Vulnerabilities > Mandrakesoft > Mandrake Linux

DATE CVE VULNERABILITY TITLE RISK
2007-02-06 CVE-2007-0454 USE of Externally-Controlled Format String vulnerability in multiple products
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.
network
low complexity
samba debian mandrakesoft CWE-134
7.5
7.5
2006-03-21 CVE-2006-0745 Local Privilege Escalation vulnerability in X.Org X Window Server
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
local
low complexity
x-org mandrakesoft redhat sun suse
7.2
7.2
2005-12-31 CVE-2005-3626 Resource Management Errors vulnerability in multiple products
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. 		5.0
5.0
2005-12-31 CVE-2005-3625 Resource Management Errors vulnerability in multiple products
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." 		10.0
10
2005-12-31 CVE-2005-3624 Numeric Errors vulnerability in multiple products
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. 		5.0
5.0
2005-07-26 CVE-2005-2377 Denial-Of-Service vulnerability in Mandrakesoft Mandrake Linux and Mandrake Linux Corporate Server
nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable.
network
low complexity
mandrakesoft
5.0
5.0
2005-06-10 CVE-2005-1267 Denial Of Service vulnerability in tcpdump BGP Decoding Routines
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
network
low complexity
lbl gentoo mandrakesoft redhat trustix
5.0
5.0
2005-04-27 CVE-2005-0085 Cross-Site Scripting vulnerability in Dig Config Parameter
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. 		6.8
6.8
2005-04-14 CVE-2005-0020 Local Buffer Overflow vulnerability in PlayMidi
Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.
local
low complexity
playmidi mandrakesoft
7.2
7.2
2005-04-14 CVE-2004-1235 Local Privilege Escalation vulnerability in Linux kernel Uselib()
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. 		6.2
6.2