Vulnerabilities > Mandrakesoft > Mandrake Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2007-04-06 CVE-2007-1352 Local Integer Overflow vulnerability in X.Org LibXFont
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. 		3.8
3.8
2005-02-09 CVE-2004-0974 The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
local
low complexity
netatalk mandrakesoft redhat
2.1
2.1
2005-02-09 CVE-2004-0975 The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
local
low complexity
mandrakesoft openssl gentoo
2.1
2.1
2005-01-10 CVE-2004-1171 KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
local
low complexity
kde mandrakesoft redhat
2.1
2.1
2004-12-31 CVE-2004-2394 Unspecified vulnerability in Mandrakesoft products
Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.
local
low complexity
mandrakesoft
2.1
2.1
2004-12-31 CVE-2004-2395 Unspecified vulnerability in Mandrakesoft products
Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.
local
low complexity
mandrakesoft
2.1
2.1
2004-12-06 CVE-2004-0497 Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. 2.1
2.1
2004-12-06 CVE-2004-0565 Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
local
low complexity
mandrakesoft gentoo linux trustix
2.1
2.1
2004-10-20 CVE-2004-0559 The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.
local
low complexity
usermin webmin mandrakesoft
2.1
2.1
2004-08-06 CVE-2004-0535 The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. 2.1
2.1