Mandrake Linux@9.1 Security Vulnerabilities and Issues — Mandrake Linux@9.1 CVE List

Lucene search

MandrakesoftMandrake Linux9.1

13 matches found

CVE•added 2004/08/06 4:0 a.m.•78 views

CVE-2004-0535

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

2.1CVSS5.7AI score0.0009EPSS

CVE•added 2004/12/06 5:0 a.m.•69 views

CVE-2004-0496

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

7.2CVSS6.5AI score0.0006EPSS

CVE•added 2004/12/06 5:0 a.m.•69 views

CVE-2004-0497

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

2.1CVSS5.7AI score0.00293EPSS

CVE•added 2003/07/24 4:0 a.m.•66 views

CVE-2003-0434

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.

7.5CVSS7.5AI score0.25515EPSS

CVE•added 2004/08/06 4:0 a.m.•64 views

CVE-2004-0461

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of servic...

10CVSS7.8AI score0.09739EPSS

CVE•added 2004/12/06 5:0 a.m.•62 views

CVE-2004-0565

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

2.1CVSS5.7AI score0.00074EPSS

CVE•added 2004/08/06 4:0 a.m.•57 views

CVE-2004-0460

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) N...

10CVSS7.8AI score0.63054EPSS

CVE•added 2004/12/23 5:0 a.m.•54 views

CVE-2004-0834

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.

7.2CVSS7AI score0.00051EPSS

CVE•added 2004/08/06 4:0 a.m.•47 views

CVE-2004-0581

ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.

4.6CVSS6.4AI score0.00079EPSS

CVE•added 2005/08/17 4:0 a.m.•47 views

CVE-2004-2392

libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.

5CVSS6.5AI score0.00956EPSS

CVE•added 2005/08/17 4:0 a.m.•40 views

CVE-2004-2394

Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.

2.1CVSS6.7AI score0.00078EPSS

CVE•added 2005/08/17 4:0 a.m.•40 views

CVE-2004-2395

Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.

2.1CVSS6.3AI score0.00065EPSS

CVE•added 2004/01/05 5:0 a.m.•37 views

CVE-2003-1020

The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).

5CVSS6.6AI score0.00543EPSS