Vulnerabilities > Mandrakesoft > Mandrake Linux > 7.1

DATE CVE VULNERABILITY TITLE RISK
2001-03-12 CVE-2001-0138 privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix debian mandrakesoft redhat
1.2
1.2
2001-03-12 CVE-2001-0128 Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. 7.2
7.2
2001-03-12 CVE-2001-0125 exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
local
high complexity
exmh debian mandrakesoft
1.2
1.2
2001-03-12 CVE-2001-0120 useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix mandrakesoft redhat
1.2
1.2
2001-03-12 CVE-2001-0119 getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix mandrakesoft redhat
1.2
1.2
2001-03-12 CVE-2001-0118 rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix mandrakesoft redhat
1.2
1.2
2001-03-12 CVE-2001-0117 sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
local
high complexity
immunix mandrakesoft redhat trustix
1.2
1.2
2001-03-12 CVE-2001-0116 gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix mandrakesoft redhat
1.2
1.2
2001-01-09 CVE-2000-1134 Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. 7.2
7.2
2000-12-11 CVE-2000-1059 Unspecified vulnerability in Mandrakesoft Mandrake Linux 7.0/7.1
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.
local
low complexity
mandrakesoft
7.2
7.2