Mandrakesoft: >> Mandrake Linux >> 9.1 Security Vulnerabilities
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
CVSS Score
10.0
EPSS Score
0.097
Published
2004-08-06
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-08-06
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-08-06
The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).
CVSS Score
5.0
EPSS Score
0.005
Published
2004-01-05
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
CVSS Score
7.5
EPSS Score
0.255
Published
2003-07-24
Page 2