VYPR

Mandrake Linux

by Mandrakesoft

CVEs (135)

  • CVE-2001-0139Mar 12, 2001
    risk 0.00cvss epss 0.00

    inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

  • CVE-2001-0125Mar 12, 2001
    risk 0.00cvss epss 0.00

    exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

  • CVE-2001-0140Mar 12, 2001
    risk 0.00cvss epss 0.00

    arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

  • CVE-2001-1385Jan 12, 2001
    risk 0.00cvss epss 0.02

    The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.

  • CVE-2000-1042Dec 11, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.

  • CVE-2000-1059Dec 11, 2000
    risk 0.00cvss epss 0.00

    The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.

  • CVE-2000-1043Dec 11, 2000
    risk 0.00cvss epss 0.02

    Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.

  • CVE-2000-0867Nov 14, 2000
    risk 0.00cvss epss 0.00

    Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

  • CVE-2000-0718Oct 20, 2000
    risk 0.00cvss epss 0.00

    A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.

  • CVE-2000-0633Jul 18, 2000
    risk 0.00cvss epss 0.00

    Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.

  • CVE-2000-0566Jul 3, 2000
    risk 0.00cvss epss 0.00

    makewhatis in Linux man package allows local users to overwrite files via a symlink attack.

  • CVE-2000-0606Jun 21, 2000
    risk 0.00cvss epss 0.01

    Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.

  • CVE-2000-0184Mar 9, 2000
    risk 0.00cvss epss 0.00

    Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.

  • CVE-2000-0186Feb 28, 2000
    risk 0.00cvss epss 0.00

    Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

  • CVE-1999-1572Jul 16, 1996
    risk 0.00cvss epss 0.01

    cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.

Page 7 of 7