Mandrake Linux

mandrake_linux

Vendor: Mandrakesoft • 134 CVEs

CVEs (134)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2004-0461 5Infoblox IscMandrakesoft+2 more 11Dhcpd Dns One ApplianceFedora Core+8 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, w...Show more The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.Show less
CVE-2004-0460 5Infoblox IscMandrakesoft+2 more 11Dhcpd Dns One ApplianceFedora Core+8 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multi...Show more Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.Show less
CVE-2004-0402 2Mandrakesoft Xpcd 2Mandrake Linux Xpcd Apr 16, 2026 Jul 7, 2004 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.
CVE-2004-0386 3Gentoo MandrakesoftMplayer 3Linux Mandrake LinuxMplayer Apr 16, 2026 May 4, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
CVE-2004-1180 3Debian MandrakesoftSun 5Debian Linux Mandrake LinuxMandrake Linux Corporate Server+2 more Apr 16, 2026 Feb 16, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
CVE-2003-1020 2Irssi Mandrakesoft 2Irssi Mandrake Linux Apr 16, 2026 Jan 5, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).
CVE-2003-0462 2Linux Mandrakesoft 4Linux Kernel Mandrake LinuxMandrake Linux Corporate Server+1 more Apr 16, 2026 Aug 27, 2003 N/A· v4 N/A· v3 1.2 LOW· v2 A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
CVE-2003-0434 4Adobe MandrakesoftRedhat+1 more 7Acrobat Enterprise LinuxLinux+4 more Apr 16, 2026 Jul 24, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
CVE-2003-0041 3Mandrakesoft MitRedhat 4Kerberos Ftp Client LinuxMandrake Linux+1 more Apr 16, 2026 Feb 19, 2003 N/A· v4 N/A· v3 10.0 HIGH· v2 Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (\|) character in a filename that is retrieved by the client.
CVE-2002-2185 6Debian MandrakesoftMicrosoft+3 more 11Debian Linux Enterprise LinuxEnterprise Linux Desktop+8 more Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target t...Show more The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.Show less
CVE-2002-2001 2Jmcce Mandrakesoft 2Jmcce Mandrake Linux Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 1.2 LOW· v2 jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2002-1814 4Gnome MandrakesoftRedhat+1 more 4Bonobo LinuxMandrake Linux+1 more Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
CVE-2002-1713 1Mandrakesoft 1Mandrake Linux Apr 16, 2026 Dec 31, 2002 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files.
CVE-2002-0836 3Hp MandrakesoftRedhat 3Linux Mandrake LinuxSecure Os Apr 16, 2026 Oct 28, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
CVE-2002-0638 3Hp MandrakesoftRedhat 5Linux Mandrake LinuxMandrake Linux Corporate Server+2 more Apr 16, 2026 Aug 12, 2002 N/A· v4 N/A· v3 6.2 MEDIUM· v2 setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain pri...Show more setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.Show less
CVE-2002-0083 9Conectiva EngardelinuxImmunix+6 more 11Immunix LinuxLinux+8 more Apr 16, 2026 Mar 15, 2002 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2002-0004 8Caldera DebianFreebsd+5 more 9Debian Linux FreebsdLinux+6 more Apr 16, 2026 Feb 27, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
CVE-2002-0002 4Engardelinux MandrakesoftRedhat+1 more 4Linux Mandrake LinuxSecure Linux+1 more Apr 16, 2026 Jan 31, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
CVE-2001-1190 1Mandrakesoft 1Mandrake Linux Apr 16, 2026 Dec 12, 2001 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.
CVE-2001-0912 1Mandrakesoft 1Mandrake Linux Apr 16, 2026 Nov 30, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.

Previous 1 2 345 6 7 Next