Mandrakesoft Mandrake Linux — known CVE vulnerabilities
Every CVE whose affected-product data names Mandrakesoft Mandrake Linux, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (134)
CVE-2004-1188 — CVSS 10.0 (critical): The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify…
CVE-2004-0460 — CVSS 10.0 (critical): Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause…
CVE-2000-1043 — CVSS 10.0 (critical): Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to…
CVE-2000-0844 — CVSS 10.0 (critical): Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local…
CVE-2000-1042 — CVSS 10.0 (critical): Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root…
CVE-2004-0461 — CVSS 10.0 (critical): The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function…
CVE-2004-1187 — CVSS 10.0 (critical): Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows…
CVE-2004-0386 — CVSS 10.0 (critical): Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a…
CVE-2005-3625 — CVSS 10.0 (critical): Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
CVE-2003-0041 — CVSS 10.0 (critical): Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the…
CVE-2002-0083 — CVSS 9.8 (critical): Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2003-0434 — CVSS 7.5 (high): Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell…
CVE-2004-0746 — CVSS 7.5 (high): Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and…
CVE-2004-0500 — CVSS 7.5 (high): Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of…
CVE-2007-0454 — CVSS 7.5 (high): Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute…
CVE-2005-0605 — CVSS 7.5 (high): scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVE-2004-1307 — CVSS 7.5 (high): Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code…
CVE-2004-1158 — CVSS 7.5 (high): Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from…
CVE-2004-1098 — CVSS 7.5 (high): MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that…
CVE-2004-1096 — CVSS 7.5 (high): Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus…
CVE-2004-0937 — CVSS 7.5 (high): Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass…
CVE-2004-0936 — CVSS 7.5 (high): RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero…
CVE-2004-0935 — CVSS 7.5 (high): Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both…
CVE-2004-0934 — CVSS 7.5 (high): Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to…
CVE-2001-0439 — CVSS 7.5 (high): licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
CVE-2001-0440 — CVSS 7.5 (high): Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute…
CVE-2001-0441 — CVSS 7.5 (high): Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute…
CVE-2001-0458 — CVSS 7.5 (high): Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
CVE-2001-0473 — CVSS 7.5 (high): Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
CVE-2004-0933 — CVSS 7.5 (high): Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure…
CVE-2004-0932 — CVSS 7.5 (high): McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote…
CVE-2001-1030 — CVSS 7.5 (high): Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and…
CVE-2004-0827 — CVSS 7.5 (high): Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a…
CVE-2001-1449 — CVSS 7.5 (high): The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers…
CVE-2002-0002 — CVSS 7.5 (high): Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious…
CVE-2002-0836 — CVSS 7.5 (high): dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute…
CVE-2004-0817 — CVSS 7.5 (high): Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
CVE-2004-0805 — CVSS 7.5 (high): Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1)…
CVE-2004-0803 — CVSS 7.5 (high): Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer…
CVE-2004-0496 — CVSS 7.2 (high): Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of…
CVE-2004-0834 — CVSS 7.2 (high): Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2)…
CVE-2001-0912 — CVSS 7.2 (high): Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before…
CVE-2000-0566 — CVSS 7.2 (high): makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
CVE-2000-0454 — CVSS 7.2 (high): Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
CVE-1999-1477 — CVSS 7.2 (high): Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack.
CVE-2000-0052 — CVSS 7.2 (high): Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
CVE-2000-0867 — CVSS 7.2 (high): Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root…
CVE-2000-1059 — CVSS 7.2 (high): The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an…
CVE-2000-1095 — CVSS 7.2 (high): modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
CVE-2000-1134 — CVSS 7.2 (high): Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing <<…
CVE-2006-0745 — CVSS 7.2 (high): X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the…
CVE-2000-0607 — CVSS 7.2 (high): Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file…
CVE-2000-0606 — CVSS 7.2 (high): Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long…
CVE-2001-0128 — CVSS 7.2 (high): Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain…
CVE-2000-0186 — CVSS 7.2 (high): Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line…
CVE-2002-0004 — CVSS 7.2 (high): Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes…
CVE-2001-0481 — CVSS 7.2 (high): Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.
