Filtered by vendor Mandrakesoft
Subscribe
Total
151 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2023-12-10 | 7.2 HIGH | N/A |
xsoldier program allows local users to gain root access via a long argument. | |||||
CVE-2001-0416 | 3 Debian, Immunix, Mandrakesoft | 3 Sgml-tools, Immunix, Mandrake Linux | 2023-12-10 | 2.1 LOW | N/A |
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools. | |||||
CVE-2001-0108 | 2 Mandrakesoft, Php | 2 Mandrake Linux, Php | 2023-12-10 | 5.0 MEDIUM | N/A |
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested. | |||||
CVE-2001-0736 | 5 Engardelinux, Immunix, Mandrakesoft and 2 more | 6 Secure Linux, Immunix, Mandrake Linux and 3 more | 2023-12-10 | 2.1 LOW | N/A |
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0178 | 4 Caldera, Conectiva, Mandrakesoft and 1 more | 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more | 2023-12-10 | 2.1 LOW | N/A |
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | |||||
CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2023-12-10 | 1.2 LOW | N/A |
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0912 | 1 Mandrakesoft | 1 Mandrake Linux | 2023-12-10 | 7.2 HIGH | N/A |
Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges. | |||||
CVE-2001-0458 | 4 Debian, Mandrakesoft, Ralf S. Engelschall and 1 more | 4 Debian Linux, Mandrake Linux, Eperl and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. | |||||
CVE-2004-0402 | 2 Mandrakesoft, Xpcd | 2 Mandrake Linux, Xpcd | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code. | |||||
CVE-2001-0116 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2023-12-10 | 1.2 LOW | N/A |
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0388 | 3 Freebsd, Mandrakesoft, Suse | 3 Freebsd, Mandrake Linux, Suse Linux | 2023-12-10 | 10.0 HIGH | N/A |
time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | |||||
CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2023-12-10 | 7.2 HIGH | N/A |
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
CVE-1999-1477 | 2 Gnome, Mandrakesoft | 2 Gnome Libs, Mandrake Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack. | |||||
CVE-2000-0566 | 3 Caldera, Mandrakesoft, Redhat | 3 Openlinux, Mandrake Linux, Linux | 2023-12-10 | 7.2 HIGH | N/A |
makewhatis in Linux man package allows local users to overwrite files via a symlink attack. | |||||
CVE-2004-0817 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. | |||||
CVE-2001-0473 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | |||||
CVE-2001-0481 | 1 Mandrakesoft | 1 Mandrake Linux | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling. | |||||
CVE-2002-0836 | 3 Hp, Mandrakesoft, Redhat | 3 Secure Os, Mandrake Linux, Linux | 2023-12-10 | 7.5 HIGH | N/A |
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | |||||
CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2023-12-10 | 10.0 HIGH | N/A |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||||
CVE-2004-0500 | 3 Gentoo, Mandrakesoft, Rob Flynn | 3 Linux, Mandrake Linux, Gaim | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. |