Filtered by vendor Mandrakesoft
Subscribe
Total
150 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1051 | 5 Debian, Mandrakesoft, Todd Miller and 2 more | 7 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2017-07-10 | 7.2 HIGH | N/A |
| sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. | |||||
| CVE-2004-1188 | 3 Mandrakesoft, Mplayer, Xine | 4 Mandrake Linux, Mplayer, Xine and 1 more | 2017-07-10 | 10.0 HIGH | N/A |
| The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187. | |||||
| CVE-2004-0805 | 2 Mandrakesoft, Mpg123 | 3 Mandrake Linux, Mandrake Linux Corporate Server, Mpg123 | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file. | |||||
| CVE-2004-0386 | 3 Gentoo, Mandrakesoft, Mplayer | 3 Linux, Mandrake Linux, Mplayer | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. | |||||
| CVE-2004-0402 | 2 Mandrakesoft, Xpcd | 2 Mandrake Linux, Xpcd | 2017-07-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code. | |||||
| CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | |||||
| CVE-2003-1020 | 2 Irssi, Mandrakesoft | 2 Irssi, Mandrake Linux | 2017-07-10 | 5.0 MEDIUM | N/A |
| The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash). | |||||
| CVE-2001-1449 | 2 Apache, Mandrakesoft | 4 Http Server, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2017-07-10 | 7.5 HIGH | N/A |
| The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. | |||||
| CVE-2002-1713 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-07-10 | 2.1 LOW | N/A |
| The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. | |||||
| CVE-2005-1379 | 1 Mandrakesoft | 1 Mandrake Lam-runtime | 2016-10-17 | 4.6 MEDIUM | N/A |
| The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges. | |||||
| CVE-2002-0836 | 3 Hp, Mandrakesoft, Redhat | 3 Secure Os, Mandrake Linux, Linux | 2016-10-17 | 7.5 HIGH | N/A |
| dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | |||||
| CVE-2002-0638 | 3 Hp, Mandrakesoft, Redhat | 5 Secure Os, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2016-10-17 | 6.2 MEDIUM | N/A |
| setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | |||||
| CVE-2002-0083 | 9 Conectiva, Engardelinux, Immunix and 6 more | 11 Linux, Secure Linux, Immunix and 8 more | 2016-10-17 | 10.0 HIGH | N/A |
| Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. | |||||
| CVE-2001-1385 | 2 Mandrakesoft, Php | 2 Mandrake Linux, Php | 2016-10-17 | 5.0 MEDIUM | N/A |
| The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts. | |||||
| CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2016-10-17 | 7.2 HIGH | N/A |
| xsoldier program allows local users to gain root access via a long argument. | |||||
| CVE-2008-0386 | 2 Gentoo, Mandrakesoft | 2 Xdg-utils, Mandrake Linux | 2011-03-07 | 6.8 MEDIUM | N/A |
| Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email. | |||||
| CVE-2005-0503 | 2 Mandrakesoft, Uim | 2 Mandrake Linux, Uim | 2008-09-10 | 4.6 MEDIUM | N/A |
| uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges. | |||||
| CVE-2002-2001 | 2 Jmcce, Mandrakesoft | 2 Jmcce, Mandrake Linux | 2008-09-10 | 1.2 LOW | N/A |
| jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2000-0607 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. | |||||
| CVE-2000-0606 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. | |||||