Summary
Detail | |||
---|---|---|---|
Vendor | Mandrakesoft | First view | 1994-12-19 |
Product | Mandrake Linux | Last view | 2008-02-29 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.6 | 2008-02-29 | CVE-2008-0595 | dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface. |
5 | 2008-01-11 | CVE-2007-6284 | The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences. |
7.5 | 2007-02-05 | CVE-2007-0454 | Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping. |
7.2 | 2006-03-20 | CVE-2006-0745 | X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. |
5 | 2005-12-31 | CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. |
10 | 2005-12-31 | CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." |
5 | 2005-12-31 | CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. |
5 | 2005-07-26 | CVE-2005-2377 | nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE. |
5 | 2005-06-10 | CVE-2005-1267 | The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet. |
6.8 | 2005-04-27 | CVE-2005-0085 | Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. |
7.2 | 2005-04-14 | CVE-2005-0020 | Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code. |
2.1 | 2005-04-14 | CVE-2005-0003 | The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. |
6.2 | 2005-04-14 | CVE-2004-1235 | Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. |
5 | 2005-03-14 | CVE-2005-0473 | The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. |
5 | 2005-03-14 | CVE-2005-0472 | Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. |
7.5 | 2005-03-02 | CVE-2005-0605 | scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. |
7.2 | 2005-03-01 | CVE-2004-1051 | sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. |
5 | 2005-03-01 | CVE-2004-0983 | The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. |
4.6 | 2005-02-21 | CVE-2005-0503 | uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges. |
2.1 | 2005-02-09 | CVE-2004-0977 | The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files. |
2.1 | 2005-02-09 | CVE-2004-0975 | The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. |
2.1 | 2005-02-09 | CVE-2004-0974 | The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. |
7.5 | 2005-02-09 | CVE-2004-0937 | Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
7.5 | 2005-01-27 | CVE-2004-0936 | RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
7.5 | 2005-01-27 | CVE-2004-0935 | Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
30% (3) | CWE-399 | Resource Management Errors |
10% (1) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
10% (1) | CWE-276 | Incorrect Default Permissions |
10% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
10% (1) | CWE-193 | Off-by-one Error |
10% (1) | CWE-189 | Numeric Errors |
10% (1) | CWE-134 | Uncontrolled Format String |
10% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-6 | Argument Injection |
CAPEC-15 | Command Delimiters |
CAPEC-19 | Embedding Scripts within Scripts |
CAPEC-38 | Leveraging/Manipulating Configuration File Search Paths |
CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
CAPEC-58 | Restful Privilege Elevation |
CAPEC-81 | Web Logs Tampering |
CAPEC-88 | OS Command Injection |
CAPEC-108 | Command Line Execution through SQL Injection |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:10888 | cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys... |
oval:org.mitre.oval:def:4047 | Shell Redirect Symlink Attack Vulnerability |
oval:org.mitre.oval:def:10736 | The Internet Group Management Protocol (IGMP) allows local users to cause a d... |
oval:org.mitre.oval:def:664 | Code Execution Vulnerability in XPDF PDF Viewer |
oval:org.mitre.oval:def:309 | Linux Kernel execve Race Condition Vulnerability |
oval:org.mitre.oval:def:9867 | Unknown vulnerability in Linux kernel 2.x may allow local users to modify the... |
oval:org.mitre.oval:def:9429 | Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Ga... |
oval:org.mitre.oval:def:11136 | The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initia... |
oval:org.mitre.oval:def:10714 | Floating point information leak in the context switch code for Linux 2.4.x on... |
oval:org.mitre.oval:def:9398 | Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allo... |
oval:org.mitre.oval:def:9931 | The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers... |
oval:org.mitre.oval:def:10252 | The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote at... |
oval:org.mitre.oval:def:9721 | The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers ... |
