Mandrakesoft Mandrake Linux vulnerabilities

CVE-2000-0633 [LOW] CVE-2000-0633: Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.

CVE-2000-0594 [MEDIUM] CVE-2000-0594: BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attacker BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.

CVE-2000-0566 [HIGH] CVE-2000-0566: makewhatis in Linux man package allows local users to overwrite files via a symlink attack. makewhatis in Linux man package allows local users to overwrite files via a symlink attack.

CVE-2000-0607 [HIGH] CVE-2000-0607: Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to g Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.

CVE-2000-0606 [HIGH] CVE-2000-0606: Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to g Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.

CVE-2000-0454 [HIGH] CVE-2000-0454: Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.

CVE-1999-1008 [HIGH] CVE-1999-1008: xsoldier program allows local users to gain root access via a long argument. xsoldier program allows local users to gain root access via a long argument.

CVE-2000-0336 [LOW] CVE-2000-0336: Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.

CVE-2000-0184 [LOW] CVE-2000-0184: Linux printtool sets the permissions of printer configuration files to be world-readable, which allo Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.

CVE-2000-0186 [HIGH] CVE-2000-0186: Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain pr Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

CVE-2000-0052 [HIGH] CVE-2000-0052: Red Hat userhelper program in the usermode package allows local users to gain root access via PAM an Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.

CVE-1999-1477 [HIGH] CVE-1999-1477: Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack.

CVE-1999-1572 [LOW] CVE-1999-1572: cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask wh cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.

CVE-2000-0508 [MEDIUM] CVE-2000-0508: rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a ma rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.