Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories » Mandrake

Mandrake Security Advisories

Here you'll find the latest security advisories from Mandrake. Our database currently contains 486 Mandrake security advisories.
Page: 123456 out of 20

Python arbitrary code execution | MDKA-2005:035 | February 10, 2005
Python-based XML-RPC servers may be vulnerable to remote execution of arbitrary code.

Squid multiple vulnerabilities | MDKA-2005:034 | February 10, 2005
Squid contains vulnerabilities in the code handling WCCP, HTTP and LDAP which could lead to Denial of Service, access control bypass, web cache and log poisoning.

Enscript multiple vulnerabilities | MDKA-2005:033 | February 10, 2005
Enscript suffers from vulnerabilities and design flaws, potentially resulting in the execution of arbitrary code.

Cpio package update | MDKA-2005:032 | February 10, 2005
A vulnerability in cpio was discovered where cpio would create world-writeable files when used in -o/--create mode and giving an output file (with -O). This would allow any user to modify the created

DrakXtools several bugs | MDKA-2005:009 | February 10, 2005
Several new bugs have been identified and corrected in the draktools package.

perl-DBI arbitrary file overwrite | MDKA-2005:030 | February 08, 2005
Javier Fernandez-Sanguino Pena disovered the perl5 DBI library created a temporary PID file in an insecure manner, which could be exploited by a malicious user to overwrite arbitrary files owned by th

Perl multiple vulnerabilities | MDKA-2005:031 | February 08, 2005
Multiple vulnerabilities have been found in Perl.

Vim multiple vulnerabilities | MDKA-2005:029 | February 02, 2005
Javier Fernandez-Sanguino Pena discovered two vulnerabilities in scripts included with the vim editor. The two scripts, "tcltags" and "vimspell.sh" created temporary files in an insecure manner which

Chbg arbitrary code execution | MDKSA-2005:027 | February 01, 2005
A vulnerability in chbg was discovered by Danny Lungstrom. A maliciously-crafted configuration/scenario file could overflow a buffer leading to the potential execution of arbitrary code.

Imap authentication bypass | MDKA-2005:026 | February 01, 2005
A vulnerability was discovered in the CRAM-MD5 authentication in UW-IMAP where, on the fourth failed authentication attempt, a user would be able to access the IMAP server regardless. This problem exi

Advisory update | MDKA-2005:005-1 | February 01, 2005
A problem with the previous update prevented users from updating kdebase due to a missing file and incomplete rpm header information. The updated kdebase packages fix this problem.

ClamAV multiple vulnerabilities | MDKSA-2005:025 | January 31, 2005
Two problems were discovered in versions of clamav prior to 0.81. An attacker could evade virus scanning by sending a base64-encoded imaege file in a URL. Also, by sending a specially-crafted ZIP file

Evolution integer overflow | MDKSA-2005:024 | January 27, 2005
Max Vozeler discovered an integer overflow in the camel-lock-helper application. This application is installed setgid mail by default. A local attacker could exploit this to execute malicious code wit

Bind remote denial of service vulnerability | MDKSA-2005:023 | January 26, 2005
A vulnerability was discovered in BIND version 9.3.0 where a remote attacker may be able to cause named to exit prematurely, causing a Denial of Service due to an incorrect assumption in the validator

Kernel multiple vulnerabilities | MDKSA-2005:022 | January 25, 2005
A number of vulnerabilities are fixed in the 2.4 and 2.6 kernels with this advisory.

Tetex buffer overflow | MDKSA-2005:021 | January 25, 2005
The vulnerability exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. Tetex uses xpdf code and is susceptible to the same

KDEGraphics buffer overflow | MDKSA-2005:020 | January 25, 2005
The vulnerability exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. Kdegraphics uses xpdf code and is susceptible to th

KOffice buffer overflow | MDKSA-2005:019 | January 25, 2005
The vulnerability exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. Koffice uses xpdf code and is susceptible to the sa

Cups buffer overflow | MDKSA-2005:018 | January 25, 2005
The vulnerability exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. Cups uses xpdf code and is susceptible to the same

xpdf buffer overflow | MDKSA-2005:017 | January 25, 2005
A buffer overflow vulnerability was discovered in the xpdf PDF viewer, which could allow for arbitrary code execution as the user viewing a PDF file.

gPDF buffer overflow | MDKSA-2005:016 | January 25, 2005
A buffer overflow vulnerability was discovered in the xpdf PDF code, which could allow for arbitrary code execution as the user viewing a PDF file.

Mailman cross-site scripting | MDKSA-2005:015 | January 24, 2005
Florian Weimer discovered a vulnerability in Mailman, which can be exploited by malicious people to conduct cross-site scripting attacks.

Squid buffer and integer overflow | MDKSA-2005:014 | January 24, 2005
"infamous41md" discovered two vulnerabilities in the squid proxy cache server. The first is a buffer overflow in the Gopher response parser which leads to memory corruption and would usually crash squ

Ethereal multiple vulnerabilities | MDKSA-2005:013 | January 24, 2005
Multiple vulnerabilities have been found in Ethereal. This advisory provides information about the updated packages.

Zhcon possible reading of arbitrary files | MDKSA-2005:012 | January 24, 2005
Erik Sjolund discovered that zhcon accesses a user-controlled configuration file with elevated privileges which could make it possible to read arbitrary files.

Page: 123456 out of 20

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »