GLSA: ethereal (200303-10)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200303-10 - - --------------------------------------------------------------------- PACKAGE : ethereal SUMMARY : arbitrary code execution DATE...

Multiple bugs in Ethereal

Format string bug in SOCKS protocol handling, heap overflow on NTLMSSP code...

[SECURITY] [DSA 258-1] New ethereal packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 258-1 [email protected] http://www.debian.org/security/ Martin Schulze March 10th, 2003 http://www.debian.org/security/faq -...

DSA-258 ethereal - format string vulnerability

Bulletin has no description...

WU-FTPD Debug Mode Client Hostname Remote Format String

The remote WU-FTPd server, according to its version number, is vulnerable to a format string attack when running in debug mode. C Tenable Network Security, Inc. Affected: wu-ftpd up to 2.6.1 include"compat.inc"; if description scriptid11331; scriptversion"1.25";...

CVE-2003-0103

Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service crash, lockup, or restart via a Multi-Part vCard with fields containing a large number of format string specifiers...

CVE-2002-0842

Format string vulnerability in certain third party modifications to moddav for logging bad gateway messages e.g. Oracle9i Application Server 9.0.2 allows remote attackers to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, which causes the format string...

amx_mod format string bug

Format string bug in amxsay...

[VSA0308] Half-Life AMX-Mod remote (root) hole

void.at Security Advisory VSA0308 - mailto:crew at void dot at AMX1 is a plugin for the "Half-Life Server", hosting the most popular online game today, "Counter-Strike", among others. Overview ======== Due to a format string bug in AMX, it is possible for a remote attacker who knows the...

AMX Mod 0.9.2 - Remote amx_say Format String

AMX Mod 0.9.2 - Remote amxsay Format String // source: https://www.securityfocus.com/bid/6968/info A format string vulnerability has been discovered AMX Mod 0.9.2 and earlier which may be exploitable to execute arbitrary code on a target Half-Life server. The problem occurs when calling the...

AMX Mod 0.9.2 - Remote 'amx_say' Format String

// source: https://www.securityfocus.com/bid/6968/info A format string vulnerability has been discovered AMX Mod 0.9.2 and earlier which may be exploitable to execute arbitrary code on a target Half-Life server. The problem occurs when calling the 'amxsay' command. By passing specially constructe...

CVE-2003-0060

Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center KDC before 1.2.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in Kerberos principal names...

CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

CVE-2003-0060

Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center KDC before 1.2.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in Kerberos principal names...

DEBIAN-CVE-2003-0060

Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center KDC before 1.2.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in Kerberos principal names...

DEBIAN-CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

Apache mod_dav format string bug

aplogrerror format string bug...

Re: CSSA-2003-007.0 Advisory withdrawn.

-----BEGIN PGP SIGNED MESSAGE----- Just to clarify this a bit further, the moddav module for Apache is not vulnerable to the format string vulnerability as outlined in the original advisory from SCO, CAN-2002-0842 moddav contains code that logs various errors and uses aplogrerror to do so. In...

Security Update: [CSSA-2003-007.0] Linux: Apache mod_dav module format string vulnerability

To: [email protected] [email protected] [email protected] [email protected] SCO Security Advisory Subject: Linux: Apache moddav module format string vulnerability Advisory number: CSSA-2003-007.0 Issue date: 2003 February 17 Cross reference: 1...

Oracle9i Application Server Format String Vulnerability (#NISR16022003d)

NGSSoftware Insight Security Research Advisory Name: Oracle9i Application Server Format String Vulnerability Systems Affected: All platforms; Oracle9i Application Server Release 9.0.2 Severity: Critical Risk Category: Format String Vulnerability Vendor URL: http://www.oracle.com Author: David...