oval:org.mitre.oval:def:11281 | Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for countr... |
oval:org.mitre.oval:def:8896 | Multiple vulnerabilities in the RLE (run length encoding) decoders for libtif... |
oval:org.mitre.oval:def:100114 | libtiff RLE Decoder Buffer Overflow Vulnerabilities |
oval:org.mitre.oval:def:11141 | Samba 3.0.6 and earlier allows remote attackers to cause a denial of service ... |
oval:org.mitre.oval:def:9588 | The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to ca... |
oval:org.mitre.oval:def:8843 | Multiple heap-based buffer overflows in the imlib BMP image handler allow rem... |
oval:org.mitre.oval:def:11123 | Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.... |
oval:org.mitre.oval:def:9907 | Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attacker... |
oval:org.mitre.oval:def:100116 | libtiff Malloc Error Denial of Service |
oval:org.mitre.oval:def:164 | Trustix Secure Linux der_chop Script Symlink Attack Vulnerability |
oval:org.mitre.oval:def:10621 | The der_chop script in the openssl package in Trustix Secure Linux 1.5 throug... |
oval:org.mitre.oval:def:11360 | The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local u... |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
60296 | nss_ldap Search Request SIGPIPE Handling Remote DoS |
59846 | KDE Konqueror Cross-domain Browser Window Injection Content Spoofing |
59768 | Bonobo efstools Command Line Argument Handling Local Overflow |
59611 | jmcce on Mandrake /tmp Temporary File Symlink Arbitrary File Overwrite |
59516 | Mandrake Linux passwd Default PAM File Password Security Weakness |
43038 | D-Bus dbus-daemon send_interface Local Security Policy Bypass |
40194 | libxml2 xmlCurrentChar Function UTF-8 Parsing DoS |
33101 | Samba VFS Plugin afsacl.so Format String |
24001 | X.Org / X11 -logfile Parameter Arbitrary File Overwrite |
24000 | X.Org / X11 -modulepath Parameter Privileged Code Execution |
22509 | IGMP Spoofed Membership Report DoS |
22235 | Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS |
22234 | Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS |
22233 | Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function... |
21593 | Mandrake Linux msec Home Directory Permission Setting Weakness |
19790 | Linux passwd Failed Read Attempt Local DoS |
19789 | Linux passwd --stdin Off-by-one Password Generation Weakness |
19136 | Apache on Mandrake Linux Arbitrary Directory Forced Listing |
19100 | Mandrake ibuser Unspecified Read Failure Related DoS |
17227 | tcpdump bgp_update_print() Function Malformed BGP Protocol Data DoS |
14794 | Multiple Unix Vendor locale subsystem Multiple Function Format String |
14373 | libXpm XPM Image GetImagePixels() / PutImagePixels() Overflow |
14158 | Multiple Unix Shell << Redirect Symlink Arbitrary File Overwrite |
14013 | uim Environment Variable Local Privilege Escalation |
13924 | Gaim Malformed HTML Parsing DoS |
ExploitDB Exploits
id | Description |
---|---|
24259 | Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne... |
718 | Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit |
629 | Multiple AntiVirus (zip file) Detection Bypass Exploit |
OpenVAS Exploits
id | Description |
---|---|
2010-02-03 | Name : Solaris Update for CDE 1.6 119280-22 File : nvt/gb_solaris_119280_22.nasl |
2010-02-03 | Name : Solaris Update for Runtime library for Solaris 10 119281-22 File : nvt/gb_solaris_119281_22.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-10 | Name : SLES9: Security update for Apache 2 File : nvt/sles9p5009547.nasl |
2009-10-10 | Name : SLES9: Security update for kdelibs3 File : nvt/sles9p5011912.nasl |
2009-10-10 | Name : SLES9: Security update for ruby File : nvt/sles9p5013198.nasl |
2009-10-10 | Name : SLES9: Security update for webdav apache module File : nvt/sles9p5013988.nasl |
2009-10-10 | Name : SLES9: Security update for imlib File : nvt/sles9p5014360.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel core File : nvt/sles9p5014380.nasl |
2009-10-10 | Name : SLES9: Security update for XFree86-libs File : nvt/sles9p5016773.nasl |
2009-10-10 | Name : SLES9: Security update for libtiff File : nvt/sles9p5017742.nasl |
2009-10-10 | Name : SLES9: Security update for htdig File : nvt/sles9p5018082.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5020030.nasl |
2009-10-10 | Name : SLES9: Security update for libxml2 File : nvt/sles9p5020669.nasl |
2009-06-03 | Name : Solaris Update for CDE 1.4 109931-10 File : nvt/gb_solaris_109931_10.nasl |
