cbcvebase.

Mandrakesoft Mandrake Linux vulnerabilities

134 known vulnerabilities affecting mandrakesoft/mandrake_linux.

Total CVEs
134
CISA KEV
0
Public exploits
36
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH50MEDIUM38LOW34

Vulnerabilities

Page 2 of 7
CVE-2000-1095P4HIGHCVSS 7.2PoCv7.22001-01-09
CVE-2000-1095 [HIGH] CVE-2000-1095: modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary com modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
nvd
CVE-2000-0883P4MEDIUMCVSS 5.0PoCv6.1v7.0+1 more2000-11-14
CVE-2000-0883 [MEDIUM] CVE-2000-0883: The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
nvd
CVE-2002-0004P4HIGHCVSS 7.2PoCv8.0v8.12002-02-27
CVE-2002-0004 [HIGH] CVE-2002-0004: Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
nvd
CVE-2000-0454P4HIGHCVSS 7.2PoCv7.02000-05-29
CVE-2000-0454 [HIGH] CVE-2000-0454: Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
nvd
CVE-1999-1008P4HIGHCVSS 7.2PoCv7.02000-05-17
CVE-1999-1008 [HIGH] CVE-1999-1008: xsoldier program allows local users to gain root access via a long argument. xsoldier program allows local users to gain root access via a long argument.
nvd
CVE-1999-1477P4HIGHCVSS 7.2PoCv6.01999-09-23
CVE-1999-1477 [HIGH] CVE-1999-1477: Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack.
nvd
CVE-2004-0461P3CRITICALCVSS 10.0v9.0v9.1+2 more2004-08-06
CVE-2004-0461 [CRITICAL] CVE-2004-0461: The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
nvd
CVE-2000-0594P4MEDIUMCVSS 5.0PoCv20072000-07-04
CVE-2000-0594 [MEDIUM] CVE-2000-0594: BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attacker BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
nvd
CVE-2007-0454P3HIGHCVSS 7.5v20062007-02-06
CVE-2007-0454 [HIGH] CWE-134 CVE-2007-0454: Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows contex Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.
nvd
CVE-2000-0607P4HIGHCVSS 7.2PoCv6.1v7.0+1 more2000-06-21
CVE-2000-0607 [HIGH] CVE-2000-0607: Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to g Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
nvd
CVE-2000-0052P4HIGHCVSS 7.2PoCv6.0v6.12000-01-04
CVE-2000-0052 [HIGH] CVE-2000-0052: Red Hat userhelper program in the usermode package allows local users to gain root access via PAM an Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
nvd
CVE-2004-0803P3HIGHCVSS 7.5v10.02004-12-23
CVE-2004-0803 [HIGH] CVE-2004-0803: Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, re Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
nvd
CVE-2002-0836P3HIGHCVSS 7.5v7.2v8.0+3 more2002-10-28
CVE-2002-0836 [HIGH] CVE-2002-0836: dvips converter for Postscript files in the tetex package calls the system() function insecurely, wh dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
nvd
CVE-2000-1134P4HIGHCVSS 7.2PoCv6.0v6.1+3 more2001-01-09
CVE-2000-1134 [HIGH] CVE-2000-1134: Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
nvd
CVE-2000-0508P4MEDIUMCVSS 5.0PoCv6.0v6.1+1 more1994-12-19
CVE-2000-0508 [MEDIUM] CVE-2000-0508: rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a ma rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
nvd
CVE-2004-1307P3HIGHCVSS 7.5v10.0v10.12004-12-21
CVE-2004-1307 [HIGH] CVE-2004-1307: Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remot Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
nvd
CVE-2003-0041P3CRITICALCVSS 10.0v8.1v8.2+1 more2003-02-19
CVE-2003-0041 [CRITICAL] CWE-78 CVE-2003-0041: Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
nvd
CVE-2004-1187P4CRITICALCVSS 10.0v10.0v10.12005-01-10
CVE-2004-1187 [CRITICAL] CVE-2004-1187: Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.
nvd
CVE-2000-1042P4CRITICALCVSS 10.0v6.1v7.0+1 more2000-12-11
CVE-2000-1042 [CRITICAL] CVE-2000-1042: Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating syst Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
nvd
CVE-2000-1043P4CRITICALCVSS 10.0v6.1v7.0+1 more2000-12-11
CVE-2000-1043 [CRITICAL] CVE-2000-1043: Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux op Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
nvd
Mandrakesoft Mandrake Linux vulnerabilities | cvebase