MandrakeSoft Mandrake Multi Network Firewall 8.2

CPE Details

MandrakeSoft Mandrake Multi Network Firewall 8.2
8.2
2007-08-23
19h16 +00:00
2007-09-14
15h36 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*

Informations

Vendor

mandrakesoft

Product

mandrake_multi_network_firewall

Version

8.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2004-2394 2005-08-17 02h00 +00:00 Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.
2.1
CVE-2004-2395 2005-08-17 02h00 +00:00 Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.
2.1
CVE-2004-2396 2005-08-17 02h00 +00:00 passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.
7.2
CVE-2004-1235 2005-01-20 04h00 +00:00 Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
6.2
CVE-2005-0003 2005-01-20 04h00 +00:00 The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
2.1
CVE-2004-1051 2004-11-18 04h00 +00:00 sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
7.2
CVE-2004-0834 2004-10-20 02h00 +00:00 Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.
7.2
CVE-2004-0975 2004-10-20 02h00 +00:00 The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
2.1
CVE-2004-0565 2004-07-08 02h00 +00:00 Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
2.1
CVE-2004-0496 2004-07-06 02h00 +00:00 Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
7.2
CVE-2004-0497 2004-07-06 02h00 +00:00 Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
2.1
CVE-2004-0535 2004-06-08 02h00 +00:00 The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
2.1
CVE-2003-0462 2003-07-25 02h00 +00:00 A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
1.2
CVE-2003-0041 2003-02-01 04h00 +00:00 Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
10