CVE-2005-0240

CVE-2005-0240: Format string vulnerability in chdev on IBM AIX 5.2 permits local users to execute arbitrary code via format string specifiers in a command-line argument during error message printing. Affected component: chdev on AIX 5.2. Root cause: improper handling of format strings when printi...

DEBIAN-CVE-2005-0100

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

CVE-2005-0100

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

CVE-2005-0100

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

CVE-2005-0100

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

CVE-2004-1388

Format string vulnerability in the gpsdreport function for BerliOS GPD daemon gpsd, formerly pygps 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls...

CVE-2005-0188

CVE-2005-0188 concerns a format-string vulnerability in the SetBaseURL function of the AtHoc toolbar. The issue allows remote attackers to execute arbitrary code by supplying an invalid URL that is recorded in the debug log, leveraging format specifiers. Public references in NVD/CVE records indic...

CVE-2004-1388

CVE-2004-1388 describes a format-string vulnerability in BerliOS GPSD (gpsd, formerly pygps) within the gpsd_report function, affecting versions 1.9.0 through 2.7. An attacker could remotely trigger arbitrary code execution via GPS requests with format specifiers unhandled by syslog calls. Public...

CVE-2005-0226

ngIRCd is affected by a format-string vulnerability in Log_Resolver() (log.c) for versions 0.8.2 and earlier when IDENT is enabled, SYSLOG logging is used, and DEBUG is on. This can allow a remote attacker to execute arbitrary code with ngIRCd’s privileges (typically root). Several advisories and...

CVE-2005-0188

Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log...

CVE-2004-1388

Format string vulnerability in the gpsdreport function for BerliOS GPD daemon gpsd, formerly pygps 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls...

ngIRCd < 0.8.3 Log_Resolver() Remote Format String Overflow

Binary data 2591.prm...

ngIRCd Internet Relay Chat daemon format string bug

Format string bug in logging feature...

ngIRCd &lt;= v0.8.2 Format String Vulnerability

------------------------------------------------- No System Group - Advisory 11 - 03/02/05 ------------------------------------------------- Program: ngIRCd Homepage: http://arthur.ath.cx/alex/ngircd/ Operating System: Linux and Unix-Compatible Vulnerable Versions: ngIRCd v0.8.2 and prior Risk:...

ngIRCd 0.8.2 - Remote Format String

/ ngircdfsexp.c ngIRCd Use: ./ngircdfsexp -h options options: -h host or IP -p ircd port by default 6667 -t type of target system -g syslog GOT address -o offset RET addr by default 0x0806b000 -b brutefoce the RET address from 0x0806b000 + offset -l targets list root@servidor:/home/coki/audit...

ngIRCd 0.8.2 - Remote Format String

ngIRCd 0.8.2 - Remote Format String / ngircdfsexp.c ngIRCd Use: ./ngircdfsexp -h options options: -h host or IP -p ircd port by default 6667 -t type of target system -g syslog GOT address -o offset RET addr by default 0x0806b000 -b brutefoce the RET address from 0x0806b000 + offset -l targets lis...

ngircd -- format string vulnerability

A No System Group security advisory reports that ngircd is vulnerable to a format string vulnerability in the LogResolver function of log.c, if IDENT support is enabled. This could allow a remote attacker to execute arbitrary code with the permissions of the ngircd daemon, which is root by defaul...

ngIRCd &lt;= 0.8.2 Remote Format String Exploit

No description provided by source. / ngircdfsexp.c ngIRCd = 0.8.2 remote format string exploit Note: To obtain a successful exploitation, we need that ngIRCd has been compiled with IDENT, logging to SYSLOG and DEBUG enabled. Original Reference: http://www.nosystem.com.ar/advisories/advisory-11.tx...

ngIRCd < 0.8.3 Log_Resolver() Format String

According to its banner, the version of the ngIRCd chat service running on the remote host contains a format string vulnerability. If it was compiled with IDENT, DEBUG is enabled, and it's logging to SYSLOG, a remote attacker can leverage this issue to execute arbitrary code on the remote host...

ngIRCd <= 0.8.2 Remote Format String Exploit

Exploit for linux platform in category remote exploits ============================================ ngIRCd Use: ./ngircdfsexp -h options options: -h host or IP -p ircd port by default 6667 -t type of target system -g syslog GOT address -o offset RET addr by default 0x0806b000 -b brutefoce the RET...