Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MandrakesoftMandrake Linux

134 matches found

CVE
CVEadded 2000/04/25 4:0 a.m.45 views

CVE-2000-0184

Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.

2.1CVSS6.7AI score0.00079EPSS
CVE
CVEadded 2000/04/10 4:0 a.m.45 views

CVE-2000-0186

Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

7.2CVSS7.3AI score0.00063EPSS
CVE
CVEadded 2001/09/18 4:0 a.m.44 views

CVE-2001-0474

Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file.

2.1CVSS6.3AI score0.00137EPSS
CVE
CVEadded 2005/06/21 4:0 a.m.44 views

CVE-2002-1713

The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files.

5.5CVSS6.3AI score0.00405EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.43 views

CVE-2001-0116

gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.

1.2CVSS6.4AI score0.00068EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.43 views

CVE-2001-0118

rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.

1.2CVSS6.8AI score0.00068EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.43 views

CVE-2001-0120

useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.

1.2CVSS6.4AI score0.00068EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.43 views

CVE-2001-0178

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

2.1CVSS6.4AI score0.00102EPSS
CVE
CVEadded 2001/09/18 4:0 a.m.43 views

CVE-2001-0440

Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.

7.5CVSS7.8AI score0.11109EPSS
CVE
CVEadded 2005/02/11 5:0 a.m.43 views

CVE-2004-1180

Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).

5CVSS6.3AI score0.00763EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.43 views

CVE-2004-1187

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.

10CVSS7.8AI score0.05704EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.43 views

CVE-2004-1188

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DA...

10CVSS6.6AI score0.05704EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.42 views

CVE-2000-1059

The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.

7.2CVSS6.5AI score0.00047EPSS
CVE
CVEadded 2000/05/17 4:0 a.m.41 views

CVE-1999-1008

xsoldier program allows local users to gain root access via a long argument.

7.2CVSS6.9AI score0.00152EPSS
CVE
CVEadded 2000/07/19 4:0 a.m.41 views

CVE-2000-0607

Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.

7.2CVSS7.3AI score0.00111EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.41 views

CVE-2004-1171

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to...

2.1CVSS6.2AI score0.00115EPSS
CVE
CVEadded 2005/07/26 4:0 a.m.41 views

CVE-2005-2377

nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and o...

5CVSS6.6AI score0.00739EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.40 views

CVE-2000-0883

The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.

5CVSS6.7AI score0.05259EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.40 views

CVE-2000-1042

Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.

10CVSS7.1AI score0.00498EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.40 views

CVE-2001-0140

arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

1.2CVSS6.4AI score0.00068EPSS
CVE
CVEadded 2002/03/15 5:0 a.m.40 views

CVE-2001-1190

The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.

4.6CVSS6.8AI score0.00074EPSS
CVE
CVEadded 2005/07/14 4:0 a.m.40 views

CVE-2002-2001

jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.

1.2CVSS6.4AI score0.00068EPSS
CVE
CVEadded 2004/08/06 4:0 a.m.40 views

CVE-2004-0587

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

2.1CVSS6AI score0.00046EPSS
CVE
CVEadded 2005/08/17 4:0 a.m.40 views

CVE-2004-2394

Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.

2.1CVSS6.7AI score0.00078EPSS
CVE
CVEadded 2005/08/17 4:0 a.m.40 views

CVE-2004-2395

Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.

2.1CVSS6.3AI score0.00065EPSS
CVE
CVEadded 2004/07/07 4:0 a.m.39 views

CVE-2004-0402

Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.

4.6CVSS7.1AI score0.00098EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.37 views

CVE-2001-0912

Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.

7.2CVSS6.6AI score0.00046EPSS
CVE
CVEadded 2004/01/05 5:0 a.m.37 views

CVE-2003-1020

The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).

5CVSS6.6AI score0.00543EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.36 views

CVE-2000-0454

Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.

7.2CVSS7.2AI score0.00144EPSS
CVE
CVEadded 2001/09/12 4:0 a.m.35 views

CVE-1999-1477

Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack.

7.2CVSS7.2AI score0.00102EPSS
CVE
CVEadded 2001/09/18 4:0 a.m.35 views

CVE-2001-0481

Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.

7.2CVSS6.5AI score0.00056EPSS
CVE
CVEadded 2001/06/27 4:0 a.m.35 views

CVE-2001-0496

kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.

4.6CVSS6.8AI score0.00067EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.33 views

CVE-2000-1043

Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.

10CVSS6.8AI score0.00461EPSS
CVE
CVEadded 2000/10/20 4:0 a.m.31 views

CVE-2000-0718

A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.

1.2CVSS6.6AI score0.00057EPSS
Total number of security vulnerabilities134