VYPR

Mandrake Linux Corporate Server

by Mandrakesoft

CVEs (54)

  • CVE-2004-0827Sep 16, 2004
    risk 0.00cvss epss 0.06

    Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

  • CVE-2004-0581Aug 6, 2004
    risk 0.00cvss epss 0.00

    ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.

  • CVE-2004-0535Aug 6, 2004
    risk 0.00cvss epss 0.00

    The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

  • CVE-2004-0587Aug 6, 2004
    risk 0.00cvss epss 0.00

    Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

  • CVE-2004-1180Feb 16, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).

  • CVE-2002-0638Aug 12, 2002
    risk 0.00cvss epss 0.01

    setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file…

  • CVE-2001-1030Jul 18, 2001
    risk 0.00cvss epss 0.02

    Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

  • CVE-2001-0977Jul 16, 2001
    risk 0.00cvss epss 0.04

    slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.

  • CVE-2001-0439Jul 2, 2001
    risk 0.00cvss epss 0.02

    licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

  • CVE-2001-0441Jun 27, 2001
    risk 0.00cvss epss 0.03

    Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

  • CVE-2001-0178Mar 26, 2001
    risk 0.00cvss epss 0.00

    kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

  • CVE-2001-0117Mar 12, 2001
    risk 0.00cvss epss 0.00

    sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

  • CVE-2001-0125Mar 12, 2001
    risk 0.00cvss epss 0.00

    exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

  • CVE-2001-0138Mar 12, 2001
    risk 0.00cvss epss 0.00

    privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

Page 3 of 3