VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Mandrakesoft
>
Mandrake Linux Corporate Server
> 2.1
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2004-12-06
CVE-2004-0497
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
local
low complexity
mandrakesoft
conectiva
gentoo
linux
redhat
suse
trustix
2.1
2.1
2004-12-06
CVE-2004-0496
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
local
low complexity
mandrakesoft
suse
gentoo
linux
sun
7.2
7.2
2004-10-20
CVE-2004-0559
The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.
local
low complexity
usermin
webmin
mandrakesoft
2.1
2.1
2004-09-16
CVE-2004-0827
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
network
low complexity
enlightenment
imagemagick
sun
conectiva
mandrakesoft
redhat
suse
turbolinux
ubuntu
7.5
7.5
2004-08-06
CVE-2004-0587
Denial of Service vulnerability in Linux Kernel HbaApiNode Improper File Permissions
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
local
low complexity
mandrakesoft
redhat
suse
2.1
2.1
2004-08-06
CVE-2004-0581
Symbolic Link vulnerability in KSymoops KSymoops-GZNM Insecure Temporary File Handling
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.
local
low complexity
gnu
mandrakesoft
4.6
4.6
2004-08-06
CVE-2004-0535
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory.
local
low complexity
mandrakesoft
suse
conectiva
engardelinux
gentoo
linux
2.1
2.1
2004-02-16
CVE-2004-1180
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
network
low complexity
sun
debian
mandrakesoft
5.0
5.0
2003-08-27
CVE-2003-0462
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
local
high complexity
mandrakesoft
linux
1.2
1.2
2003-07-24
CVE-2003-0434
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
network
low complexity
adobe
xpdf
mandrakesoft
redhat
7.5
7.5
«
Previous
1
2
3
(current)
»