Mandrake Linux
by Mandrakesoft
CVEs (135)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0977 | 0.00 | — | 0.04 | Jul 16, 2001 | slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. | |||
| CVE-2001-0439 | 0.00 | — | 0.02 | Jul 2, 2001 | licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||
| CVE-2001-0388 | 0.00 | — | 0.03 | Jun 27, 2001 | time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | |||
| CVE-2001-0458 | 0.00 | — | 0.02 | Jun 27, 2001 | Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. | |||
| CVE-2001-0496 | 0.00 | — | 0.00 | Jun 27, 2001 | kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges. | |||
| CVE-2001-0474 | 0.00 | — | 0.00 | Jun 27, 2001 | Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file. | |||
| CVE-2001-0416 | 0.00 | — | 0.00 | Jun 27, 2001 | sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools. | |||
| CVE-2001-0441 | 0.00 | — | 0.03 | Jun 27, 2001 | Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header. | |||
| CVE-2001-0473 | 0.00 | — | 0.02 | Jun 27, 2001 | Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | |||
| CVE-2001-0481 | 0.00 | — | 0.00 | Jun 27, 2001 | Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling. | |||
| CVE-2001-0178 | 0.00 | — | 0.00 | Mar 26, 2001 | kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | |||
| CVE-2001-0120 | 0.00 | — | 0.00 | Mar 12, 2001 | useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2001-0108 | 0.00 | — | 0.02 | Mar 12, 2001 | PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested. | |||
| CVE-2001-0117 | 0.00 | — | 0.00 | Mar 12, 2001 | sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. | |||
| CVE-2001-0116 | 0.00 | — | 0.00 | Mar 12, 2001 | gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2001-0138 | 0.00 | — | 0.00 | Mar 12, 2001 | privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2001-0140 | 0.00 | — | 0.00 | Mar 12, 2001 | arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||
| CVE-2001-0139 | 0.00 | — | 0.00 | Mar 12, 2001 | inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||
| CVE-2001-0125 | 0.00 | — | 0.00 | Mar 12, 2001 | exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file. | |||
| CVE-2001-0128 | 0.00 | — | 0.00 | Mar 12, 2001 | Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. |
- CVE-2001-0977Jul 16, 2001risk 0.00cvss —epss 0.04
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
- CVE-2001-0439Jul 2, 2001risk 0.00cvss —epss 0.02
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
- CVE-2001-0388Jun 27, 2001risk 0.00cvss —epss 0.03
time server daemon timed allows remote attackers to cause a denial of service via malformed packets.
- CVE-2001-0458Jun 27, 2001risk 0.00cvss —epss 0.02
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
- CVE-2001-0496Jun 27, 2001risk 0.00cvss —epss 0.00
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
- CVE-2001-0474Jun 27, 2001risk 0.00cvss —epss 0.00
Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file.
- CVE-2001-0416Jun 27, 2001risk 0.00cvss —epss 0.00
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
- CVE-2001-0441Jun 27, 2001risk 0.00cvss —epss 0.03
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
- CVE-2001-0473Jun 27, 2001risk 0.00cvss —epss 0.02
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
- CVE-2001-0481Jun 27, 2001risk 0.00cvss —epss 0.00
Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.
- CVE-2001-0178Mar 26, 2001risk 0.00cvss —epss 0.00
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
- CVE-2001-0120Mar 12, 2001risk 0.00cvss —epss 0.00
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
- CVE-2001-0108Mar 12, 2001risk 0.00cvss —epss 0.02
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
- CVE-2001-0117Mar 12, 2001risk 0.00cvss —epss 0.00
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
- CVE-2001-0116Mar 12, 2001risk 0.00cvss —epss 0.00
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2001-0138Mar 12, 2001risk 0.00cvss —epss 0.00
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2001-0140Mar 12, 2001risk 0.00cvss —epss 0.00
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
- CVE-2001-0139Mar 12, 2001risk 0.00cvss —epss 0.00
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
- CVE-2001-0125Mar 12, 2001risk 0.00cvss —epss 0.00
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
- CVE-2001-0128Mar 12, 2001risk 0.00cvss —epss 0.00
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
Page 6 of 7