Mandrake Linux
Products
5- 3 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1713 | Med | 0.36 | 5.5 | 0.00 | Dec 31, 2002 | The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. | ||
| CVE-2005-1379 | 0.00 | — | 0.00 | May 3, 2005 | The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges. | |||
| CVE-2004-0581 | 0.00 | — | 0.00 | Aug 6, 2004 | ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp. | |||
| CVE-2002-2001 | 0.00 | — | 0.00 | Dec 31, 2002 | jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2000-1042 | 0.00 | — | 0.02 | Dec 11, 2000 | Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | |||
| CVE-2000-1059 | 0.00 | — | 0.00 | Dec 11, 2000 | The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. | |||
| CVE-2000-0633 | 0.00 | — | 0.00 | Jul 18, 2000 | Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. |
- risk 0.36cvss 5.5epss 0.00
The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files.
- CVE-2005-1379May 3, 2005risk 0.00cvss —epss 0.00
The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges.
- CVE-2004-0581Aug 6, 2004risk 0.00cvss —epss 0.00
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.
- CVE-2002-2001Dec 31, 2002risk 0.00cvss —epss 0.00
jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2000-1042Dec 11, 2000risk 0.00cvss —epss 0.02
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
- CVE-2000-1059Dec 11, 2000risk 0.00cvss —epss 0.00
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.
- CVE-2000-0633Jul 18, 2000risk 0.00cvss —epss 0.00
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.