Lucene search
Aaron GrattafioriEDB-ID:32248HistoryAug 13, 2008 - 12:00 a.m.
Yelp 2.23.1 - Invalid URI Format String
2008-08-1300:00:00
Aaron Grattafiori
www.exploit-db.com
16
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/30690/info
Yelp is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.
A remote attacker may exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts may cause denial-of-service conditions.
Yelp 2.23.1 is vulnerable; other versions may also be affected.
ftp://%08x.%08x.%08x.%08x.%08x.%08x
%x%x%x%x%x%x://
%08x%08x Related
openvas
openvas
Ubuntu Update for yelp vulnerability USN-638-1
2009-03-23 00:00:00
Gentoo Security Advisory GLSA 200809-01 (yelp)
2008-09-24 00:00:00
Ubuntu: Security Advisory (USN-638-1)
2009-03-23 00:00:00
nessus
nessus
openSUSE Security Update : yelp (yelp-271)
2009-07-21 00:00:00
Fedora 8 : yelp-2.20.0-12.fc8 (2008-7293)
2008-09-10 00:00:00
Ubuntu 7.10 / 8.04 LTS : yelp vulnerability (USN-638-1)
2008-08-28 00:00:00
securityvulns
securityvulns
yelp format string vulnerability
2008-08-21 00:00:00
[ MDVSA-2008:175 ] yelp
2008-08-21 00:00:00
ubuntucve
ubuntucve
CVE-2008-3533
2008-08-18 00:00:00
cve
cve
CVE-2008-3533
2008-08-18 17:41:00
cvelist
cvelist
CVE-2008-3533
2008-08-18 17:15:00
debiancve
debiancve
CVE-2008-3533
2008-08-18 17:41:00
ubuntu
ubuntu
Yelp vulnerability
2008-08-27 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: yelp-2.20.0-12.fc8
2008-09-10 06:50:31
gentoo
gentoo
yelp: User-assisted execution of arbitrary code
2008-09-04 00:00:00
prion
prion
Format string
2008-08-18 17:41:00
nvd
nvd
CVE-2008-3533
2008-08-18 17:41:00