clamav format string bug

Format string bug in e-mail address during syslog call...

HP-UX libc format string bug

Format string bugs in nls functions...

Hylafax format string bug

No description provided...

CVE-2003-0886

CVE-2003-0886 describes a format-string vulnerability in the hfaxd component of Hylafax (versions 4.1.7 and earlier) that allows remote attackers to execute arbitrary code. The vulnerability is documented across multiple advisories (Debian DSA-401-1, SuSE-SA-2003:045, Mandrake MDKSA-2003:105) and...

CVE-2003-0886

Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code...

Hylafax 4.1.x - HFaxD Format String

// source: https://www.securityfocus.com/bid/9005/info Hylafax hfaxd daemon has been reported prone to an unspecified format string vulnerability that may be exploited under non-standard configurations to execute arbitrary instructions remotely as the root user. / Hylafax remote root PoC exploit ...

Hylafax 4.1.x - HFaxD Format String

Hylafax 4.1.x - HFaxD Format String // source: https://www.securityfocus.com/bid/9005/info Hylafax hfaxd daemon has been reported prone to an unspecified format string vulnerability that may be exploited under non-standard configurations to execute arbitrary instructions remotely as the root user...

IBM DB2 - db2stop Format String Arbitrary Code Execution

IBM DB2 - db2stop Format String Arbitrary Code Execution source: https://www.securityfocus.com/bid/8989/info Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the...

IBM DB2 - 'db2govd' Format String Arbitrary Code Execution

source: https://www.securityfocus.com/bid/8989/info Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the db2govd, db2start, and db2stop programs. These binaries a...

IBM DB2 - db2start Format String Arbitrary Code Execution

IBM DB2 - db2start Format String Arbitrary Code Execution source: https://www.securityfocus.com/bid/8989/info Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the...

kpopup.txt

A local root vuln exists in Kpopup version 0.9.1latest and proberly all other versions. It is avaliable from http://www.henschelsoft.de/kpopupen.html main site http://www.freebsd.org/ports/net.html and many other places if you search kpopup on google. I. BACKGROUND Kpopup is a KDE program for...

Local root vuln in kpopup

A local root vuln exists in Kpopup version 0.9.1latest and proberly all other versions. It is avaliable from http://www.henschelsoft.de/kpopupen.html main site http://www.freebsd.org/ports/net.html and many other places if you search kpopup on google. I. BACKGROUND Kpopup is a KDE program for...

kpopup multiple bugs

relative paths on system call, format string bugs, etc...

kpopup -- local root exploit and local denial of service

Mitre CVE reports: Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 allows local users to cause a denial of service segmentation fault and possibly execute arbitrary code via format string specifiers in command line arguments. misc.cpp in KPopup 0.9.1 trusts the PATH variable whe...

Linux groff utility pic contains format string vulnerability

Overview The pic component of the image processing package groff contains a format string vulnerability that could allow a remote attacker to execute arbitrary code. Description groff is an image processing package on Linux systems. A component of groff called pic contains a format-string...

CVE-2001-1411

Format string vulnerability in gm4 aka m4 on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs...

CVE-2003-0852

This CVE affects Sylpheed-claws 0.9.4–0.9.6, with a vulnerability in the send_message.c routine caused by format strings in an error message. This format-string vulnerability could be exploited by a remote SMTP server to cause a denial of service (crash) in Sylpheed. The connected documents do no...

CVE-2001-1411

CVE-2001-1411 describes a format string vulnerability in gm4 (m4) on Mac OS X. The flaw may allow local users to gain privileges if gm4 is executed by setuid programs. The vulnerability is triggered through improper handling of format strings in gm4, leading to potential privilege escalation. The...

CVE-2003-0852

Format string vulnerability in sendmessage.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service crash in sylpheed via format strings in an error message...

[Full-Disclosure] Sylpheed-claws format string bug, yet still sylpheed much better than windows

Georgi Guninski security advisory 61, 2003 Sylpheed-claws format string bug, yet still sylpheed much better than windows Systems affected: Sylpheed-claws 0.9.6 - 0.9.4 Fixed in CVS Risk: Medium Date: 22 October 2003 Legal Notice: This Advisory is Copyright c 2003 Georgi Guninski. You may distribu...