Inso DynaWeb HTTPd 3.1/4.0.2/4.1 - Format String

// source: https://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to a remotely exploitable format-string...

Inso DynaWeb HTTPd 3.14.0.24.1 - Format String

Inso DynaWeb HTTPd 3.14.0.24.1 - Format String // source: https://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to ...

[SECURITY] [DSA 139-1] New super packages fix local root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 139-1 [email protected] http://www.debian.org/security/ Martin Schulze August 1st, 2002 - -------------------------------------------------------------------------- Package : super...

[SECURITY] [DSA 139-1] New super packages fix local root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 139-1 [email protected] http://www.debian.org/security/ Martin Schulze August 1st, 2002 - -------------------------------------------------------------------------- Package : super...

CVE-2000-1208

Format string vulnerability in startprinting function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote call...

CVE-2000-1208

CVE-2000-1208 affects BSD-based lpr/lpd (print subsystem). It is a format-string vulnerability in startprinting() inside printjob.c that can allow local privilege escalation via a faulty syslog call using strings from checkremote(). The vulnerability is tied to the lpr/lpd package and has been ad...

DSA-139 super - format string vulnerability

Bulletin has no description...

CVE-2000-1207

CVE-2000-1207 affects the userhelper component in the Red Hat Linux usermode package. It executes non-setuid programs as root, which prevents glibc security measures from activating. This creates a local exposure where vulnerable programs can be exploited via format string weaknesses in glibc, tr...

CVE-2000-1207

userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LCALL environment variables CVE-2000-0844...

William Deich Super 3.x - SysLog Format String

// source: https://www.securityfocus.com/bid/5367/info super is prone to a format string vulnerability. This problem is due to incorrect use of the syslog function to log error messages. It is possible to corrupt memory by passing format strings through the vulnerable logging function. This may...

Format string bug in hylafax

Format string bug gives euid uucp...

HylaFAX - Various Vulnerabilities Fixed

HylaFAX.org Security Advisory 17 June 2002 Subject: Various Vulnerabilities Fixed Introduction: HylaFAX is a mature est. 1991 enterprise-class open-source software package for sending and receiving facsimiles as well as for sending alpha-numeric pages. It runs on a wide variety of UNIX-like...

William Deich Super 3.x - SysLog Format String

William Deich Super 3.x - SysLog Format String // source: https://www.securityfocus.com/bid/5367/info super is prone to a format string vulnerability. This problem is due to incorrect use of the syslog function to log error messages. It is possible to corrupt memory by passing format strings...

CVE-2002-0716

Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument...

CVE-2002-0796

CVE-2002-0796 affects the snmpdx logging component on Solaris 5.6–8. It is a format-string vulnerability in the logger that enables remote attackers to gain root privileges. The vulnerability details are based on the CVE description and associated NVD entry, which confirm the affected platform an...

CVE-2002-0735

Format string vulnerability in the logging function in C-Note Squid LDAP authentication module squidauthLDAP 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages...

CVE-2002-0735

Format string vulnerability in the logging function in C-Note Squid LDAP authentication module squidauthLDAP 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages...

CVE-2002-0796

Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges...

CVE-2002-0702

Format string vulnerabilities in the logging routines for dynamic DNS code print.c of ISC DHCP daemon DHCPD 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response...

CVE-2002-0735

CVE-2002-0735 affects the C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier. The issue is a format string vulnerability in the logging() function, allowing remote attackers to cause a denial of service and potentially execute arbitrary code by triggering log messages. No...