GProFTPD: gprostats format string vulnerability

Background GProFTPD is a GTK+ administration tool for the ProFTPD server. GProFTPD is distributed with gprostats, a utility to parse ProFTPD transfer logs. Description Tavis Ormandy of the Gentoo Linux Security Audit Team has identified a format string vulnerability in the gprostats utility. Impa...

bidwatcher -- format string vulnerability

A Debian Security Advisory reports: Ulf Härnhammer from the Debian Security Audit Project discovered a format string vulnerability in bidwatcher, a tool for watching and bidding on eBay auctions. This problem can be triggered remotely by a web server of eBay, or someone pretending to be eBay,...

GLSA-200502-26 : GProFTPD: gprostats format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200502-26 GProFTPD: gprostats format string vulnerability Tavis Ormandy of the Gentoo Linux Security Audit Team has identified a format string vulnerability in the gprostats utility. Impact : An attacker could exploit the...

GLSA-200502-24 : Midnight Commander: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200502-24 Midnight Commander: Multiple vulnerabilities Midnight Commander contains several format string vulnerabilities CAN-2004-1004, buffer overflows CAN-2004-1005, a memory deallocation error CAN-2004-1092 and a buffer underfl...

DSA-687-1 bidwatcher - format string

Bulletin has no description...

Debian DSA-687-1 : bidwatcher - format string

Ulf Harnhammar from the Debian Security Audit Project discovered a format string vulnerability in bidwatcher, a tool for watching and bidding on eBay auctions. This problem can be triggered remotely by a web server of eBay, or someone pretending to be eBay, sending certain data back. As of versio...

[SECURITY] [DSA 685-1] New emacs21 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 685-1 [email protected] http://www.debian.org/security/ Martin Schulze February 17th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 685-1] New emacs21 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 685-1 [email protected] http://www.debian.org/security/ Martin Schulze February 17th, 2005 http://www.debian.org/security/faq -...

DSA-685-1 emacs21 - format string

Bulletin has no description...

typespeed keyboard touch-typist trainer format string bug

Format string bug in setgid games application...

Midnight Commander: Multiple vulnerabilities

Background Midnight Commander is a visual console file manager. Description Midnight Commander contains several format string vulnerabilities CAN-2004-1004, buffer overflows CAN-2004-1005, a memory deallocation error CAN-2004-1092 and a buffer underflow CAN-2004-1176. Impact An attacker could...

Debian DSA-685-1 : emacs21 - format string

Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor. Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Typespeed 0.4.1 - Local Format String

Typespeed 0.4.1 - Local Format String // source: https://www.securityfocus.com/bid/12569/info typespeed is prone to a local format string vulnerability. Successful could allow privilege escalation. / Proof of Concept local exploit for typespeed tool "enva" content: include include int mainint arg...

GLSA-200502-20 : Emacs, XEmacs: Format string vulnerabilities in movemail

The remote host is affected by the vulnerability described in GLSA-200502-20 Emacs, XEmacs: Format string vulnerabilities in movemail Max Vozeler discovered that the movemail utility contains several format string errors. Impact : An attacker could set up a malicious POP server and entice a user ...

Typespeed 0.4.1 - Local Format String

// source: https://www.securityfocus.com/bid/12569/info typespeed is prone to a local format string vulnerability. Successful could allow privilege escalation. / Proof of Concept local exploit for typespeed tool "enva" content: include include int mainint argc, char argv char addrptr = NULL;...

security flaw

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

Important: Red Hat Security Advisory: xemacs security update

Updated XEmacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. XEmacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler...

Important: Red Hat Security Advisory: emacs security update

Updated Emacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team Emacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler...

Emacs, XEmacs: Format string vulnerabilities in movemail

Background GNU Emacs and XEmacs are highly extensible and customizable text editors. movemail is an Emacs utility that can fetch mail on remote mail servers. Description Max Vozeler discovered that the movemail utility contains several format string errors. Impact An attacker could set up a...

GLSA-200501-11 : Dillo: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200501-11 Dillo: Format string vulnerability Gentoo Linux developer Tavis Ormandy found a format string bug in Dillo's handling of messages in aInterfacemsg. Impact : An attacker could craft a malicious web page which, when access...