Filtered by vendor Mandrakesoft
Subscribe
Total
151 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0041 | 3 Mandrakesoft, Mit, Redhat | 4 Mandrake Linux, Mandrake Multi Network Firewall, Kerberos Ftp Client and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client. | |||||
CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2024-02-28 | 7.2 HIGH | N/A |
xsoldier program allows local users to gain root access via a long argument. | |||||
CVE-1999-1477 | 2 Gnome, Mandrakesoft | 2 Gnome Libs, Mandrake Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack. | |||||
CVE-2001-0736 | 5 Engardelinux, Immunix, Mandrakesoft and 2 more | 6 Secure Linux, Immunix, Mandrake Linux and 3 more | 2024-02-28 | 2.1 LOW | N/A |
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0279 | 2 Debian, Mandrakesoft | 3 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. | |||||
CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2024-02-28 | 10.0 HIGH | N/A |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||||
CVE-2004-0587 | 3 Mandrakesoft, Redhat, Suse | 4 Mandrake Linux, Mandrake Linux Corporate Server, Fedora Core and 1 more | 2024-02-28 | 2.1 LOW | N/A |
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. | |||||
CVE-2000-1043 | 1 Mandrakesoft | 1 Mandrake Linux | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | |||||
CVE-2000-0607 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. | |||||
CVE-2004-0535 | 6 Conectiva, Engardelinux, Gentoo and 3 more | 17 Linux, Secure Community, Secure Linux and 14 more | 2024-02-28 | 2.1 LOW | N/A |
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. | |||||
CVE-2001-0119 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2024-02-28 | 1.2 LOW | N/A |
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2004-0559 | 3 Mandrakesoft, Usermin, Webmin | 4 Mandrake Linux, Mandrake Linux Corporate Server, Usermin and 1 more | 2024-02-28 | 2.1 LOW | N/A |
The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory. | |||||
CVE-2001-0108 | 2 Mandrakesoft, Php | 2 Mandrake Linux, Php | 2024-02-28 | 5.0 MEDIUM | N/A |
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested. | |||||
CVE-2001-0388 | 3 Freebsd, Mandrakesoft, Suse | 3 Freebsd, Mandrake Linux, Suse Linux | 2024-02-28 | 10.0 HIGH | N/A |
time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | |||||
CVE-2000-0718 | 1 Mandrakesoft | 1 Mandrake Linux | 2024-02-28 | 1.2 LOW | N/A |
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed. | |||||
CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2024-02-28 | 7.2 HIGH | N/A |
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
CVE-2004-0635 | 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more | 5 Ethereal, Linux, Mandrake Linux and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read. | |||||
CVE-2001-0139 | 5 Caldera, Debian, Immunix and 2 more | 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more | 2024-02-28 | 1.2 LOW | N/A |
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
CVE-2001-0169 | 4 Mandrakesoft, Redhat, Trustix and 1 more | 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more | 2024-02-28 | 2.1 LOW | N/A |
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. | |||||
CVE-2000-1059 | 1 Mandrakesoft | 1 Mandrake Linux | 2024-02-28 | 7.2 HIGH | N/A |
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. |