CVE-2004-1051 — CVSS 7.2 (high): sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that…
CVE-2005-0085 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or…
CVE-2002-0638 — CVSS 6.2 (medium): setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a…
CVE-2004-1235 — CVSS 6.2 (medium): Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6…
CVE-2002-1713 — CVSS 5.5 (medium): The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable…
CVE-2004-0802 — CVSS 5.1 (medium): Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP…
CVE-2001-0977 — CVSS 5.0 (medium): slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid…
CVE-2000-0508 — CVSS 5.0 (medium): rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
CVE-2000-0594 — CVSS 5.0 (medium): BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an…
CVE-2000-0883 — CVSS 5.0 (medium): The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable…
CVE-2001-0108 — CVSS 5.0 (medium): PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an…
CVE-2001-0136 — CVSS 5.0 (medium): Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE…
CVE-2001-1385 — CVSS 5.0 (medium): The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for…
CVE-2003-1020 — CVSS 5.0 (medium): The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).
CVE-2004-0633 — CVSS 5.0 (medium): The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer…
CVE-2004-0634 — CVSS 5.0 (medium): The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a…
CVE-2004-0635 — CVSS 5.0 (medium): The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1)…
CVE-2004-0807 — CVSS 5.0 (medium): Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed…
CVE-2004-0809 — CVSS 5.0 (medium): The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain…
CVE-2004-0886 — CVSS 5.0 (medium): Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption)…
CVE-2004-0983 — CVSS 5.0 (medium): The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU…
CVE-2004-1014 — CVSS 5.0 (medium): statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server…
CVE-2004-1180 — CVSS 5.0 (medium): Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of…
CVE-2004-2392 — CVSS 5.0 (medium): libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read…
CVE-2005-0472 — CVSS 5.0 (medium): Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
CVE-2005-0473 — CVSS 5.0 (medium): The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML…
CVE-2005-1267 — CVSS 5.0 (medium): The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows…
CVE-2005-2377 — CVSS 5.0 (medium): nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly…
CVE-2005-3624 — CVSS 5.0 (medium): The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others…
CVE-2005-3626 — CVSS 5.0 (medium): Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
CVE-2007-6284 — CVSS 5.0 (medium): The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via…
CVE-2002-2185 — CVSS 4.9 (medium): The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's…
CVE-2001-1190 — CVSS 4.6 (medium): The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of…
CVE-2002-1814 — CVSS 4.6 (medium): Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
CVE-2004-0402 — CVSS 4.6 (medium): Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.
CVE-2004-0581 — CVSS 4.6 (medium): ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a…
CVE-2001-0496 — CVSS 4.6 (medium): kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain…
CVE-2005-0503 — CVSS 4.6 (medium): uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to…
CVE-2008-0595 — CVSS 4.6 (medium): dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy…
CVE-2001-0736 — CVSS 2.1 (low): Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary…
CVE-2000-0633 — CVSS 2.1 (low): Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
CVE-2004-1171 — CVSS 2.1 (low): KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol…
CVE-2004-0977 — CVSS 2.1 (low): The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary…
CVE-2000-0336 — CVSS 2.1 (low): Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
CVE-2001-0474 — CVSS 2.1 (low): Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the…
CVE-2001-0416 — CVSS 2.1 (low): sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that…
CVE-2001-0178 — CVSS 2.1 (low): kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which…
CVE-2001-0169 — CVSS 2.1 (low): When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in…
CVE-2004-0974 — CVSS 2.1 (low): The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files…
CVE-2004-0975 — CVSS 2.1 (low): The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to…
CVE-2000-0184 — CVSS 2.1 (low): Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer…
CVE-2004-2394 — CVSS 2.1 (low): Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password…
CVE-2004-0497 — CVSS 2.1 (low): Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVE-2004-0535 — CVSS 2.1 (low): The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read…
CVE-2004-0559 — CVSS 2.1 (low): The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on…
CVE-2004-0565 — CVSS 2.1 (low): Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which…
CVE-2004-0587 — CVSS 2.1 (low): Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
CVE-2004-2395 — CVSS 2.1 (low): Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts…
CVE-2005-0003 — CVSS 2.1 (low): The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual…
CVE-1999-1572 — CVSS 2.1 (low): cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O…
CVE-2001-0125 — CVSS 1.2 (low): exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
CVE-2000-0718 — CVSS 1.2 (low): A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
CVE-2001-0142 — CVSS 1.2 (low): squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2001-0120 — CVSS 1.2 (low): useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
CVE-2001-0138 — CVSS 1.2 (low): privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
CVE-2003-0462 — CVSS 1.2 (low): A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux…
CVE-2001-0139 — CVSS 1.2 (low): inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2002-2001 — CVSS 1.2 (low): jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a…