GCVE - cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*

part: o version: 9.0 update: *

Vendor	Mandrakesoft (`a8a5c606-4abd-5243-b724-ee5f458a973b`)
Product	Mandrake Linux (`3ee4655e-af5a-585e-8ef9-3aa098e5f6c8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2004-2396`	not_vulnerable	2026-06-08 04:48:09.532945	Details available passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM. Published: 2005-08-17T04:00:00.000Z Updated: 2024-08-08T01:22:13.939Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/10370 http://www.mandriva.com/security/advisories?name=MDKSA-2004:045 https://exchange.xforce.ibmcloud.com/vulnerabilities/16179 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2395`	vulnerable	2026-06-08 04:48:09.532423	Details available Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer. Published: 2005-08-17T04:00:00.000Z Updated: 2024-08-08T01:22:13.698Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/10370 http://www.mandriva.com/security/advisories?name=MDKSA-2004:045 https://exchange.xforce.ibmcloud.com/vulnerabilities/16180 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2394`	vulnerable	2026-06-08 04:48:09.531112	Details available Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks. Published: 2005-08-17T04:00:00.000Z Updated: 2024-08-08T01:22:13.912Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/10370 http://www.mandriva.com/security/advisories?name=MDKSA-2004:045 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060 https://exchange.xforce.ibmcloud.com/vulnerabilities/16178	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0834`	vulnerable	2026-06-08 04:47:51.593033	db.gcve.eu details are currently unavailable. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0461`	vulnerable	2026-06-08 04:47:49.904184	Details available The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. Published: 2004-06-24T04:00:00.000Z Updated: 2024-08-08T00:17:15.144Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/654390 https://exchange.xforce.ibmcloud.com/vulnerabilities/16476 http://www.mandriva.com/security/advisories?name=MDKSA-2004:061 http://secunia.com/advisories/23265 http://marc.info/?l=bugtraq&m=108795911203342&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0460`	vulnerable	2026-06-08 04:47:49.895981	Details available Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. Published: 2004-06-24T04:00:00.000Z Updated: 2024-08-08T00:17:15.127Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/317350 http://www.securityfocus.com/bid/10590 http://www.mandriva.com/security/advisories?name=MDKSA-2004:061 http://secunia.com/advisories/23265 http://marc.info/?l=bugtraq&m=108795911203342&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0462`	vulnerable	2026-06-08 04:47:21.592592	Details available A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). Published: 2003-07-25T04:00:00.000Z Updated: 2024-08-08T01:58:09.649Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2003-238.html http://www.debian.org/security/2004/dsa-423 http://www.redhat.com/support/errata/RHSA-2003-198.html http://www.redhat.com/support/errata/RHSA-2003-239.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0434`	vulnerable	2026-06-08 04:47:21.511911	Details available Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. Published: 2003-06-18T04:00:00.000Z Updated: 2024-08-08T01:50:48.159Z Open on db.gcve.eu Reference links http://secunia.com/advisories/9038 http://www.mandriva.com/security/advisories?name=MDKSA-2003:071 http://www.kb.cert.org/vuls/id/200132 http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html http://www.redhat.com/support/errata/RHSA-2003-196.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0041`	vulnerable	2026-06-08 04:47:20.338370	Details available Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (\|) character in a filename that is retrieved by the client. Published: 2003-02-01T05:00:00.000Z Updated: 2024-08-08T01:43:35.114Z Open on db.gcve.eu Reference links http://secunia.com/advisories/8114 http://secunia.com/advisories/7979 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html http://www.redhat.com/support/errata/RHSA-2003-020.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:021	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1814`	vulnerable	2026-06-08 04:47:18.237301	Details available Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. Published: 2005-06-28T04:00:00.000Z Updated: 2024-09-17T00:11:30.420Z Open on db.gcve.eu Reference links http://www.securiteam.com/exploits/5AP0E0K8AO.html http://online.securityfocus.com/archive/1/279676 http://www.securityfocus.com/bid/5125 http://www.iss.net/security_center/static/9451.php	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0836`	vulnerable	2026-06-08 04:46:22.318105	Details available dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:03:49.020Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=103497852330838&w=2 http://www.securityfocus.com/bid/5978 http://marc.info/?l=bugtraq&m=104005975415582&w=2 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537 http://www.kb.cert.org/vuls/id/169841	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.