DEBIAN-CVE-2003-0777

saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service segmentation fault...

CVE-2003-0777

The CVE-2003-0777 issue affects the sane-backends package (notably the saned daemon). When debug messages are enabled and a connection is dropped, strings may not be null-terminated, potentially triggering a segmentation fault (denial of service). Multiple advisories reference this family of prob...

CVE-2003-0777

saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service segmentation fault...

methane IRCd 0.1.1 - Remote Format String

// source: https://www.securityfocus.com/bid/8038/info Behamut IRCd has been reported prone to remotely exploitable format string vulnerability. The issue presents itself when Behamut is compiled with DEBUGMODE defined. Reportedly a remote attacker may send malicious format specifiers to trigger ...

methane IRCd 0.1.1 - Remote Format String

methane IRCd 0.1.1 - Remote Format String // source: https://www.securityfocus.com/bid/8038/info Behamut IRCd has been reported prone to remotely exploitable format string vulnerability. The issue presents itself when Behamut is compiled with DEBUGMODE defined. Reportedly a remote attacker may se...

zenTrack Remote Command Execution Vulnerabilities

Subject: zenTrack Remote Command Execution Vulnerabilities Author: farking [email protected] Product: zenTrack 2.4.1 latest and below Vendor: http://zendocs.phpzen.net/zentrack / http://sourceforge.net/projects/zentrack/ Status: Vendor contacted 27/05/2003 Location:...

Mod_gzip Debug Mode Vulnerabilities

Multiple Vulnerabilities in modgzip Debugging Routines I. Synopsis Affected Systems: modgzip 1.3.26.1a and prior Risk: Development: High Production: Minimal Developer URL: http://www.sourceforge.net/projects/mod-gzip Status: Vendor is not supporting project at this time. II. Product Description...

mod_gzip Debug Mode mod_gzip_printf Remote Format String

The remote host is running modgzip with debug symbols compiled in. The debug code includes vulnerabilities that can be exploited by an attacker to gain a shell on this host. C Tenable Network Security, Inc. Ref: From: "Matthew Murphy" To: "BugTraq" , Subject: Modgzip Debug Mode Vulnerabilities...

Mod_Gzip 1.3.x - Debug Mode

ModGzip 1.3.x - Debug Mode // source: https://www.securityfocus.com/bid/7769/info Modgzip is reported prone to a stack overflow, format string vulnerability and a file corruption issue due to a predictable naming scheme for log files. Exploitation of these issues could result in execution of...

Mod_Gzip 1.3.x - Debug Mode

// source: https://www.securityfocus.com/bid/7769/info Modgzip is reported prone to a stack overflow, format string vulnerability and a file corruption issue due to a predictable naming scheme for log files. Exploitation of these issues could result in execution of malicious instructions or...

CVE-2002-1484

DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems port scan via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error...

Windows NT/2000/XP kernel buffer overflow

Stack based overflow during debug message processing...

CVE-2002-0856

SQLNET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service crash via certain debug requests that are not properly handled by the debugging feature...

CVE-2002-1484

DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems port scan via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error...

WU-FTPD Debug Mode Client Hostname Remote Format String

The remote WU-FTPd server, according to its version number, is vulnerable to a format string attack when running in debug mode. C Tenable Network Security, Inc. Affected: wu-ftpd up to 2.6.1 include"compat.inc"; if description scriptid11331; scriptversion"1.25";...

CVE-2003-1078

The FTP client for Solaris 2.6, 7, and 8 with the debug -d flag enabled displays the user password on the screen during login...

PT-2002-2753 · Php · Php-Nuke

Name of the Vulnerable Software and Affected Versions: PHP-Nuke versions 5.4 and earlier Description: The issue allows remote attackers to gain SQL query information by exploiting debugging features that are not properly restricted. This can be achieved by setting the sql debug parameter in...

DB4Web Server Debug Mode TCP Port Scanning Proxy

The DB4Web debug page allows anybody to scan other machines. This could allow a remote attacker to learn more about the internal network layout, which could be used to mount further attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: From:[email protected] To:...

CVE-2002-0918

CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error...

DB4Web 3.43.6 - Connection Proxy

DB4Web 3.43.6 - Connection Proxy source: https://www.securityfocus.com/bid/5725/info DB4Web is an application server that allows read and write access to relational databases and other information sources, via the web. The application is available for Windows, Linux, and various Unix platforms. B...