High

DATE	CVE	VULNERABILITY TITLE	RISK
2002-10-28	CVE-2002-0836	dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. network low complexity hp mandrakesoft redhat	7.5
2002-02-27	CVE-2002-0004	Heap Overflow vulnerability in AT Maliciously Formatted Time Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. local low complexity caldera debian freebsd mandrakesoft netbsd redhat slackware suse	7.2
2002-01-31	CVE-2002-0002	Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code. network low complexity stunnel engardelinux mandrakesoft redhat	7.5
2001-11-30	CVE-2001-0912	Local Security vulnerability in Mandrakesoft Mandrake Linux 8.1 Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges. local low complexity mandrakesoft	7.2
2001-11-28	CVE-2001-1449	Remote Security vulnerability in Apache The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. network low complexity apache mandrakesoft	7.5
2001-07-18	CVE-2001-1030	Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. network low complexity caldera immunix mandrakesoft squid redhat trustix	7.5
2001-07-02	CVE-2001-0440	Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands. network low complexity licq conectiva mandrakesoft	7.5
2001-07-02	CVE-2001-0439	licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. network low complexity licq conectiva freebsd mandrakesoft redhat	7.5
2001-06-27	CVE-2001-0481	Unspecified vulnerability in Mandrakesoft Mandrake Linux 8.0 Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling. local low complexity mandrakesoft	7.2
2001-06-27	CVE-2001-0473	Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. network low complexity immunix mutt conectiva mandrakesoft redhat	7.5