Search Results (Refine Search)
- CPE Product Version: cpe:/o:mandrakesoft:mandrake_linux:7.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2001-0119 |
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2001-0120 |
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2001-0125 |
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2001-0128 |
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2001-0138 |
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2001-0139 |
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2001-0140 |
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2001-0142 |
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. Published: March 12, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2000-1134 |
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. Published: January 09, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-1042 |
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. Published: December 11, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-1043 |
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. Published: December 11, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-1059 |
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. Published: December 11, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-0844 |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. Published: November 14, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-0867 |
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. Published: November 14, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-0883 |
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. Published: November 14, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2000-0718 |
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed. Published: October 20, 2000; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2000-0633 |
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. Published: July 18, 2000; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2000-0566 |
makewhatis in Linux man package allows local users to overwrite files via a symlink attack. Published: July 03, 2000; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-0606 |
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. Published: June 21, 2000; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-0607 |
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. Published: June 21, 2000; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |