Mandrake Linux Corporate Server

mandrake_linux_corporate_server

Vendor: Mandrakesoft • 54 CVEs

CVEs (54)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-6284 3Debian MandrakesoftRedhat 4Debian Linux FedoraMandrake Linux+1 more Apr 23, 2026 Jan 12, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
CVE-2007-0454 3Debian MandrakesoftSamba 5Debian Linux Mandrake LinuxMandrake Linux Corporate Server+2 more Apr 23, 2026 Feb 6, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which...Show more Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.Show less
CVE-2005-3626 18Conectiva DebianEasy Software Products+15 more 33Cups Debian LinuxEnterprise Linux+30 more Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null derefer...Show more Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.Show less
CVE-2005-3625 18Conectiva DebianEasy Software Products+15 more 33Cups Debian LinuxEnterprise Linux+30 more Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated usi...Show more Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."Show less
CVE-2005-3624 18Conectiva DebianEasy Software Products+15 more 33Cups Debian LinuxEnterprise Linux+30 more Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDe...Show more The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.Show less
CVE-2005-2377 1Mandrakesoft 2Mandrake Linux Mandrake Linux Corporate Server Apr 16, 2026 Jul 26, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory serve...Show more nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE.Show less
CVE-2005-0206 15Ascii CstexDebian+12 more 22Advanced Linux Environment CstetexCups+19 more Apr 16, 2026 Apr 27, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the origin...Show more The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.Show less
CVE-2005-0085 4Htdig MandrakesoftRedhat+1 more 5Fedora Core HtdigMandrake Linux+2 more Apr 16, 2026 Apr 27, 2005 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displaye...Show more Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.Show less
CVE-2005-0020 2Mandrakesoft Playmidi 3Mandrake Linux Mandrake Linux Corporate ServerPlaymidi Apr 16, 2026 Apr 14, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.
CVE-2005-0003 4Avaya LinuxMandrakesoft+1 more 15Converged Communications Server Enterprise LinuxEnterprise Linux Desktop+12 more Apr 16, 2026 Apr 14, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (...Show more The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.Show less
CVE-2004-1235 7Avaya ConectivaLinux+4 more 20Converged Communications Server Enterprise LinuxEnterprise Linux Desktop+17 more Apr 16, 2026 Apr 14, 2005 N/A· v4 N/A· v3 6.2 MEDIUM· v2 Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA d...Show more Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.Show less
CVE-2005-0473 3Mandrakesoft RedhatRob Flynn 5Enterprise Linux Enterprise Linux DesktopGaim+2 more Apr 16, 2026 Mar 14, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0...Show more The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.Show less
CVE-2005-0472 3Mandrakesoft RedhatRob Flynn 5Enterprise Linux Enterprise Linux DesktopGaim+2 more Apr 16, 2026 Mar 14, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
CVE-2005-0605 8Altlinux LesstifMandrakesoft+5 more 11Alt Linux Enterprise LinuxEnterprise Linux Desktop+8 more Apr 16, 2026 Mar 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVE-2004-1051 5Debian MandrakesoftTodd Miller+2 more 7Debian Linux Mandrake LinuxMandrake Linux Corporate Server+4 more Apr 16, 2026 Mar 1, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without usin...Show more sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.Show less
CVE-2004-0983 4Gentoo MandrakesoftUbuntu+1 more 5Linux Mandrake LinuxMandrake Linux Corporate Server+2 more Apr 16, 2026 Mar 1, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
CVE-2004-0977 4Mandrakesoft PostgresqlRedhat+1 more 6Enterprise Linux Enterprise Linux DesktopMandrake Linux+3 more Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.
CVE-2004-0975 3Gentoo MandrakesoftOpenssl 5Linux Mandrake LinuxMandrake Linux Corporate Server+2 more Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
CVE-2004-0974 3Mandrakesoft NetatalkRedhat 4Fedora Core Mandrake LinuxMandrake Linux Corporate Server+1 more Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
CVE-2004-1098 3Mandrakesoft Roaring PenguinSuse 4Mandrake Linux Mandrake Linux Corporate ServerMimedefang+1 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

12 3 Next