GCVE - cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*

part: o version: 8.2 update: *

Vendor	Mandrakesoft (`a8a5c606-4abd-5243-b724-ee5f458a973b`)
Product	Mandrake Linux (`3ee4655e-af5a-585e-8ef9-3aa098e5f6c8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2004-2396`	not_vulnerable	2026-06-08 04:48:09.532908	Details available passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM. Published: 2005-08-17T04:00:00.000Z Updated: 2024-08-08T01:22:13.939Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/10370 http://www.mandriva.com/security/advisories?name=MDKSA-2004:045 https://exchange.xforce.ibmcloud.com/vulnerabilities/16179 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2395`	vulnerable	2026-06-08 04:48:09.532387	Details available Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer. Published: 2005-08-17T04:00:00.000Z Updated: 2024-08-08T01:22:13.698Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/10370 http://www.mandriva.com/security/advisories?name=MDKSA-2004:045 https://exchange.xforce.ibmcloud.com/vulnerabilities/16180 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2394`	vulnerable	2026-06-08 04:48:09.530076	Details available Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks. Published: 2005-08-17T04:00:00.000Z Updated: 2024-08-08T01:22:13.912Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/10370 http://www.mandriva.com/security/advisories?name=MDKSA-2004:045 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060 https://exchange.xforce.ibmcloud.com/vulnerabilities/16178	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0834`	vulnerable	2026-06-08 04:47:51.592423	Details available Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. Published: 2004-10-20T04:00:00.000Z Updated: 2024-08-08T00:31:47.532Z Open on db.gcve.eu Reference links http://speedtouch.sourceforge.net/index.php?/news.en.html http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17792 http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0462`	vulnerable	2026-06-08 04:47:21.591683	Details available A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). Published: 2003-07-25T04:00:00.000Z Updated: 2024-08-08T01:58:09.649Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2003-238.html http://www.debian.org/security/2004/dsa-423 http://www.redhat.com/support/errata/RHSA-2003-198.html http://www.redhat.com/support/errata/RHSA-2003-239.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0041`	vulnerable	2026-06-08 04:47:20.338350	Details available Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (\|) character in a filename that is retrieved by the client. Published: 2003-02-01T05:00:00.000Z Updated: 2024-08-08T01:43:35.114Z Open on db.gcve.eu Reference links http://secunia.com/advisories/8114 http://secunia.com/advisories/7979 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html http://www.redhat.com/support/errata/RHSA-2003-020.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:021	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2185`	vulnerable	2026-06-08 04:47:19.301462	Details available The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. Published: 2005-11-16T21:17:00.000Z Updated: 2024-08-08T03:51:17.597Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2006-0140.html http://secunia.com/advisories/18684 https://exchange.xforce.ibmcloud.com/vulnerabilities/9436 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736 ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1713`	vulnerable	2026-06-08 04:47:17.917993	Details available The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. Published: 2005-06-21T04:00:00.000Z Updated: 2024-08-08T03:34:55.794Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/5050 https://exchange.xforce.ibmcloud.com/vulnerabilities/9389 http://www.kb.cert.org/vuls/id/455323 http://online.securityfocus.com/archive/1/277515	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0836`	vulnerable	2026-06-08 04:46:22.316041	Details available dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:03:49.020Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=103497852330838&w=2 http://www.securityfocus.com/bid/5978 http://marc.info/?l=bugtraq&m=104005975415582&w=2 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537 http://www.kb.cert.org/vuls/id/169841	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0638`	vulnerable	2026-06-08 04:46:21.865466	Details available setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T02:56:38.516Z Open on db.gcve.eu Reference links ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt http://www.securityfocus.com/bid/5344 http://www.iss.net/security_center/static/9709.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php http://rhn.redhat.com/errata/RHSA-2002-132.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.