2009-06-03 | Name : Solaris Update for sdtimage 109932-10 File : nvt/gb_solaris_109932_10.nasl |
2009-06-03 | Name : Solaris Update for csh/pfcsh 110898-15 File : nvt/gb_solaris_110898_15.nasl |
2009-06-03 | Name : Solaris Update for CDE 1.5 114219-11 File : nvt/gb_solaris_114219_11.nasl |
2009-06-03 | Name : Solaris Update for sdtimage 114220-11 File : nvt/gb_solaris_114220_11.nasl |
2009-05-05 | Name : HP-UX Update for Shells HPSBUX00275 File : nvt/gb_hp_ux_HPSBUX00275.nasl |
2009-05-05 | Name : HP-UX Update for Apache with PHP HPSBUX01090 File : nvt/gb_hp_ux_HPSBUX01090.nasl |
2009-04-09 | Name : Mandriva Update for samba MDKSA-2007:034 (samba) File : nvt/gb_mandriva_MDKSA_2007_034.nasl |
2009-04-09 | Name : Mandriva Update for libxml2 MDVSA-2008:010 (libxml2) File : nvt/gb_mandriva_MDVSA_2008_010.nasl |
2009-04-09 | Name : Mandriva Update for dbus MDVSA-2008:054 (dbus) File : nvt/gb_mandriva_MDVSA_2008_054.nasl |
2009-03-23 | Name : Ubuntu Update for samba vulnerabilities USN-419-1 File : nvt/gb_ubuntu_USN_419_1.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | portmap ypserv request UDP RuleID : 590-community - Type : PROTOCOL-RPC - Revision : 22 |
2014-01-10 | portmap ypserv request UDP RuleID : 590 - Type : PROTOCOL-RPC - Revision : 22 |
2019-09-10 | nfs-utils TCP connection termination denial-of-service attempt RuleID : 50913 - Type : SERVER-OTHER - Revision : 1 |
2014-01-10 | Microsoft Internet Explorer RAV Online Scanner ActiveX object access RuleID : 4188 - Type : BROWSER-PLUGINS - Revision : 12 |
2014-01-10 | Multiple products ZIP archive virus detection bypass attempt RuleID : 27048 - Type : FILE-OTHER - Revision : 2 |
2014-01-10 | Multiple products ZIP archive virus detection bypass attempt RuleID : 26989 - Type : FILE-OTHER - Revision : 7 |
2014-01-10 | Multiple products ZIP archive virus detection bypass attempt RuleID : 26926 - Type : FILE-OTHER - Revision : 8 |
2014-01-10 | Infinity CGI exploit scanner nph-exploitscanget.cgi access RuleID : 2222-community - Type : SERVER-WEBAPP - Revision : 20 |
2014-01-10 | Infinity CGI exploit scanner nph-exploitscanget.cgi access RuleID : 2222 - Type : SERVER-WEBAPP - Revision : 20 |
2014-01-10 | portmap nlockmgr request TCP RuleID : 2080-community - Type : PROTOCOL-RPC - Revision : 13 |
2014-01-10 | portmap nlockmgr request TCP RuleID : 2080 - Type : PROTOCOL-RPC - Revision : 13 |
2014-01-10 | portmap nlockmgr request UDP RuleID : 2079-community - Type : PROTOCOL-RPC - Revision : 15 |
2014-01-10 | portmap nlockmgr request UDP RuleID : 2079 - Type : PROTOCOL-RPC - Revision : 15 |
2014-01-10 | portmap ypserv request TCP RuleID : 1276-community - Type : PROTOCOL-RPC - Revision : 21 |
2014-01-10 | portmap ypserv request TCP RuleID : 1276 - Type : PROTOCOL-RPC - Revision : 21 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2009-0018.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-750.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0032.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0159.nasl - Type: ACT_GATHER_INFO |
2012-09-24 | Name: The remote Fedora Core host is missing a security update. File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO |
2012-09-24 | Name: The remote Fedora Core host is missing a security update. File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2000-003.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2000-015.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2000-046.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2000-050.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2000-052.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2000-064.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2000-071.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2000-075.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2000-086.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2001-001.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2001-002.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2001-003.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2001-004.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2001-006.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2001-007.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2001-010.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2001-012.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2001-013.nasl - Type: ACT_GATHER_INFO |
2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2001-015.nasl - Type: ACT_GATHER_INFO |