Vulnerabilities > Mandrakesoft > Mandrake Linux > High

DATE CVE VULNERABILITY TITLE RISK
2001-06-27 CVE-2001-0441 Buffer Overflow vulnerability in SLRN Long Header
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
network
low complexity
debian mandrakesoft redhat
7.5
7.5
2001-05-03 CVE-2001-0279 Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
local
low complexity
debian mandrakesoft
7.2
7.2
2001-03-12 CVE-2001-0128 Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. 7.2
7.2
2001-01-09 CVE-2000-1134 Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. 7.2
7.2
2001-01-09 CVE-2000-1095 modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
local
low complexity
immunix conectiva mandrakesoft redhat suse
7.2
7.2
2000-12-11 CVE-2000-1059 Unspecified vulnerability in Mandrakesoft Mandrake Linux 7.0/7.1
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.
local
low complexity
mandrakesoft
7.2
7.2
2000-11-14 CVE-2000-0867 Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
local
low complexity
debian mandrakesoft redhat slackware trustix
7.2
7.2
2000-07-03 CVE-2000-0566 makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
local
low complexity
caldera mandrakesoft redhat
7.2
7.2
2000-05-29 CVE-2000-0454 Unspecified vulnerability in Mandrakesoft Mandrake Linux 7.0
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
local
low complexity
mandrakesoft
7.2
7.2
2000-05-17 CVE-1999-1008 xsoldier program allows local users to gain root access via a long argument.
local
low complexity
freebsd mandrakesoft
7.2
7.2