Vulnerabilities > Mandrakesoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2004-07-07 CVE-2004-0402 Buffer Overflow vulnerability in XPCD XPCD-SVGA
Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.
local
low complexity
xpcd mandrakesoft
4.6
2004-02-16 CVE-2004-1180 Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
network
low complexity
sun debian mandrakesoft
5.0
2004-01-05 CVE-2003-1020 Denial-Of-Service vulnerability in irssi
The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).
network
low complexity
irssi mandrakesoft
5.0
2002-12-31 CVE-2002-2185 Denial Of Service vulnerability in Multiple Vendor Spoofed IGMP Report
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
local
low complexity
sgi debian mandrakesoft microsoft redhat suse
4.9
2002-12-31 CVE-2002-1814 Buffer Overflow vulnerability in Bonobo EFSTool Commandline Argument
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
local
low complexity
gnome mandrakesoft redhat slackware
4.6
2002-12-31 CVE-2002-1713 Incorrect Default Permissions vulnerability in Mandrakesoft Mandrake Linux 8.2
The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files.
local
low complexity
mandrakesoft CWE-276
5.5
2002-08-12 CVE-2002-0638 setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
local
high complexity
mandrakesoft hp redhat
6.2
2001-12-12 CVE-2001-1190 Unspecified vulnerability in Mandrakesoft Mandrake Linux 8.1
The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.
local
low complexity
mandrakesoft
4.6
2001-07-16 CVE-2001-0977 Denial of Service vulnerability in OpenLDAP
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
network
low complexity
mandrakesoft openldap debian redhat
5.0
2001-06-27 CVE-2001-0496 Local Security vulnerability in Linux Mandrake
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
local
low complexity
mandrakesoft redhat
4.6