← Back

Mandrakesoft

mandrakesoft

139 CVEs • 7 products

Products (7)

Click to collapse
Toggle
Mandrake Linux
mandrake_linux
134 CVEs
Mandrake Linux Corporate Server
mandrake_linux_corporate_server
54 CVEs
Mandrake Multi Network Firewall
mandrake_multi_network_firewall
16 CVEs
Mandrake Single Network Firewall
mandrake_single_network_firewall
5 CVEs
Mandrake Lam Runtime
mandrake_lam-runtime
1 CVE
Mandrake Linuxsoft 2007
mandrake_linuxsoft_2007
1 CVE
Mandrakesoft Corporate Server
mandrakesoft_corporate_server
0 CVEs

CVEs (139)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2004-1014
4Debian
MandrakesoftNfs+1 more
6Debian Linux
Enterprise LinuxEnterprise Linux Desktop+3 more
Apr 16, 2026
Jan 10, 2005
N/A· v4
N/A· v3
5.0 MEDIUM· v2
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
CVE-2004-2395
1Mandrakesoft
3Mandrake Linux
Mandrake Linux Corporate ServerMandrake Multi Network Firewall
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
2.1 LOW· v2
Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.
CVE-2004-2394
1Mandrakesoft
3Mandrake Linux
Mandrake Linux Corporate ServerMandrake Multi Network Firewall
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
2.1 LOW· v2
Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space requi...Show more
Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.Show less
CVE-2004-2392
1Mandrakesoft
2Mandrake Linux
Mandrake Linux Corporate Server
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
5.0 MEDIUM· v2
libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.
CVE-2004-0817
9Conectiva
EnlightenmentImagemagick+6 more
16Enterprise Linux
Enterprise Linux DesktopFedora Core+13 more
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
CVE-2004-0802
9Conectiva
EnlightenmentImagemagick+6 more
16Enterprise Linux
Enterprise Linux DesktopFedora Core+13 more
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
5.1 MEDIUM· v2
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
CVE-2004-0834
3Gentoo
MandrakesoftSpeedtouch
5Linux
Mandrake LinuxMandrake Linux Corporate Server+2 more
Apr 16, 2026
Dec 23, 2004
N/A· v4
N/A· v3
7.2 HIGH· v2
Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.
CVE-2004-0805
2Mandrakesoft
Mpg123
3Mandrake Linux
Mandrake Linux Corporate ServerMpg123
Apr 16, 2026
Dec 23, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.
CVE-2004-0803
9Apple
KdeLibtiff+6 more
13Enterprise Linux
Enterprise Linux DesktopFedora Core+10 more
Apr 16, 2026
Dec 23, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
CVE-2004-1307
10Apple
AvayaConectiva+7 more
19Call Management System Server
CvlanIcontrol Service Manager+16 more
Apr 16, 2026
Dec 21, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which cau...Show more
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.Show less
CVE-2004-0635
4Ethereal Group
GentooMandrakesoft+1 more
5Enterprise Linux
EtherealLinux+2 more
Apr 16, 2026
Dec 6, 2004
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
CVE-2004-0634
4Ethereal Group
GentooMandrakesoft+1 more
5Enterprise Linux
EtherealLinux+2 more
Apr 16, 2026
Dec 6, 2004
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
CVE-2004-0633
4Ethereal Group
GentooMandrakesoft+1 more
5Enterprise Linux
EtherealLinux+2 more
Apr 16, 2026
Dec 6, 2004
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
CVE-2004-0565
4Gentoo
LinuxMandrakesoft+1 more
6Linux
Linux KernelMandrake Linux+3 more
Apr 16, 2026
Dec 6, 2004
N/A· v4
N/A· v3
2.1 LOW· v2
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH...Show more
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.Show less
CVE-2004-0497
7Conectiva
GentooLinux+4 more
9Enterprise Linux
LinuxLinux+6 more
Apr 16, 2026
Dec 6, 2004
N/A· v4
N/A· v3
2.1 LOW· v2
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVE-2004-0496
5Gentoo
LinuxMandrakesoft+2 more
13Linux
Linux KernelMandrake Linux+10 more
Apr 16, 2026
Dec 6, 2004
N/A· v4
N/A· v3
7.2 HIGH· v2
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source...Show more
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.Show less
CVE-2004-0746
4Gentoo
KdeMandrakesoft+1 more
5Kde
KonquerorLinux+2 more
Apr 16, 2026
Oct 20, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack an...Show more
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.Show less
CVE-2004-0559
3Mandrakesoft
UserminWebmin
4Mandrake Linux
Mandrake Linux Corporate ServerUsermin+1 more
Apr 16, 2026
Oct 20, 2004
N/A· v4
N/A· v3
2.1 LOW· v2
The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.
CVE-2004-0500
3Gentoo
MandrakesoftRob Flynn
3Gaim
LinuxMandrake Linux
Apr 16, 2026
Sep 28, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are n...Show more
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.Show less
CVE-2004-0827
9Conectiva
EnlightenmentImagemagick+6 more
14Enterprise Linux
Enterprise Linux DesktopFedora Core+11 more
Apr 16, 2026
Sep 16, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malf...Show more
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.Show less