian 1 Bsmtpd 2024-11-20 7.5 HIGH N/A
bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, which allows remote attackers to execute arbitrary commands.
CVE-2005-0102 2 Debian, Gnome 2 Debian Linux, Evolution 2024-11-20 7.2 HIGH 9.8 CRITICAL
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
CVE-2005-0078 3 Debian, Kde, Redhat 5 Debian Linux, Kde, Enterprise Linux and 2 more 2024-11-20 4.6 MEDIUM N/A
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
CVE-2005-0077 4 Debian, Gentoo, Redhat and 1 more 5 Debian Linux, Linux, Enterprise Linux and 2 more 2024-11-20 2.1 LOW N/A
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
CVE-2005-0076 1 Debian 1 Debian Linux 2024-11-20 7.2 HIGH N/A
Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library.
CVE-2005-0073 1 Debian 1 Sympa 2024-11-20 4.6 MEDIUM N/A
Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code.