Vulnerabilities > Mandrakesoft > Mandrake Linux Corporate Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-0802 BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. 		5.1
5.1
2004-08-06 CVE-2004-0581 Symbolic Link vulnerability in KSymoops KSymoops-GZNM Insecure Temporary File Handling
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.
local
low complexity
gnu mandrakesoft
4.6
4.6
2004-02-16 CVE-2004-1180 Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
network
low complexity
sun debian mandrakesoft
5.0
5.0
2002-08-12 CVE-2002-0638 setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
local
high complexity
mandrakesoft hp redhat
6.2
6.2
2001-07-16 CVE-2001-0977 Denial of Service vulnerability in OpenLDAP
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
network
low complexity
mandrakesoft openldap debian redhat
5.0
5.0