Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mandrake_linux
(Mandrakesoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 135 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-06-10 | CVE-2005-1267 | The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet. | Linux, Tcpdump, Mandrake_linux, Fedora_core, Secure_linux | N/A | ||
| 2005-03-02 | CVE-2005-0605 | scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. | Alt_linux, Lesstif, Mandrake_linux, Mandrake_linux_corporate_server, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Propack, Suse_linux, X11r6, X11r6 | N/A | ||
| 2005-02-21 | CVE-2005-0503 | uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges. | Mandrake_linux, Uim | N/A | ||
| 2005-03-14 | CVE-2005-0473 | The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | Mandrake_linux, Mandrake_linux_corporate_server, Enterprise_linux, Enterprise_linux_desktop, Gaim | N/A | ||
| 2005-03-14 | CVE-2005-0472 | Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | Mandrake_linux, Mandrake_linux_corporate_server, Enterprise_linux, Enterprise_linux_desktop, Gaim | N/A | ||
| 2005-04-27 | CVE-2005-0085 | Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. | Htdig, Mandrake_linux, Mandrake_linux_corporate_server, Fedora_core, Suse_linux | N/A | ||
| 2005-04-14 | CVE-2005-0020 | Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code. | Mandrake_linux, Mandrake_linux_corporate_server, Playmidi | N/A | ||
| 2004-12-31 | CVE-2004-2396 | passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM. | Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall | N/A | ||
| 2004-12-31 | CVE-2004-2395 | Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer. | Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall | N/A | ||
| 2004-12-31 | CVE-2004-2394 | Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks. | Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall | N/A |