Vulnerabilities > Mandrakesoft > Mandrake Linux > 7.0

DATE	CVE	VULNERABILITY TITLE	RISK
2001-03-12	CVE-2001-0125	exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file. local high complexity exmh debian mandrakesoft	1.2
2001-03-12	CVE-2001-0120	useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. local high complexity immunix mandrakesoft redhat	1.2
2001-03-12	CVE-2001-0119	getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. local high complexity immunix mandrakesoft redhat	1.2
2001-03-12	CVE-2001-0118	rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. local high complexity immunix mandrakesoft redhat	1.2
2001-03-12	CVE-2001-0117	sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. local high complexity immunix mandrakesoft redhat trustix	1.2
2001-03-12	CVE-2001-0116	gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack. local high complexity immunix mandrakesoft redhat	1.2
2001-01-09	CVE-2000-1134	Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. local low complexity immunix conectiva caldera hp mandrakesoft redhat suse	7.2
2000-12-11	CVE-2000-1059	Unspecified vulnerability in Mandrakesoft Mandrake Linux 7.0/7.1 The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. local low complexity mandrakesoft	7.2
2000-12-11	CVE-2000-1043	Unspecified vulnerability in Mandrakesoft Mandrake Linux 6.1/7.0/7.1 Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. network low complexity mandrakesoft critical	10.0
2000-12-11	CVE-2000-1042	Unspecified vulnerability in Mandrakesoft Mandrake Linux 6.1/7.0/7.1 Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. network low complexity mandrakesoft critical	10.0