Mandrakesoft Mandrake Linux vulnerabilities
134 known vulnerabilities affecting mandrakesoft/mandrake_linux.
Total CVEs
134
CISA KEV
0
Public exploits
36
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH50MEDIUM38LOW34
Vulnerabilities
Page 1 of 7
CVE-2004-0932P3HIGHCVSS 7.5PoCv10.12005-01-27
CVE-2004-0932 [HIGH] CVE-2004-0932: McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4
McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2003-0434P3HIGHCVSS 7.5PoCv9.0v9.12003-07-24
CVE-2003-0434 [HIGH] CVE-2003-0434: Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to exe
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
nvd
CVE-2004-0386P3CRITICALCVSS 10.0PoCv9.2v10.02004-05-04
CVE-2004-0386 [CRITICAL] CVE-2004-0386: Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote att
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
nvd
CVE-2002-0083P3CRITICALCVSS 9.8PoCv7.1v7.2+2 more2002-03-15
CVE-2002-0083 [CRITICAL] CWE-193 CVE-2002-0083: Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malic
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
nvd
CVE-2000-0844P3CRITICALCVSS 10.0PoCv7.0v7.12000-11-14
CVE-2000-0844 [CRITICAL] CWE-264 CVE-2000-0844: Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected fo
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
nvd
CVE-2004-0933P3HIGHCVSS 7.5PoCv10.12005-01-27
CVE-2004-0933 [HIGH] CVE-2004-0933: Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for t
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to z
nvd
CVE-2004-1096P3HIGHCVSS 7.5PoCv10.12005-01-10
CVE-2004-1096 [HIGH] CVE-2004-1096: Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows re
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0935P3HIGHCVSS 7.5PoCv10.12005-01-27
CVE-2004-0935 [HIGH] CVE-2004-0935: Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus prote
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0937P3HIGHCVSS 7.5PoCv10.12005-02-09
CVE-2004-0937 [HIGH] CVE-2004-0937: Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, all
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0936P3HIGHCVSS 7.5PoCv10.12005-01-27
CVE-2004-0936 [HIGH] CVE-2004-0936: RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0934P3HIGHCVSS 7.5PoCv10.12005-01-27
CVE-2004-0934 [HIGH] CVE-2004-0934: Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file wi
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2002-0002P3HIGHCVSS 7.5PoCv8.12002-01-31
CVE-2002-0002 [HIGH] CVE-2002-0002: Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, o
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
nvd
CVE-2004-0460P3CRITICALCVSS 10.0v9.0v9.1+2 more2004-08-06
CVE-2004-0460 [CRITICAL] CVE-2004-0460: Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing t
nvd
CVE-2001-0440P4HIGHCVSS 7.5PoCv7.1v7.22001-07-02
CVE-2001-0440 [HIGH] CVE-2001-0440: Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
nvd
CVE-2001-0136P4MEDIUMCVSS 5.0PoCv7.22001-03-12
CVE-2001-0136 [MEDIUM] CWE-401 CVE-2001-0136: Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
nvd
CVE-2006-0745P4HIGHCVSS 7.2PoCv20062006-03-21
CVE-2006-0745 [HIGH] CVE-2006-0745: X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
nvd
CVE-2004-0633P4MEDIUMCVSS 5.0PoCv9.2v10.02004-12-06
CVE-2004-0633 [MEDIUM] CVE-2004-0633: The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of s
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
nvd
CVE-2004-1235P4MEDIUMCVSS 6.2PoCv9.2v10.0+1 more2005-04-14
CVE-2004-1235 [MEDIUM] CVE-2004-1235: Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux ke
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
nvd
CVE-2005-1267P4MEDIUMCVSS 5.0PoCv10.1v10.22005-06-10
CVE-2005-1267 [MEDIUM] CVE-2005-1267: The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the dec
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
nvd
CVE-2001-0279P4HIGHCVSS 7.2PoCv7.1v7.22001-05-03
CVE-2001-0279 [HIGH] CVE-2001-0279: Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
nvd
1 / 7Next →