Vulnerabilities > Mandrakesoft > Critical

DATE CVE VULNERABILITY TITLE RISK
2007-03-20 CVE-2007-1543 Local Privilege Escalation and Denial of Service vulnerability in Radscan Network Audio System 1.8A
Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.
network
low complexity
mandrakesoft radscan
critical
10.0
2005-12-31 CVE-2005-3625 Resource Management Errors vulnerability in multiple products
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
10.0
2005-01-10 CVE-2004-1188 The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.
network
low complexity
mplayer xine mandrakesoft
critical
10.0
2005-01-10 CVE-2004-1187 Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.
network
low complexity
mplayer xine mandrakesoft
critical
10.0
2004-08-06 CVE-2004-0461 Buffer Overflow vulnerability in ISC DHCPD VSPRINTF
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
network
low complexity
infoblox isc suse mandrakesoft redhat
critical
10.0
2004-08-06 CVE-2004-0460 Buffer Overflow vulnerability in ISC DHCPD Hostname Options Logging
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.
network
low complexity
infoblox isc suse mandrakesoft redhat
critical
10.0
2004-05-04 CVE-2004-0386 Remote HTTP Header Buffer Overflow vulnerability in MPlayer
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
network
low complexity
mplayer gentoo mandrakesoft
critical
10.0
2002-03-15 CVE-2002-0083 Off-by-one Error vulnerability in multiple products
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
9.8
2001-06-27 CVE-2001-0388 time server daemon timed allows remote attackers to cause a denial of service via malformed packets.
network
low complexity
freebsd mandrakesoft suse
critical
10.0
2000-12-11 CVE-2000-1043 Unspecified vulnerability in Mandrakesoft Mandrake Linux 6.1/7.0/7.1
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
network
low complexity
mandrakesoft
critical
10.0