Mandrakesoft : Security Vulnerabilities, CVEs, Published In 2000
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-12-11
Updated
2017-10-10
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
Max CVSS
10.0
EPSS Score
3.88%
Published
2000-12-11
Updated
2017-10-10
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
Max CVSS
10.0
EPSS Score
1.98%
Published
2000-12-11
Updated
2017-10-10
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
Max CVSS
5.0
EPSS Score
0.80%
Published
2000-11-14
Updated
2017-10-10
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
Max CVSS
7.2
EPSS Score
0.16%
Published
2000-11-14
Updated
2018-05-03
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Max CVSS
10.0
EPSS Score
0.48%
Published
2000-11-14
Updated
2018-10-30
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
Max CVSS
1.2
EPSS Score
0.04%
Published
2000-10-20
Updated
2008-09-05
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-07-18
Updated
2017-10-10
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-06-21
Updated
2008-09-10
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-06-21
Updated
2008-09-10
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
Max CVSS
5.0
EPSS Score
13.68%
Published
2000-07-04
Updated
2017-10-10
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-07-03
Updated
2018-05-03
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-05-29
Updated
2008-09-10
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-04-21
Updated
2008-09-10
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-02-28
Updated
2008-09-10
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.
Max CVSS
2.1
EPSS Score
0.05%
Published
2000-03-09
Updated
2008-09-10
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-01-04
Updated
2008-09-10
xsoldier program allows local users to gain root access via a long argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-05-17
Updated
2016-10-18
18 vulnerabilities found