Filtered by vendor Mandrakesoft
Subscribe
Total
151 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-1059 | 1 Mandrakesoft | 1 Mandrake Linux | 2023-12-10 | 7.2 HIGH | N/A |
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. | |||||
CVE-2000-0883 | 1 Mandrakesoft | 1 Mandrake Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | |||||
CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 7 Linux, Debian Linux, Freebsd and 4 more | 2023-12-10 | 7.2 HIGH | N/A |
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | |||||
CVE-2000-0607 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. | |||||
CVE-2000-0454 | 1 Mandrakesoft | 1 Mandrake Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. | |||||
CVE-2001-1385 | 2 Mandrakesoft, Php | 2 Mandrake Linux, Php | 2023-12-10 | 5.0 MEDIUM | N/A |
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts. | |||||
CVE-2001-1449 | 2 Apache, Mandrakesoft | 4 Http Server, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. | |||||
CVE-2001-0120 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2023-12-10 | 1.2 LOW | N/A |
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0119 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2023-12-10 | 1.2 LOW | N/A |
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | |||||
CVE-2004-0807 | 5 Conectiva, Mandrakesoft, Samba and 2 more | 5 Linux, Mandrake Linux, Samba and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. |