Mandrake Linux Security Vulnerabilities
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly...
7.1AI Score
0.042EPSS
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some...
6.5AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain...
6.9AI Score
0.001EPSS
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink...
6.5AI Score
0.0004EPSS
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is...
6.9AI Score
0.002EPSS
6.5AI Score
0.0004EPSS
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some...
6.5AI Score
0.0004EPSS
6.5AI Score
0.0004EPSS
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some...
6.5AI Score
0.0004EPSS
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP...
6.9AI Score
0.003EPSS
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell...
7.4AI Score
0.0004EPSS
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink...
6.4AI Score
0.0004EPSS
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog()...
7.3AI Score
0.02EPSS
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain...
6.8AI Score
0.0004EPSS
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog()...
7AI Score
0.039EPSS
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that...
6.9AI Score
0.008EPSS
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and...
7.4AI Score
0.005EPSS
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel...
6.8AI Score
0.002EPSS
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are...
7AI Score
0.0004EPSS
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the...
7AI Score
0.0004EPSS
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting...
7.5AI Score
0.137EPSS
makewhatis in Linux man package allows local users to overwrite files via a symlink...
6.3AI Score
0.0004EPSS
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage...
7.6AI Score
0.0004EPSS
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING...
7.7AI Score
0.0004EPSS
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev...
7.6AI Score
0.0004EPSS
7.3AI Score
0.0004EPSS
6.5AI Score
0.0004EPSS
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share...
7.1AI Score
0.0004EPSS
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line...
7.6AI Score
0.0004EPSS
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot)...
7.3AI Score
0.0004EPSS
Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as...
7.6AI Score
0.0004EPSS
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those...
5.9AI Score
0.0004EPSS
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed...
7.4AI Score
0.012EPSS