8488 matches found
metamail format string bugs
Few format string bugs...
metamail format string bugs and buffer overflows
metamail format string bugs and buffer overflows PROGRAM: metamail VENDOR: Bell Communications Research, Inc. Bellcore DOWNLOAD URLs: ftp://thumper.bellcore.com/pub/nsb/ http://ftp.funet.fi/pub/unix/mail/metamail/ VULNERABLE VERSIONS: 2.2, 2.4, 2.5, 2.6, 2.7, possibly others IMMUNE VERSIONS: 2.7...
Important: Red Hat Security Advisory: metamail security update
Updated metamail packages that fix a number of vulnerabilities are now available. Updated 18 February 2004 Updated description text to associate each CVE name with the appropriate bugs. Metamail is a system for handling multimedia mail. Ulf Harnhammar discovered two format string bugs and two...
metamail security update
Metamail is a set of utilities for processing MIME mail. New metamail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two format string bugs and two buffer overflows which could lead to unauthorized code execution. Thanks to Ulf Hrnhammar for discovering these problems...
metamail format string bugs and buffer overflows
Ulf Härnhammar reported four bugs in metamail: two are format string bugs and two are buffer overflows. The bugs are in SaveSquirrelFile, PrintHeader, and ShareThisHeader. These vulnerabilities could be triggered by a maliciously formatted email message if metamail' or splitmail' is used to proce...
[slackware-security] metamail security update (SSA:2004-049-02)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security metamail security update SSA:2004-049-02 Metamail is a set of utilities for processing MIME mail. New metamail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two format string bugs and two buffer overflo...
Metamail 2.7 - Multiple Buffer Overflow / Format String Handling Vulnerabilities
source: https://www.securityfocus.com/bid/9692/info Metamail has been reported prone to multiple vulnerabilities that may provide for arbitrary code execution. Two buffer overflow vulnerabilities have been reported to affect Metamail. Additionally, two format string-handling vulnerabilities have...
Metamail 2.7 - Multiple Buffer Overflow Format String Handling Vulnerabilities
Metamail 2.7 - Multiple Buffer Overflow Format String Handling Vulnerabilities source: https://www.securityfocus.com/bid/9692/info Metamail has been reported prone to multiple vulnerabilities that may provide for arbitrary code execution. Two buffer overflow vulnerabilities have been reported to...
CVE-2004-0069
Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function...
CVE-2004-0039
CVE-2004-0039 involves multiple format-string vulnerabilities in Check Point Firewall-1’s HTTP components: HTTP Application Intelligence (AI) in NG-AI R55/R54 and the HTTP Security Server included with NG FP1/FP2/FP3. The root cause is format specifiers used in error messages generated from craft...
Dream FTP 1.2 Remote Format String Exploit
Exploit for unknown platform in category remote exploits ========================================== Dream FTP 1.2 Remote Format String Exploit ========================================== include include include include // WIN NT/2K/XP cmd.exe shellcode // kernel32.dll baseaddress calculation:...
BolinTech DreamFTP Server 1.2 (1.02TryFTP 1.0.0.1) - Remote User Name Format String
BolinTech DreamFTP Server 1.2 1.02TryFTP 1.0.0.1 - Remote User Name Format String include include include include // WIN NT/2K/XP cmd.exe shellcode // kernel32.dll baseaddress calculation: OS/SP-independent // string-save: 00, 0a and 0d free. // portbinding: port 28876 // looping: reconnect after...
BolinTech DreamFTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String
include include include include // WIN NT/2K/XP cmd.exe shellcode // kernel32.dll baseaddress calculation: OS/SP-independent // string-save: 00, 0a and 0d free. // portbinding: port 28876 // looping: reconnect after disconnect char shellcode =...
DreamFTP formatstring bug
Format string bug in username...
BolinTech DreamFTP Server 1.0 - User Name Format String
BolinTech DreamFTP Server 1.0 - User Name Format String // source: https://www.securityfocus.com/bid/9600/info It has been reported that Dream FTP Server may be prone to a remote format string vulnerability when processing a malicious request from a client for a username during FTP authentication...
BolinTech DreamFTP Server 1.0 - User Name Format String
// source: https://www.securityfocus.com/bid/9600/info It has been reported that Dream FTP Server may be prone to a remote format string vulnerability when processing a malicious request from a client for a username during FTP authentication. The issue could crash the server. Dream FTP Server...
BolinTech Dream FTP Server 1.0 User Name Format String Vulnerability 2
BolinTech Dream FTP Server 1.0 User Name Format String Vulnerability 2. CVE-2004-0277. Remote exploit for windows platform source: http://www.securityfocus.com/bid/9600/info It has been reported that Dream FTP Server may be prone to a remote format string vulnerability when processing a malicious...
Checkpoint Firewall-1 format string bugs
Format string bugs in HTTP Application Intelligence component...
Crashing Unreal 3.1.6 + NO_IDENT_CHECKING ENABLED [http://virulent.port5.com/dosyalar/unreal_en.txt]
------------------------------------------------- CRASHING UNREAL 3.1.6 + NOIDENTCHECKING ENABLED ------------------------------------------------- DESCRIPTION OF SOFTWARE ----------------------- UnrealIRCd is an IRC server based on the branch of IRCu called Dreamforge, formerly used by the DALne...
UnrealIRCd format string bug
If NOIDENTCHECKING is defined during compilation format string bug is possible in username...