8453 matches found
CVE-2001-0891
CVE-2001-0891 describes a format string vulnerability in the NQS daemon (nqsdaemon) of NQE 3.3.0.16 on CRAY UNICOS and SGI IRIX. A local user could gain root privileges by submitting a batch job with a name containing formatting characters (via qsub). The connected documents confirm the vulnerabi...
CVE-2002-0412
NTOP is affected by CVE-2002-0412 due to a format string vulnerability in the TraceEvent function prior to version 2.1. The issue allows remote attackers to execute arbitrary code by injecting format strings into syslog calls. Attack vectors include an HTTP GET request, or credentials supplied in...
CVE-2003-0165
Eye of GNOME (EOG) 2.2.0 and earlier is affected by a format-string vulnerability in the command-line filename handling, allowing an attacker to execute arbitrary code with the user’s privileges. Exploitation would require a crafted filename passed to EOG (e.g., via mailcap/mail clients). Patches...
CVE-2003-0165
Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...
CVE-2003-0165
Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...
Format string bug in GNOME Eye of Gnome
Format stirng bug in filename parsing...
GNOME Eye Of Gnome 1.0.x/1.1.x/2.2 - Format String
source: https://www.securityfocus.com/bid/7121/info GNOME Eye of Gnome EOG image viewer is prone to a format string vulnerability. This condition may lead to execution of arbitrary code if malicious format specifiers are supplied to the program via the command line. As some utilities may be...
GNOME Eye Of Gnome 1.0.x1.1.x2.2 - Format String
GNOME Eye Of Gnome 1.0.x1.1.x2.2 - Format String source: https://www.securityfocus.com/bid/7121/info GNOME Eye of Gnome EOG image viewer is prone to a format string vulnerability. This condition may lead to execution of arbitrary code if malicious format specifiers are supplied to the program via...
Tanne netzio.c logger Function Remote Format String
The remote tanned server contains a format string vulnerability. An attacker may use this flaw to gain a shell on this host. C Tenable Network Security, Inc. Ref: From: "dong-h0un yoU" To: [email protected] Date: Tue, 07 Jan 2003 16:59:11 +0800 Subject: VulnWatch INetCop Security Advisory...
CVE-2002-0690
McAfee Security ePolicy Orchestrator (ePO) 2.5.1 is affected by CVE-2002-0690, a format-string vulnerability in the HTTP GET request path that can allow remote code execution with SYSTEM privileges. The issue stems from processing of network requests (port 8081) and can enable arbitrary code exec...
CVE-2003-0081
Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers...
CVE-2002-1415
Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in SMTP requests...
CVE-2002-1415
CVE-2002-1415 describes a format-string vulnerability in the SMTP service of WebEasyMail 3.4.2.2 and earlier. The flaw allows remote attackers to crash the service and potentially execute arbitrary code by sending crafted format strings in SMTP requests. The accessible impact via the NVD entry is...
CVE-2002-0690
Format string vulnerability in McAfee Security ePolicy Orchestrator ePO 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings...
PT-2003-1354 · Ethereal · Ethereal
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.8.7 through 0.9.9 Description: A format string issue in the SOCKS dissector of Ethereal allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. Recommendations: For Ethereal...
McAfee ePolicy Orchestrator Format String Vulnerability (a031703-1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: ePolicy Orchestrator Format String Vulnerability Release Date: 03/17/2003 Application: McAfee ePolicy Orchestrator 2.5.1 Platform: Windows 2000 Server SP1 Windows 2000 Pro SP1 Severity: The...
McAfee ePolicy Orchestrator format string bug
Format string bug during network request processing...
ProFTPD 1.2.0rc2 Malformed cwd Command Format String
The remote ProFTPd server is as old or older than 1.2.0rc2 There is a very hard to exploit format string vulnerability in this version that could allow an attacker to execute arbitrary code on this host. The vulnerability is believed to be nearly impossible to exploit though. C Tenable Network...
ePolicy Orchestrator HTTP GET Request Remote Format String
If the remote web server is ePolicy Orchestrator, an attacker may use this flaw to execute code with the SYSTEM privileges on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Untested. Probably redundant with plugin 11075. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Multiple FTP Server setproctitle Function Arbitrary Command Execution
The remote FTP server misuses the function setproctitle and may allow an attacker to gain a root shell on this host by logging in as 'anonymous' and providing a carefully crafted format string as its email address. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11391...