Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mandrake_linux
(Mandrakesoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 135 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2001-01-09 | CVE-2000-1095 | modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | Linux, Immunix, Mandrake_linux, Linux, Suse_linux | N/A | ||
| 2000-12-11 | CVE-2000-1059 | The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. | Mandrake_linux | N/A | ||
| 2000-12-11 | CVE-2000-1043 | Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | Mandrake_linux | N/A | ||
| 2000-12-11 | CVE-2000-1042 | Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | Mandrake_linux | N/A | ||
| 2000-11-14 | CVE-2000-0883 | The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | Mandrake_linux | N/A | ||
| 2000-11-14 | CVE-2000-0867 | Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | Debian_linux, Mandrake_linux, Linux, Slackware_linux, Secure_linux | N/A | ||
| 2000-11-14 | CVE-2000-0844 | Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | Openlinux, Openlinux_ebuilder, Openlinux_eserver, Linux, Debian_linux, Aix, Immunix, Mandrake_linux, Linux, Irix, Slackware_linux, Solaris, Sunos, Suse_linux, Secure_linux, Turbolinux | N/A | ||
| 2000-10-20 | CVE-2000-0718 | A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed. | Mandrake_linux | N/A | ||
| 2000-07-18 | CVE-2000-0633 | Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. | Linux, Mandrake_linux, Linux | N/A | ||
| 2000-07-04 | CVE-2000-0594 | BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters. | Openlinux_desktop, Openlinux_ebuilder, Openlinux_edesktop, Openlinux_eserver, Freebsd, Mandrake_linux | N/A |