Mandrake Linux Security Vulnerabilities and Issues — Mandrake Linux CVE List

Lucene search

MandrakesoftMandrake Linux

50 matches found

CVE•added 2005/03/04 5:0 a.m.•94 views

CVE-2005-0605

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

7.5CVSS9.6AI score0.02838EPSS

CVE•added 2006/03/21 2:6 a.m.•90 views

CVE-2006-0745

X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line opt...

7.2CVSS6.7AI score0.00129EPSS

CVE•added 2004/12/23 5:0 a.m.•85 views

CVE-2004-0803

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

7.5CVSS9.8AI score0.17883EPSS

CVE•added 2007/02/06 2:28 a.m.•85 views

CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.

7.5CVSS7AI score0.04939EPSS

CVE•added 2001/05/07 4:0 a.m.•72 views

CVE-2001-0279

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

7.2CVSS6.8AI score0.00216EPSS

CVE•added 2004/12/06 5:0 a.m.•69 views

CVE-2004-0496

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

7.2CVSS6.5AI score0.0006EPSS

CVE•added 2004/09/24 4:0 a.m.•69 views

CVE-2004-0827

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

7.5CVSS7.5AI score0.03692EPSS

CVE•added 2005/03/01 5:0 a.m.•68 views

CVE-2004-1051

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

7.2CVSS6.8AI score0.0011EPSS

CVE•added 2003/07/24 4:0 a.m.•66 views

CVE-2003-0434

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.

7.5CVSS7.5AI score0.25515EPSS

CVE•added 2004/12/31 5:0 a.m.•66 views

CVE-2004-0817

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

7.5CVSS7.2AI score0.03598EPSS

CVE•added 2001/01/22 5:0 a.m.•63 views

CVE-2000-1095

modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.

7.2CVSS7.2AI score0.00211EPSS

CVE•added 2004/09/28 4:0 a.m.•58 views

CVE-2004-0500

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

7.5CVSS7.7AI score0.03264EPSS

CVE•added 2001/01/22 5:0 a.m.•57 views

CVE-2000-0867

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

7.2CVSS6.5AI score0.00071EPSS

CVE•added 2000/10/13 4:0 a.m.•55 views

CVE-2000-0566

makewhatis in Linux man package allows local users to overwrite files via a symlink attack.

7.2CVSS6.2AI score0.00083EPSS

CVE•added 2005/01/27 5:0 a.m.•55 views

CVE-2004-0935

Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5CVSS6.4AI score0.132EPSS

CVE•added 2001/01/09 5:0 a.m.•54 views

CVE-2000-1134

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing <

7.2CVSS6.2AI score0.00177EPSS

CVE•added 2004/12/23 5:0 a.m.•54 views

CVE-2004-0834

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.

7.2CVSS7AI score0.00051EPSS

CVE•added 2005/01/10 5:0 a.m.•54 views

CVE-2004-1096

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5CVSS6.3AI score0.20253EPSS

CVE•added 2005/05/04 4:0 a.m.•54 views

CVE-2004-1307

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflo...

7.5CVSS7.7AI score0.05111EPSS

CVE•added 2000/04/18 4:0 a.m.•53 views

CVE-2000-0052

Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.

7.2CVSS6.9AI score0.00311EPSS

CVE•added 2002/06/25 4:0 a.m.•53 views

CVE-2001-1030

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

7.5CVSS6.5AI score0.00184EPSS

CVE•added 2005/01/10 5:0 a.m.•53 views

CVE-2004-1158

Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the...

7.5CVSS6.4AI score0.03863EPSS

CVE•added 2001/06/27 4:0 a.m.•52 views

CVE-2001-0458

Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.

7.5CVSS7.3AI score0.01717EPSS

CVE•added 2004/10/20 4:0 a.m.•52 views

CVE-2004-0746

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

7.5CVSS6.7AI score0.01495EPSS

CVE•added 2005/01/27 5:0 a.m.•52 views

CVE-2004-0933

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection v...

