[SECURITY] [DSA 522-1] New super packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 522-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 19th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 521-1] New sup packages fix format string vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 521-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 18th, 2004 http://www.debian.org/security/faq -...

Rlpr 2.0 - 'msg()' Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/10578/info It is reported that rlpr is prone to multiple vulnerabilities. These vulnerabilities can allow a remote attacker to execute arbitrary code in order to gain unauthorized access. The application is affected by a format string vulnerability. This...

DSA-524 rlpr - several vulnerabilities

Bulletin has no description...

DSA-522 super - format string vulnerability

Bulletin has no description...

sup -- format string vulnerability

Debian Security Advisory reports: [email protected] discovered a format string vulnerability in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the...

Rlpr 2.0 - msg() Multiple Vulnerabilities

Rlpr 2.0 - msg Multiple Vulnerabilities source: https://www.securityfocus.com/bid/10578/info It is reported that rlpr is prone to multiple vulnerabilities. These vulnerabilities can allow a remote attacker to execute arbitrary code in order to gain unauthorized access. The application is affected...

DSA-521 sup - format string vulnerability

Bulletin has no description...

Asterisk PBX 0.7.x - Multiple Logging Format String Vulnerabilities

Asterisk PBX 0.7.x - Multiple Logging Format String Vulnerabilities source: https://www.securityfocus.com/bid/10569/info It is reported that Asterisk is susceptible to format string vulnerabilities in its logging functions. An attacker may use these vulnerabilities to corrupt memory, and read or...

APSIS Pound Load Balancer Format String Overflow

The remote server is vulnerable to a remote format string bug which can allow remote attackers to gain access to confidential data. Pound versions less than 1.6 are vulnerable to this issue. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12007; scriptversion "1.14";...

Important: Red Hat Security Advisory: tripwire security update

Updated Tripwire packages that fix a format string security vulnerability are now available. Tripwire is a system integrity assessment tool. Paul Herman discovered a format string vulnerability in Tripwire version 2.3.1 and earlier. If Tripwire is configured to send reports via email, a local use...

[Full-Disclosure] [0xbadc0ded #04] smtp.proxy <= 1.1.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================================== 0xbadc0ded Advisory 04 - 2004/06/10 - smtp.proxy = 1.1.3 ========================================================================== Reference...

smtp.proxy format string bug

syslog sender address format string bug...

CVS 1.11.x - Multiple Vulnerabilities

CVS 1.11.x - Multiple Vulnerabilities // source: https://www.securityfocus.com/bid/10499/info CVS is prone to multiple vulnerabilities. The issues include a double free vulnerability, format string vulnerabilities, and integer overflows. There is also a null termination issue in the security patc...

CVS 1.11.x - Multiple Vulnerabilities

// source: https://www.securityfocus.com/bid/10499/info CVS is prone to multiple vulnerabilities. The issues include a double free vulnerability, format string vulnerabilities, and integer overflows. There is also a null termination issue in the security patch for BID 10384, potentially leading t...

CVE-2004-0450

The CVE-2004-0450 entry concerns a format-string vulnerability in log2mail (printlog) prior to version 0.2.5.2. A logged message crafted to exploit the format string could be processed by log2mail and cause arbitrary code execution with the privileges of the log2mail process (often a member of ad...

CVE-2004-0536

Tripwire contains a format string vulnerability in the mail-report code path (cPipedMailMessage) that can be triggered by a specially crafted filename during a scan. Local users could gain privileges (Tripwire commonly runs as root) if the report generation is executed under the user context. Pub...

CVE-2004-0450

Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail...

CVE-2004-0536

Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report...

[SECURITY] [DSA 513-1] New log2mail packages fix format string vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 513-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 3rd, 2004 http://www.debian.org/security/faq -...