Lucene search
+L

104 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

GNU Anubis 3.6.x/3.9.x Multiple Format String

No description provided by source. source: http://www.securityfocus.com/bid/9772/info GNU Anubis has been reported prone to multiple buffer overflow and format string vulnerabilities. It has been conjectured that a remote attacker may potentially exploit these vulnerabilities to have arbitrary co...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2010/08/27 3:48 p.m.8 views

Researchers Cripple Pushdo Botnet

Researchers have made a huge dent in a major variant of the Pushdo botnet, virtually crippling the network by working with hosting providers to take down about two thirds of the command-and-control servers involved in the botnet. Pushdo for years has been one of the major producers of spam and...

0.3AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.24 views

FreeBSD : GNU Anubis buffer overflows and format string vulnerabilities (8471bb85-6fb0-11d8-873f-0020ed76ef5a)

Ulf Harnhammar discovered several vulnerabilities in GNU Anubis. - Unsafe uses of sscanf'. The %s' format specifier is used, which allows a classical buffer overflow. auth.c - Format string bugs invoking syslog'. log.c, errs.c, ssl.c Ulf notes that these vulnerabilities can be exploited by a...

10CVSS5.9AI score0.15643EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.17 views

FreeBSD Ports: anubis

The remote host is missing an update to the system as announced in the referenced advisory. VID 8471bb85-6fb0-11d8-873f-0020ed76ef5a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

10CVSS0.2AI score0.15643EPSS
Exploits2
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.17 views

FreeBSD Ports: anubis

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS7.1AI score0.15643EPSS
Exploits2References3
Prion
Prion
added 2008/06/19 8:41 p.m.19 views

Design/Logic Flaw

The Anubis aka Anubis+Ripe160 plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file...

6.4CVSS7.1AI score0.01015EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2008/06/19 8:41 p.m.16 views

CVE-2008-2780

The Anubis aka Anubis+Ripe160 plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file...

6.4CVSS6.5AI score0.01015EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2008/06/19 8:41 p.m.3 views

CVE-2008-2780

The Anubis aka Anubis+Ripe160 plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file...

6.4CVSS5.5AI score0.01015EPSS
Exploits0References5
Cvelist
Cvelist
added 2008/06/19 8:0 p.m.19 views

CVE-2008-2780

The Anubis aka Anubis+Ripe160 plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file...

6.5AI score0.01015EPSS
Exploits0References4
CVE
CVE
added 2008/06/19 8:0 p.m.45 views

CVE-2008-2780

CVE-2008-2780 : The Anubis (Anubis+Ripe160) plugin before version 1.3 stores the unencrypted file size in cleartext in the header of the encrypted file, enabling an attacker to distinguish encrypted data from trailing random padding. This is the reported vulnerability detail; no exploitation vect...

6.4CVSS6.6AI score0.01015EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2004/11/23 5:0 a.m.22 views

CVE-2004-0353

Multiple buffer overflows in authident function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string...

10CVSS7AI score0.04717EPSS
Exploits1References5
NVD
NVD
added 2004/11/23 5:0 a.m.24 views

CVE-2004-0354

Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to 1 the info function in log.c, 2 the anubiserror function in errs.c, or 3 the sslerror function in ssl.c...

10CVSS7.6AI score0.15643EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.22 views

FreeBSD : GNU Anubis buffer overflows and format string vulnerabilities (6)

The following package needs to be updated: anubis %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg8471bb856fb011d8873f0020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.5AI score0.15643EPSS
Exploits2References22
CVE
CVE
added 2004/03/18 5:0 a.m.62 views

CVE-2004-0353

CVE-2004-0353 covers multiple buffer overflows in GNU Anubis that affect the auth_ident() function (auth.c) in versions 3.6.0–3.6.2 and 3.9.92–3.9.93, allowing remote attackers to gain privileges by supplying a long string. Connected sources also document additional vulnerabilities in GNU Anubis:...

10CVSS7AI score0.04717EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2004/03/18 5:0 a.m.54 views

CVE-2004-0354

CVE-2004-0354 affects GNU Anubis versions 3.6.0–3.6.2 and 3.9.92–3.9.93. The issue is a format string vulnerability in three code paths: the info function in log.c, the anubis_error function in errs.c, and the ssl_error function in ssl.c, which can enable remote code execution. The connected docu...

10CVSS7.6AI score0.15643EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2004/03/18 5:0 a.m.29 views

CVE-2004-0353

Multiple buffer overflows in authident function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string...

6.9AI score0.04717EPSS
Exploits1References5
Cvelist
Cvelist
added 2004/03/18 5:0 a.m.31 views

CVE-2004-0354

Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to 1 the info function in log.c, 2 the anubiserror function in errs.c, or 3 the sslerror function in ssl.c...

7.6AI score0.15643EPSS
Exploits1References4
securityvulns
securityvulns
added 2004/03/05 12:0 a.m.39 views

GNU Anubis buffer overflows and format string bugs

GNU Anubis buffer overflows and format string bugs PROGRAM: GNU Anubis VENDOR: Free Software Foundation, Inc. HOMEPAGE: http://www.gnu.org/software/anubis/ VULNERABLE VERSIONS: 3.6.2, 3.9.93, 3.9.92, 3.6.0, 3.6.1, possibly others IMMUNE VERSIONS: 3.6.2 with vendor patch, 3.9.93 with vendor patch,...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2004/03/05 12:0 a.m.35 views

GNU Anubis multiple bugs

Buffer overflows, format string bugs...

2.6AI score
Exploits0References1Affected Software1
FreeBSD
FreeBSD
added 2004/03/04 12:0 a.m.23 views

GNU Anubis buffer overflows and format string vulnerabilities

Ulf Härnhammar discovered several vulnerabilities in GNU Anubis. Unsafe uses of sscanf'. The %s' format specifier is used, which allows a classical buffer overflow. auth.c Format string bugs invoking syslog'. log.c, errs.c, ssl.c Ulf notes that these vulnerabilities can be exploited by a maliciou...

10CVSS6.8AI score0.04717EPSS
Exploits1References1
Rows per page
Query Builder