Filtered by vendor Mandrakesoft
Subscriptions
Total
151 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2394 | 1 Mandrakesoft | 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall | 2025-04-03 | N/A |
| Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks. | ||||
| CVE-2005-0085 | 4 Htdig, Mandrakesoft, Redhat and 1 more | 6 Htdig, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. | ||||
| CVE-2005-0472 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | ||||
| CVE-2005-0473 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | ||||
| CVE-2005-0605 | 8 Altlinux, Lesstif, Mandrakesoft and 5 more | 12 Alt Linux, Lesstif, Mandrake Linux and 9 more | 2025-04-03 | N/A |
| scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. | ||||
| CVE-2005-1267 | 5 Gentoo, Lbl, Mandrakesoft and 2 more | 6 Linux, Tcpdump, Mandrake Linux and 3 more | 2025-04-03 | N/A |
| The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet. | ||||
| CVE-2002-0638 | 3 Hp, Mandrakesoft, Redhat | 6 Secure Os, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2025-04-03 | N/A |
| setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | ||||
| CVE-2002-2185 | 6 Debian, Mandrakesoft, Microsoft and 3 more | 11 Debian Linux, Mandrake Linux, Windows 98 and 8 more | 2025-04-03 | N/A |
| The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | ||||
| CVE-2005-0003 | 4 Avaya, Linux, Mandrakesoft and 1 more | 15 Converged Communications Server, Intuity Audix, Mn100 and 12 more | 2025-04-03 | N/A |
| The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. | ||||
| CVE-2003-0041 | 3 Mandrakesoft, Mit, Redhat | 5 Mandrake Linux, Mandrake Multi Network Firewall, Kerberos Ftp Client and 2 more | 2025-04-03 | N/A |
| Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client. | ||||
| CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2025-04-03 | N/A |
| Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | ||||
| CVE-2004-0559 | 3 Mandrakesoft, Usermin, Webmin | 4 Mandrake Linux, Mandrake Linux Corporate Server, Usermin and 1 more | 2025-04-03 | N/A |
| The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory. | ||||
| CVE-2003-0462 | 3 Linux, Mandrakesoft, Redhat | 6 Linux Kernel, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2025-04-03 | N/A |
| A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). | ||||
| CVE-2004-0746 | 5 Gentoo, Kde, Mandrakesoft and 2 more | 6 Linux, Kde, Konqueror and 3 more | 2025-04-03 | N/A |
| Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. | ||||
| CVE-2004-0807 | 6 Conectiva, Mandrakesoft, Redhat and 3 more | 6 Linux, Mandrake Linux, Enterprise Linux and 3 more | 2025-04-03 | N/A |
| Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | ||||
| CVE-2004-0834 | 3 Gentoo, Mandrakesoft, Speedtouch | 5 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | N/A |
| Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. | ||||
| CVE-2004-0932 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2004-0933 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2004-0936 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2004-0937 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||