Vulnerabilities > Mandrakesoft > Mandrake Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-02-16 | CVE-2004-1180 | Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). | 5.0 |
| 2004-01-05 | CVE-2003-1020 | Denial-Of-Service vulnerability in irssi The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash). | 5.0 |
| 2002-12-31 | CVE-2002-2185 | Denial Of Service vulnerability in Multiple Vendor Spoofed IGMP Report The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | 4.9 |
| 2002-12-31 | CVE-2002-1814 | Buffer Overflow vulnerability in Bonobo EFSTool Commandline Argument Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. | 4.6 |
| 2002-12-31 | CVE-2002-1713 | Incorrect Default Permissions vulnerability in Mandrakesoft Mandrake Linux 8.2 The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. | 5.5 |
| 2002-08-12 | CVE-2002-0638 | setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | 6.2 |
| 2001-12-12 | CVE-2001-1190 | Unspecified vulnerability in Mandrakesoft Mandrake Linux 8.1 The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended. | 4.6 |
| 2001-07-16 | CVE-2001-0977 | Denial of Service vulnerability in OpenLDAP slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. | 5.0 |
| 2001-06-27 | CVE-2001-0496 | Local Security vulnerability in Linux Mandrake kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges. | 4.6 |
| 2001-03-12 | CVE-2001-0108 | PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested. | 5.0 |