VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Mandrakesoft
>
Mandrake Linux
> 7.2
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2001-03-12
CVE-2001-0138
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix
debian
mandrakesoft
redhat
1.2
1.2
2001-03-12
CVE-2001-0128
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
local
low complexity
redhat
zope
conectiva
debian
freebsd
mandrakesoft
7.2
7.2
2001-03-12
CVE-2001-0125
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
local
high complexity
exmh
debian
mandrakesoft
1.2
1.2
2001-03-12
CVE-2001-0120
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix
mandrakesoft
redhat
1.2
1.2
2001-03-12
CVE-2001-0119
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix
mandrakesoft
redhat
1.2
1.2
2001-03-12
CVE-2001-0118
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix
mandrakesoft
redhat
1.2
1.2
2001-03-12
CVE-2001-0117
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
local
high complexity
immunix
mandrakesoft
redhat
trustix
1.2
1.2
2001-03-12
CVE-2001-0116
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
local
high complexity
immunix
mandrakesoft
redhat
1.2
1.2
2001-03-12
CVE-2001-0108
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
network
low complexity
php
mandrakesoft
5.0
5.0
2001-01-12
CVE-2001-1385
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
network
low complexity
php
mandrakesoft
5.0
5.0
«
Previous
1
2
3
(current)
4
»
Next