7.5CVSS6.4AI score0.30032EPSS

CVE•added 2005/01/27 5:0 a.m.•52 views

CVE-2004-0936

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5CVSS6.4AI score0.132EPSS

CVE•added 2002/06/25 4:0 a.m.•51 views

CVE-2002-0004

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

7.2CVSS7.2AI score0.00274EPSS

CVE•added 2005/02/09 5:0 a.m.•51 views

CVE-2004-0937

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target syst...

7.5CVSS6.4AI score0.132EPSS

CVE•added 2005/01/10 5:0 a.m.•51 views

CVE-2004-1098

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

7.5CVSS6.5AI score0.00447EPSS

CVE•added 2001/06/27 4:0 a.m.•50 views

CVE-2001-0441

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

7.5CVSS7.8AI score0.01437EPSS

CVE•added 2005/01/27 5:0 a.m.•50 views

CVE-2004-0934

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5CVSS6.4AI score0.14187EPSS

CVE•added 2000/07/19 4:0 a.m.•49 views

CVE-2000-0606

Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.

7.2CVSS7.2AI score0.00063EPSS

CVE•added 2001/09/18 4:0 a.m.•49 views

CVE-2001-0473

Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.

7.5CVSS7.3AI score0.00811EPSS

CVE•added 2005/04/21 4:0 a.m.•49 views

CVE-2001-1449

The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.

7.5CVSS6.8AI score0.05425EPSS

CVE•added 2002/06/25 4:0 a.m.•49 views

CVE-2002-0002

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.

7.5CVSS7.4AI score0.14916EPSS

CVE•added 2004/09/01 4:0 a.m.•49 views

CVE-2002-0836

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.

7.5CVSS7.4AI score0.12437EPSS

CVE•added 2004/12/23 5:0 a.m.•49 views

CVE-2004-0805

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

7.5CVSS7.6AI score0.05835EPSS

CVE•added 2005/04/14 4:0 a.m.•49 views

CVE-2005-0020

Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.

7.2CVSS7AI score0.00082EPSS

CVE•added 2001/05/07 4:0 a.m.•48 views

CVE-2001-0128

Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

7.2CVSS6.6AI score0.00055EPSS

CVE•added 2001/09/18 4:0 a.m.•47 views

CVE-2001-0439

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

7.5CVSS7.7AI score0.01079EPSS

CVE•added 2005/01/27 5:0 a.m.•47 views

CVE-2004-0932

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being...

7.5CVSS6.3AI score0.43585EPSS

CVE•added 2000/04/10 4:0 a.m.•45 views

CVE-2000-0186

Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

7.2CVSS7.3AI score0.00063EPSS

CVE•added 2001/09/18 4:0 a.m.•43 views

CVE-2001-0440

Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.

7.5CVSS7.8AI score0.11109EPSS

CVE•added 2001/01/22 5:0 a.m.•42 views

CVE-2000-1059

The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.

7.2CVSS6.5AI score0.00047EPSS

CVE•added 2000/05/17 4:0 a.m.•41 views

CVE-1999-1008

xsoldier program allows local users to gain root access via a long argument.

7.2CVSS6.9AI score0.00152EPSS

CVE•added 2000/07/19 4:0 a.m.•41 views

CVE-2000-0607

Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.

7.2CVSS7.3AI score0.00111EPSS

CVE•added 2002/06/25 4:0 a.m.•37 views

CVE-2001-0912

Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.

7.2CVSS6.6AI score0.00046EPSS

CVE•added 2000/07/12 4:0 a.m.•36 views

CVE-2000-0454

Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.

7.2CVSS7.2AI score0.00144EPSS

CVE•added 2001/09/12 4:0 a.m.•35 views

CVE-1999-1477

Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack.

7.2CVSS7.2AI score0.00102EPSS

CVE•added 2001/09/18 4:0 a.m.•35 views

CVE-2001-0481

Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.

7.2CVSS6.5AI score0.00056EPSS