Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2000-12-11	CVE-2000-1043	Unspecified vulnerability in Mandrakesoft Mandrake Linux 6.1/7.0/7.1 Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. network low complexity mandrakesoft critical	10.0
2000-11-14	CVE-2000-0844	Permissions, Privileges, and Access Controls vulnerability in multiple products Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. network low complexity caldera immunix conectiva sgi debian ibm mandrakesoft redhat slackware sun suse trustix turbolinux CWE-264 critical	10.0