8488 matches found
tripwire: Format string vulnerability
Background tripwire is an open source file integrity checker. Description The code that generates email reports contains a format string vulnerability in pipedmailmessage.cpp. Impact With a carefully crafted filename on a local filesystem an attacker could cause execution of arbitrary code with...
[SECURITY] [DSA 513-1] New log2mail packages fix format string vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 513-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 3rd, 2004 http://www.debian.org/security/faq -...
[Full-Disclosure] Format String Vulnerability in Tripwire
SUMMARY ------- Tripwiretm is a Security, Intrusion Detection, Damage Assessment and Recovery, Forensics software. A vulnerability in the product allows a user on the local machine under certain circumstances to execute arbitrary code with the rights of the user running the program typically root...
Tripwire format string bug
Format string bug during e-mail report generation...
DSA-513 log2mail - format string
Bulletin has no description...
CVE-2004-0179
Multiple format string vulnerabilities in 1 neon 0.24.4 and earlier, and other products that use neon including 2 Cadaver, 3 Subversion, and 4 OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code...
CVE-2004-0179
Multiple format string vulnerabilities in 1 neon 0.24.4 and earlier, and other products that use neon including 2 Cadaver, 3 Subversion, and 4 OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code...
DEBIAN-CVE-2004-0156
Format string vulnerabilities in the 1 die or 2 logevent functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code...
jftpgw format string buffer overflow
syslog format string bug...
[SECURITY] [DSA 510-1] New jftpgw packages fix format string vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 510-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 29th, 2004 http://www.debian.org/security/faq -...
tla: Multiple vulnerabilities in included libneon
Background GNU Arch tla is a revision control system suited for widely distributed development. Description Multiple format string vulnerabilities and a heap overflow vulnerability were discovered in the code of the neon library GLSA 200405-01 and 200405-13. Current versions of the tla package...
Arbitrary code execution via a format string vulnerability in jftpgw
The log functions in jftpgw may allow remotely authenticated user to execute arbitrary code via the format string specifiers in certain syslog messages...
[SECURITY] [DSA 510-1] New jftpgw packages fix format string vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 510-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 29th, 2004 http://www.debian.org/security/faq -...
Multiple MetaMail bugs
Multiple format string bugs and buffer overflow...
[Full-Disclosure] [ GLSA 200405-17 ] Multiple vulnerabilities in metamail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200405-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
Multiple vulnerabilities in metamail
Background Metamail is a program that decodes MIME encoded mail. It is therefore often automatically called when an email is received or read. Description Ulf Harnhammar found two format string bugs and two buffer overflow bugs in Metamail. Impact A remote attacker could send a malicious email...
Important: Red Hat Security Advisory: mc security update
Updated mc packages that resolve several buffer overflow vulnerabilities, one format string vulnerability and several temporary file creation vulnerabilities are now available. Midnight Commander mc is a visual shell much like a file manager. Several buffer overflows, several temporary file...
neon format string bugs and heap overflow
Format string bugs in few functions...
Pound format string vulnerability
Background Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly. Description A format string flaw in the processing of syslog messages was discovered and...
mc
New mc packages are available for Slackware 9.0, 9.1, and -current to fix security issues that These could lead to a denial of service or the execution of arbitrary code as the user running mc. Sites that use mc should upgrade to the new mc package. More details about this issue may be found in t...