Mandrakesoft » Mandrake Linux : Security Vulnerabilities, CVEs, Published In December 2002
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
Max CVSS
4.9
EPSS Score
0.22%
Published
2002-12-31
Updated
2018-10-19
jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2002-12-31
Updated
2008-09-10
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
Max CVSS
4.6
EPSS Score
0.15%
Published
2002-12-31
Updated
2008-09-05
The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files.
Max CVSS
5.5
EPSS Score
0.06%
Published
2002-12-31
Updated
2024-02-08
4 vulnerabilities found