DEBIAN-CVE-2002-1049

Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service crash via the TSI data element...

CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

DEBIAN-CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

Unauthorized access in WatchGuard

Format string bugs and insufficient username checks allows administrative access...

IIL Advisory: Format String bug in Null Webmail (0.6.3)

Illegal Instruction Labs Advisory ------------------------------------------------------------------------- Advisory name: Format String bug in Null Webmail 0.6.3 Advisory number: 7 Application: Null Webmail 0.6.3 Author: Dan Cahill E-mail: [email protected] Homepage:...

CVE-2002-0851

Format string vulnerability in ISDN Point to Point Protocol PPP daemon ipppd in the ISDN4Linux i4l package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog...

CVE-2002-0930

Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 NWFTPD allows remote attackers to cause a denial of service ABEND via format strings in the USER command...

CVE-2002-0913

CVE-2002-0913 describes a format string vulnerability in the Slurp NNTP client 1.1.0, specifically in the log_doit function. A malicious news server can exploit this by sending a crafted server response to execute arbitrary code on the affected client. The vulnerability is network-based with low ...

CVE-2002-0913

Format string vulnerability in logdoit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response...

CVE-2002-0884

CVE-2002-0884 describes multiple format string vulnerabilities in the ARP server component in.rarpd affecting Solaris, Caldera UnixWare and Open UNIX (and possibly other OSes). The flaw allows remote code execution via improper handling of format strings in the functions (1) syserr and (2) error....

CVE-2002-0925

Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via 1 the USER command to mmpop3d for mmmail 0.0.13 and earlier, 2 the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or 3 the USER command to mmftpd 0.0.7 and earlier...

CVE-2002-0884

Multiple format string vulnerabilities in in.rarpd ARP server on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions 1 syserr and 2 error...

CVE-2002-0930

The CVE-2002-0930 entry describes a format-string vulnerability in the NWFTPD FTP server of Novell NetWare 6.0 SP1. The issue allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command. Affected software explicitly named is the NWFTPD component of NetWare ...

eXtremail Multiple SMTP Command flog Function Format String

According to its version number, the remote eXtremail server has a format string vulnerability. A remote attacker could exploit this to crash the service, or possibly execute arbitrary code. C Tenable Network Security, Inc. Ref: http://online.securityfocus.com/archive/1/192791 Could not find a...

CVE-2002-0857

Format string vulnerabilities in Oracle Listener Control utility lsnrctl for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file...

CVE-2002-0857

The CVE-2002-0857 entry describes a format-string vulnerability in Oracle’s Listener Control Utility (LSNRCTL) used to administer Listeners. Affects Oracle 9.2 and 9.0, 8.1, and 7.3.4; by inserting format specifiers into the Listener configuration (listener.ora) or supplying crafted commands, an ...

Format string bug in WebEasyMail

Format string bug in SMTP command parsing...

Multiple bugs in Oracle Listener

Format string bug, DoS...

Oracle Listener Control Format String Vulnerabilities (#NISR14082002)

NGSSoftware Insight Security Research Advisory Name: Oracle Listener Control Format Strings Systems Affected: Oracle 9i, 8i on all platforms Severity: Medium Category: Format String Vulnerabilities Vendor URL: http://www.oracle.com/ Authors: David Litchfield [email protected] Advisory URL:...