Shodan
Vulnerabilities
Vulnerable Software
Mandrakesoft:  Security Vulnerabilities
CVE-2000-1042
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
CVSS Score
10.0
EPSS Score
0.005
Published
2000-12-11
CVE-2000-1043
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
CVSS Score
10.0
EPSS Score
0.005
Published
2000-12-11
CVE-2000-1059
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.
CVSS Score
7.2
EPSS Score
0.0
Published
2000-12-11
CVE-2000-0844
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVSS Score
10.0
EPSS Score
0.009
Published
2000-11-14
CVE-2000-0867
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-11-14
CVE-2000-0883
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
CVSS Score
5.0
EPSS Score
0.053
Published
2000-11-14
CVE-2000-0718
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
CVSS Score
1.2
EPSS Score
0.001
Published
2000-10-20
CVE-2000-0633
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
CVSS Score
2.1
EPSS Score
0.001
Published
2000-07-18
CVE-2000-0594
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
CVSS Score
5.0
EPSS Score
0.12
Published
2000-07-04
CVE-2000-0566
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-07-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved