CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Mandrakesoft » Mandrake Linux » 6.1 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2001-0473 Exec Code 2001-06-27 2017-10-10
7.5
 None Remote Low Not required Partial Partial Partial
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
2 CVE-2001-0441 Exec Code Overflow 2001-06-27 2017-12-19
7.5
 None Remote Low Not required Partial Partial Partial
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
3 CVE-2001-0416 2001-06-27 2017-10-10
2.1
 None Local Low Not required Partial None None
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
4 CVE-2001-0388 DoS 2001-06-27 2017-10-10
10.0
 None Remote Low Not required Complete Complete Complete
time server daemon timed allows remote attackers to cause a denial of service via malformed packets.
5 CVE-2001-0178 +Priv 2001-03-26 2017-10-10
2.1
 None Local Low Not required Partial None None
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
6 CVE-2001-0169 2001-03-26 2017-10-10
2.1
 None Local Low Not required None Partial None
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
7 CVE-2001-0142 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
8 CVE-2001-0140 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
9 CVE-2001-0139 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
10 CVE-2001-0138 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
11 CVE-2001-0125 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
12 CVE-2001-0120 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
13 CVE-2001-0119 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
14 CVE-2001-0118 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
15 CVE-2001-0117 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
16 CVE-2001-0116 2001-03-12 2017-10-10
1.2
 None Local High Not required None Partial None
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
17 CVE-2000-1134 2001-01-09 2017-10-19
7.2
 None Local Low Not required Complete Complete Complete
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
18 CVE-2000-1043 +Priv 2000-12-11 2017-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
19 CVE-2000-1042 Overflow +Priv 2000-12-11 2017-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
20 CVE-2000-0883 2000-11-14 2017-10-10
5.0
 None Remote Low Not required Partial None None
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
21 CVE-2000-0867 +Priv 2000-11-14 2018-05-03
7.2
 None Local Low Not required Complete Complete Complete
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
22 CVE-2000-0718 2000-10-20 2008-09-05
1.2
 None Local High Not required None Partial None
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
23 CVE-2000-0607 Overflow +Priv 2000-06-21 2008-09-10
7.2
 None Local Low Not required Complete Complete Complete
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
24 CVE-2000-0606 Overflow +Priv 2000-06-21 2008-09-10
7.2
 None Local Low Not required Complete Complete Complete
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
25 CVE-2000-0566 2000-07-03 2018-05-03
7.2
 None Local Low Not required Complete Complete Complete
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
26 CVE-2000-0508 DoS 1994-12-19 2017-10-10
5.0
 None Remote Low Not required None None Partial
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
27 CVE-2000-0336 2000-04-21 2008-09-10
2.1
 None Local Low Not required None Partial None
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
28 CVE-2000-0186 Overflow +Priv 2000-02-28 2008-09-10
7.2
 None Local Low Not required Complete Complete Complete
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
29 CVE-2000-0052 2000-01-04 2008-09-10
7.2
 None Local Low Not required Complete Complete Complete
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
Total number of vulnerabilities : 29   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.