Mandrake Linux Corporate Server Security Vulnerabilities and Issues — Mandrake Linux Corporate Server CVE List

Lucene search

MandrakesoftMandrake Linux Corporate Server

54 matches found

CVE•added 2002/06/25 4:0 a.m.•205 views

CVE-2002-0083

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

10CVSS9.1AI score0.0158EPSS

CVE•added 2005/04/14 4:0 a.m.•98 views

CVE-2004-1235

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

6.2CVSS7.5AI score0.00083EPSS

CVE•added 2005/03/04 5:0 a.m.•94 views

CVE-2005-0605

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

7.5CVSS9.6AI score0.02838EPSS

CVE•added 2005/02/09 5:0 a.m.•92 views

CVE-2004-0975

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS5.4AI score0.00077EPSS

CVE•added 2005/01/10 5:0 a.m.•85 views

CVE-2004-1014

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.

5CVSS6.2AI score0.02458EPSS

CVE•added 2007/02/06 2:28 a.m.•85 views

CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.

7.5CVSS7AI score0.04939EPSS

CVE•added 2005/04/27 4:0 a.m.•81 views

CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

7.5CVSS6.7AI score0.06529EPSS

CVE•added 2006/01/06 10:0 p.m.•79 views

CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

5CVSS6.3AI score0.07223EPSS

CVE•added 2004/08/06 4:0 a.m.•78 views

CVE-2004-0535

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

2.1CVSS5.7AI score0.0009EPSS

CVE•added 2006/01/06 10:0 p.m.•78 views

CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

5CVSS6.1AI score0.09167EPSS

CVE•added 2005/02/09 5:0 a.m.•76 views

CVE-2004-0977

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS5.7AI score0.00088EPSS

CVE•added 2006/01/06 10:0 p.m.•75 views

CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

10CVSS6.2AI score0.11286EPSS

CVE•added 2004/10/20 4:0 a.m.•74 views

CVE-2004-0559

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.

2.1CVSS5.9AI score0.00072EPSS

CVE•added 2001/05/07 4:0 a.m.•73 views

CVE-2001-0169

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.

2.1CVSS6.3AI score0.00142EPSS

CVE•added 2005/03/14 5:0 a.m.•73 views

CVE-2005-0473

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.

5CVSS6.1AI score0.18522EPSS

CVE•added 2001/05/07 4:0 a.m.•72 views

CVE-2001-0279

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

7.2CVSS6.8AI score0.00216EPSS

CVE•added 2005/04/14 4:0 a.m.•72 views

CVE-2005-0003

The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.

2.1CVSS7.4AI score0.0008EPSS

CVE•added 2003/08/27 4:0 a.m.•71 views

CVE-2003-0462

A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).

1.2CVSS5.8AI score0.0016EPSS

CVE•added 2004/12/06 5:0 a.m.•69 views

CVE-2004-0496

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

7.2CVSS6.5AI score0.0006EPSS

CVE•added 2004/12/06 5:0 a.m.•69 views

CVE-2004-0497

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

2.1CVSS5.7AI score0.00293EPSS

CVE•added 2004/09/24 4:0 a.m.•69 views

CVE-2004-0827

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

7.5CVSS7.5AI score0.03692EPSS

CVE•added 2005/03/01 5:0 a.m.•68 views

CVE-2004-1051

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

7.2CVSS6.8AI score0.0011EPSS

CVE•added 2003/07/24 4:0 a.m.•66 views

CVE-2003-0434

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.

7.5CVSS7.5AI score0.25515EPSS

CVE•added 2004/12/31 5:0 a.m.•66 views

CVE-2004-0817

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

7.5CVSS7.2AI score0.03598EPSS

CVE•added 2003/04/02 5:0 a.m.•62 views

CVE-2002-0638

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utili...

6.2CVSS6.4AI score0.00085EPSS

CVE•added 2004/12/06 5:0 a.m.•62 views

CVE-2004-0565

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

2.1CVSS5.7AI score0.00074EPSS

CVE•added 2004/12/31 5:0 a.m.•62 views

CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

5.1CVSS7.5AI score0.06287EPSS

CVE•added 2005/03/01 5:0 a.m.•62 views

CVE-2004-0983

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.

5CVSS6.2AI score0.01117EPSS

CVE•added 2005/03/14 5:0 a.m.•61 views

CVE-2005-0472

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.

5CVSS6.3AI score0.08201EPSS

CVE•added 2001/05/07 4:0 a.m.•58 views

CVE-2001-0125

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

1.2CVSS6.3AI score0.00076EPSS

CVE•added 2005/04/27 4:0 a.m.•58 views

CVE-2005-0085

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

6.8CVSS5.7AI score0.04725EPSS

CVE•added 2002/06/25 4:0 a.m.•56 views

CVE-2001-0977

slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.

5CVSS6.5AI score0.02956EPSS

CVE•added 2008/01/12 2:46 a.m.•56 views

CVE-2007-6284

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

5CVSS5.9AI score0.05559EPSS

CVE•added 2004/12/23 5:0 a.m.•54 views

CVE-2004-0834

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.

7.2CVSS7AI score0.00051EPSS

CVE•added 2005/05/04 4:0 a.m.•54 views

CVE-2004-1307

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflo...

7.5CVSS7.7AI score0.05111EPSS

CVE•added 2002/06/25 4:0 a.m.•53 views

CVE-2001-1030

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

7.5CVSS6.5AI score0.00184EPSS

CVE•added 2005/02/09 5:0 a.m.•52 views

CVE-2004-0974

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS6AI score0.00103EPSS

CVE•added 2001/05/07 4:0 a.m.•51 views

CVE-2001-0117

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

1.2CVSS6.2AI score0.00124EPSS

CVE•added 2001/10/18 4:0 a.m.•51 views

CVE-2001-0736

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.

2.1CVSS6.4AI score0.00174EPSS

CVE•added 2005/01/10 5:0 a.m.•51 views

CVE-2004-1098

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

7.5CVSS6.5AI score0.00447EPSS

CVE•added 2001/06/27 4:0 a.m.•50 views

CVE-2001-0441

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

7.5CVSS7.8AI score0.01437EPSS

CVE•added 2005/04/21 4:0 a.m.•49 views

CVE-2001-1449

The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.

7.5CVSS6.8AI score0.05425EPSS

CVE•added 2004/12/23 5:0 a.m.•49 views

CVE-2004-0805

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

7.5CVSS7.6AI score0.05835EPSS

CVE•added 2005/04/14 4:0 a.m.•49 views

CVE-2005-0020

Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.

7.2CVSS7AI score0.00082EPSS

CVE•added 2001/05/07 4:0 a.m.•47 views

CVE-2001-0138

privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

1.2CVSS6.3AI score0.00076EPSS

CVE•added 2001/09/18 4:0 a.m.•47 views

CVE-2001-0439

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

7.5CVSS7.7AI score0.01079EPSS

CVE•added 2004/08/06 4:0 a.m.•47 views

CVE-2004-0581

ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.

4.6CVSS6.4AI score0.00079EPSS

CVE•added 2005/08/17 4:0 a.m.•47 views

CVE-2004-2392

libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.

5CVSS6.5AI score0.00956EPSS

CVE•added 2001/05/07 4:0 a.m.•43 views

CVE-2001-0178

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

2.1CVSS6.4AI score0.00102EPSS

CVE•added 2005/02/11 5:0 a.m.•43 views

CVE-2004-1180

Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).

5CVSS6.3AI score0.00763EPSS

Total number of security vulnerabilities54