Filtered by vendor Mandrakesoft Subscriptions
Total 151 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-0116 3 Immunix, Mandrakesoft, Redhat 3 Immunix, Mandrake Linux, Linux 2025-04-03 N/A
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
CVE-2001-0142 5 Immunix, Mandrakesoft, National Science Foundation and 2 more 5 Immunix, Mandrake Linux, Squid Web Proxy and 2 more 2025-04-03 N/A
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2001-0912 1 Mandrakesoft 1 Mandrake Linux 2025-04-03 N/A
Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.
CVE-2002-0002 4 Engardelinux, Mandrakesoft, Redhat and 1 more 4 Secure Linux, Mandrake Linux, Linux and 1 more 2025-04-03 N/A
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
CVE-2002-0836 3 Hp, Mandrakesoft, Redhat 4 Secure Os, Mandrake Linux, Enterprise Linux and 1 more 2025-04-03 N/A
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
CVE-2004-0386 3 Gentoo, Mandrakesoft, Mplayer 3 Linux, Mandrake Linux, Mplayer 2025-04-03 N/A
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
CVE-2004-0500 4 Gentoo, Mandrakesoft, Redhat and 1 more 4 Linux, Mandrake Linux, Enterprise Linux and 1 more 2025-04-03 N/A
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
CVE-2004-0746 5 Gentoo, Kde, Mandrakesoft and 2 more 6 Linux, Kde, Konqueror and 3 more 2025-04-03 N/A
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
CVE-2004-2392 2 Mandrakesoft, Redhat 3 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux 2025-04-03 N/A
libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.
CVE-2004-2394 1 Mandrakesoft 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall 2025-04-03 N/A
Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.
CVE-2004-2395 1 Mandrakesoft 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall 2025-04-03 N/A
Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.
CVE-2005-0020 2 Mandrakesoft, Playmidi 3 Mandrake Linux, Mandrake Linux Corporate Server, Playmidi 2025-04-03 N/A
Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.
CVE-2005-1379 1 Mandrakesoft 1 Mandrake Lam-runtime 2025-04-03 N/A
The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges.
CVE-2000-0454 1 Mandrakesoft 1 Mandrake Linux 2025-04-03 N/A
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
CVE-2004-1051 5 Debian, Mandrakesoft, Todd Miller and 2 more 7 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 4 more 2025-04-03 N/A
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
CVE-2000-0606 3 Debian, Mandrakesoft, Redhat 3 Debian Linux, Mandrake Linux, Linux 2025-04-03 N/A
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
CVE-2000-0607 3 Debian, Mandrakesoft, Redhat 3 Debian Linux, Mandrake Linux, Linux 2025-04-03 N/A
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
CVE-2000-0718 1 Mandrakesoft 1 Mandrake Linux 2025-04-03 N/A
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
CVE-2000-0883 1 Mandrakesoft 1 Mandrake Linux 2025-04-03 N/A
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
CVE-2000-1042 1 Mandrakesoft 1 Mandrake Linux 2025-04-03 N/A
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.