CVE-2003-0165

Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...

CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

CVE-2002-0246

Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LCMESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint...

CVE-2002-0916

This CVE (CVE-2002-0916) affects Squid 2.4.STABLE6 and earlier, in the Stellar-X msntauth authentication module. The issue is a format string vulnerability in the allowuser code that handles the user name, where untrusted input is used in a syslog call, enabling remote code execution. Documents c...

CVE-2002-0573

CVE-2002-0573 affects Solaris systems running the rpc.rwalld daemon (Solaris 2.5.1–8). The issue is a format-string vulnerability in the error-handling path of rpc.rwalld, which can allow a remote attacker to execute arbitrary code with the daemon’s privileges (typically root) by sending a specia...

CVE-2002-0817

Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument...

CVE-2002-0851

The CVE-2002-0851 issue affects the ISDN4Linux (i4l) package, specifically the PPP daemon ipppd. A format string vulnerability in the device name command line argument is not properly sanitized in a syslog call, allowing a local user to exploit the flaw and gain root privileges. The connected doc...

CVE-2002-1051

Format string vulnerability in TrACESroute 6.0 GOLD aka NANOG traceroute allows local users to execute arbitrary code via the -T terminator command line argument...

CVE-2002-1049

Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service crash via the TSI data element...

CVE-2002-0501

The CVE-2002-0501 entry relates to a format-string vulnerability in the Posadis DNS server’s log_print() function, exploitable by local users and possibly remote attackers. Affected software: Posadis DNS server prior to version m5pre2. Root cause: improper handling of format strings in logging, e...

CVE-2002-0501

Format string vulnerability in logprint function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages...

DEBIAN-CVE-2003-0165

Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...

CVE-2001-0891

Format string vulnerability in NQS daemon nqsdaemon in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters...

CVE-2002-0851

Format string vulnerability in ISDN Point to Point Protocol PPP daemon ipppd in the ISDN4Linux i4l package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog...

CVE-2003-0165

Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...

CVE-2002-0573

Format string vulnerability in RPC wall daemon rpc.rwalld for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed...

CVE-2002-0851

Removed by vendor...

CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

CVE-2002-1049

CVE-2002-1049 is a format string vulnerability in HylaFAX faxgetty prior to 4.1.3. The TSI data element is used in a format string without proper sanitization, allowing remote attackers to crash the faxgetty process (denial of service). Several advisories reference this issue, with Debian noting ...

CVE-2002-0716

CVE-2002-0716 describes a format string vulnerability in the crontab component of SCO OpenServer 5.0.5 and 5.0.6 . The issue arises from format string specifiers in the file name argument , allowing local users to gain privileges . The vulnerability is tied to the crontab handling of a file name ...