This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Mandrakesoft First view 1996-07-16
Product Mandrake Linux Last view 2005-04-14
Version 9.2 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:mandrakesoft:mandrake_linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
2.1 2005-04-14 CVE-2005-0003

The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.

6.2 2005-04-14 CVE-2004-1235

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

7.2 2005-03-01 CVE-2004-1051

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

5 2005-03-01 CVE-2004-0983

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.

2.1 2005-02-09 CVE-2004-0977

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

2.1 2005-02-09 CVE-2004-0975

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

2.1 2005-02-09 CVE-2004-0974

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

7.5 2005-01-10 CVE-2004-1098

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

5 2005-01-10 CVE-2004-1014

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.

2.1 2004-12-31 CVE-2004-2395

Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.

2.1 2004-12-31 CVE-2004-2394

Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.

5 2004-12-31 CVE-2004-2392

libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.

7.5 2004-12-31 CVE-2004-0817

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

5.1 2004-12-31 CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

7.2 2004-12-23 CVE-2004-0834

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.

7.5 2004-12-23 CVE-2004-0805

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

5 2004-12-06 CVE-2004-0635

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

5 2004-12-06 CVE-2004-0634

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

5 2004-12-06 CVE-2004-0633

The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

2.1 2004-12-06 CVE-2004-0565

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

2.1 2004-12-06 CVE-2004-0497

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

7.2 2004-12-06 CVE-2004-0496

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

7.5 2004-10-20 CVE-2004-0746

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

2.1 2004-10-20 CVE-2004-0559

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.

7.5 2004-09-28 CVE-2004-0500

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
19790 Linux passwd Failed Read Attempt Local DoS
19789 Linux passwd --stdin Off-by-one Password Generation Weakness
19100 Mandrake ibuser Unspecified Read Failure Related DoS
13735 MIME-tools MIMEDefang Empty Boundary Content-Type Virus Scan Bypass
13350 cpio -O Parameter umask Permission Weakness
12917 Linux Kernel Elf Binary Overlapping VMA Local Privilege Escalation
12791 Linux Kernel sys_uselib Binary Format Loader Local Privilege Escalation
12240 nfs-utils rpc.statd SIGPIPE TCP Connection DoS
11716 sudo Bash Script Subversion Arbitrary Command Execution
11534 Ruby cgi.rb Malformed HTTP Request CPU Utilization DoS
11125 OpenSSL der_chop Script Symlink Arbitrary File Modification
11123 Netatalk etc2ps.sh Symlink Arbitrary File Modification
11004 Thomson SpeedTouch USB Driver Multiple Function Format String
10941 PostgreSQL make_oidjoins_check Arbitrary File Overwrite
10002 Multiple Browser Cross-Domain Cookie Injection
9986 irssi IRC Client format_send_to_gui DoS
9948 mod_dav for Apache HTTP Server LOCK Request DoS
9781 imlib2 BMP Image Decoding Overflow
9775 Usermin Installation .webmin Symlink Privilege Escalation
9748 mpg123 layer2.c Header Remote Overflow
9436 imlib2 BMP Decoding Overflow
9435 imlib BMP Decoding Overflow
9378 ImageMagick runlength-encoded BMP Image Decoding Overflow
9117 KDE Cross-Domain Cookie Injection
8962 Gaim msn_import_html() Function Overflow

ExploitDB Exploits

id Description
24259 Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne...
718 Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-10-10 Name : SLES9: Security update for ethereal
File : nvt/sles9p5020030.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel core
File : nvt/sles9p5014380.nasl
2009-10-10 Name : SLES9: Security update for imlib
File : nvt/sles9p5014360.nasl
2009-10-10 Name : SLES9: Security update for webdav apache module
File : nvt/sles9p5013988.nasl
2009-10-10 Name : SLES9: Security update for ruby
File : nvt/sles9p5013198.nasl
2009-10-10 Name : SLES9: Security update for Apache 2
File : nvt/sles9p5009547.nasl
2009-05-05 Name : HP-UX Update for Apache with PHP HPSBUX01090
File : nvt/gb_hp_ux_HPSBUX01090.nasl
2009-05-05 Name : HP-UX Update for Apache HPSBUX01064
File : nvt/gb_hp_ux_HPSBUX01064.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200409-15 (Usermin)
File : nvt/glsa_200409_15.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200403-13 (mplayer)
File : nvt/glsa_200403_13.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200406-05 (Apache)
File : nvt/glsa_200406_05.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200407-02 (Kernel)
File : nvt/glsa_200407_02.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200407-08 (Ethereal)
File : nvt/glsa_200407_08.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200407-16 (Kernel)
File : nvt/glsa_200407_16.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200408-12 (gaim)
File : nvt/glsa_200408_12.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200408-27 (Gaim)
File : nvt/glsa_200408_27.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200409-07 (xv)
File : nvt/glsa_200409_07.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200409-12 (imagemagick imlib)
File : nvt/glsa_200409_12.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200409-20 (mpg123)
File : nvt/glsa_200409_20.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200409-21 (apache)
File : nvt/glsa_200409_21.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200410-16 (PostgreSQL)
File : nvt/glsa_200410_16.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200410-25 (Netatalk)
File : nvt/glsa_200410_25.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200411-04 (speedtouch)
File : nvt/glsa_200411_04.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200411-06 (MIME-tools)
File : nvt/glsa_200411_06.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200411-15 (OpenSSL)
File : nvt/glsa_200411_15.nasl

Snort® IPS/IDS

Date Description
2019-09-10 nfs-utils TCP connection termination denial-of-service attempt
RuleID : 50913 - Type : SERVER-OTHER - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-01-24 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0523.nasl - Type: ACT_GATHER_INFO
2012-01-04 Name: Arbitrary files could be overwritten on the remote server.
File: openssl_0_9_7f.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9363.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_00644f03fb5811d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_013fa252072411d9b45d000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_15e0e96302ed11d9a20900061bc2ad93.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_265c8b00d2d011d8b47902e0185c0b53.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_5b8f9a02ec9311d8b913000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_6a164d842f7f11d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_ae7b7f6505c711d9b45d000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_ba005226fb5b11d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_d656296b33ff11d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-371-1.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-394-1.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2006-192.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2006-225.nasl - Type: ACT_GATHER_INFO
2006-12-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1234.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1067.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1069.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1070.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1082.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-476.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-20-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-24-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-35-1.nasl - Type: ACT_GATHER_INFO