Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-687-1
HistoryFeb 18, 2005 - 12:00 a.m.

bidwatcher - format string

2005-02-1800:00:00
Google
osv.dev
5

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Ulf Härnhammar from the Debian Security Audit Project discovered a
format string vulnerability in bidwatcher, a tool for watching and
bidding on eBay auctions. This problem can be triggered remotely by a
web server of eBay, or someone pretending to be eBay, sending certain
data back. As of version 1.3.17 the program uses cURL and is not
vulnerable anymore.

For the stable distribution (woody) this problem has been fixed in
version 1.3.3-1woody1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your bidwatcher package.

CPENameOperatorVersion
bidwatchereq1.3.3-1

Related

nessus 3
openvas 6
debian 2
freebsd 1
securityvulns 1
cve 1
gentoo 1
ubuntucve 1
nessus
nessus
FreeBSD : bidwatcher -- format string vulnerability (74c86a29-81ef-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
GLSA-200503-06 : BidWatcher: Format string vulnerability
2005-03-04 00:00:00
Debian DSA-687-1 : bidwatcher - format string
2005-02-18 00:00:00
openvas
openvas
FreeBSD Ports: bidwatcher
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200503-06 (bidwatcher)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-687-1)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 687-1] New bidwatcher packages fix format string vulnerability
2005-02-18 16:59:06
[SECURITY] [DSA 687-1] New bidwatcher packages fix format string vulnerability
2005-02-18 16:59:06
freebsd
freebsd
bidwatcher -- format string vulnerability
2005-02-18 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 687-1] New bidwatcher packages fix format string vulnerability
2005-02-20 00:00:00
cve
cve
CVE-2005-0158
2005-05-02 04:00:00
gentoo
gentoo
BidWatcher: Format string vulnerability
2005-03-03 00:00:00
ubuntucve
ubuntucve
CVE-2005-0158
2005-05-02 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for OSV:DSA-687-1
nessus3openvas6debian2freebsd1securityvulns1cve1gentoo1ubuntucve1