CVE-2002-0702

Format string vulnerabilities in the logging routines for dynamic DNS code print.c of ISC DHCP daemon DHCPD 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response...

CVE-2002-0702

ISC DHCPD (dhcpd) versions 3 through 3.0.1rc8, with NSUPDATE enabled, contain a format string vulnerability in the logging code (print.c) that can allow remote DNS servers to execute arbitrary code via crafted DNS responses. The vulnerability is in the dynamic DNS update path and logging of updat...

LOCAL ROOT EXPLOIT - SUPPORT FULL-DISCLOSURE - LOCAL ROOT EXPLOIT

!/usr/bin/perl fartsy.pl by kanix [email protected] /usr/sbin/artswrapper local format string exploit Tested on Red Hat Linux release 7.2 Enigma Jul 6, 2002 "the secret to creativity is knowing how to hide your sources." - Albert Einstein commentz, job offerz, flamez, etc. should be directed t...

artswrapper format string bug

Format string bug in command line parsing...

safemode-adv-nn.txt

==================================================================== Safemode.org security advisory: nn ==================================================================== Package: nn Version: 6.6.3 or prior Date: 28/06/2002 Issue: Remote format string Risk: High Credits: zillionatsafemode.org...

Format string bug in nn

Format string bug in server replyes printing...

nn remote format string vulnerability

==================================================================== Safemode.org security advisory: nn ==================================================================== Package: nn Version: 6.6.3 or prior Date: 28/06/2002 Issue: Remote format string Risk: High Credits: zillionatsafemode.org...

Format string bug in decfingerd

Ошибка форматной строки при вызове syslog...

Formatstring Vulnerability in decfingerd 0.7

Hello all, I have no idea if this is the most current version of this application, I found it while browsing packetstormsecurity earlier. For all I know it may not even be kept current anymore. Anyhow... bad call to syslog is the culprit. I'm to lazy to code an exploit for this at the moment but ...

Format string bug in Netware ftpd

Format string bug in username...

cqure.net.20020521.netware_nwftpd_fmtstr

cqure.net Security Vulnerability Report No: cqure.net.20020521.netwarenwftpdfmtstr ============================================ Vulnerability Summary --------------------- Problem: The Netware FTP server has a DOS vulnerability. Threat: An attacker could cause the FTP server to ABEND resulting in...

CVE-2001-0869

Format string vulnerability in the default logging callback function saslsyslog in common.c in Cyrus SASL library cyrus-sasl may allow remote attackers to execute arbitrary commands...

CVE-2002-0175

The CVE-2002-0175 issue concerns libsafe 2.0-11 and earlier, where format-string protection can be bypassed by using certain characters ("'" and "I") that are implemented in glibc but not in libsafe. The connected Mandrake advisory (MDKSA-2002:026) states that this bypass arises from how printf w...

CVE-2002-0002

Format string vulnerability in stunnel before 3.22 when used in client mode for 1 smtp, 2 pop, or 3 nntp allows remote malicious servers to execute arbitrary code...

CVE-2001-1176

CVE-2001-1176 describes a format-string vulnerability in Check Point VPN-1/FireWall-1 4.1. The issue allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection. Exploitation details are not provided in the connected documents; no ex...

CVE-2001-1022

Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command...

CVE-2001-0920

The CVE-2001-0920 entry concerns a format string vulnerability in the auto nice daemon (AND) version 1.0.4 and earlier that lets a local user potentially execute arbitrary code by supplying a process name containing a format string. Affected component: the daemon’s handling of process names. Unde...

CVE-2001-1215

Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file...

CVE-2002-0159

Format string vulnerability in the administration function in Cisco Secure Access Control Server ACS for Windows, 2.6.x and earlier and 3.x through 3.01 build 40, allows remote attackers to crash the CSADMIN module only denial of service of administration function or execute arbitrary code via...

CVE-2001-1022

CVE-2001-1022 relates to a format-string vulnerability in the groff family: the pic component of groff (and jgroff before 1.15) could bypass the -S option and execute arbitrary commands via format-string specifiers in the plot command. Affected: groff 1.16.1 and other versions; jgroff before 1.15...