CVE-2001-0920

Format string vulnerability in auto nice daemon AND 1.0.4 and earlier allows a local user to possibly execute arbitrary code via a process name containing a format string...

CVE-2001-1176

Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection...

CVE-2001-1203

Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges...

CVE-2001-0869

CVE-2001-0869 is a format-string vulnerability in the Cyrus SASL library (cyrus-sasl) affecting the default logging callback _sasl_syslog in common.c. The Mandrake MDKSA-2002:018 advisory notes a format bug in cyrus-sasl that could allow a remote attacker to obtain access or elevate privileges, w...

CVE-2001-1203

The CVE corresponds to a local root vulnerability in the gpm package (gpm-root) where a format string flaw in gpm 1.17.8–1.17.18 allows local privilege escalation. Debian and OpenVAS entries describe the issue as requiring an update to gpm (DSA-095-1); Nessus notes this as a Debian local root adv...

CVE-2002-0175

libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe...

CVE-2002-0598

Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner...

CVE-2002-0586

Format string vulnerability in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters...

[CERT-intexxia] mmftpd FTP Daemon Format String Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY INTEXXIAc 04 06 2002 ID 1053-040602 TITLE : mmftpd FTP Daemon Format String Vulnerability CREDITS : Guillaume Pelat / INTEXXIA SYSTEM AFFECTED =============== mmftpd = 0.0.7 DESCRIPTION =========== "mmftpd is a secure FTP server that...

[CERT-intexxia] mmmail POP3-SMTP Daemon Format String Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY INTEXXIAc 04 06 2002 ID 1054-040602 TITLE : mmmail POP3-SMTP Daemon Format String Vulnerability CREDITS : Guillaume Pelat / INTEXXIA SYSTEM AFFECTED =============== mmmail = 0.0.13 mmpop3d & mmsmtpd DESCRIPTION =========== "mmmail...

Format string bugs in mmmail/mmftpd

Format string bugs in logging...

IRIX talkd vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: talkd vulnerability Number: 20020603-01-I Date: June 10, 2002 Reference: CVE-2000-1010 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that the /usr/etc/talkd daemon contains a format...

CVE-2002-0525

Format string vulnerabilities in 1 inews or 2 rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses...

CVE-2002-0586

Format string vulnerability in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters...

CVE-2002-0586

CVE-2002-0586 describes a format-string vulnerability in AOLServer (libnspd.a) across versions 3.0–3.4.2, specifically in the Ns_PdLog function. An attacker could exploit the Error or Notice parameters to execute arbitrary code remotely. The vulnerability impacts the AOLServer external database d...

Format String bug in TrACESroute 6.0 GOLD

DownBload Security Research Lab Advisory -------------------------------------------------------------------- Advisory name: format string bug in TrACESroute Advisory number: 4 Application: TrACESroute traceroute program Version affected: 6.0 GOLD, and probably previous versions Date: 04.6.2002...

Ehud Gavron TrACESroute 6.1.1 - Terminator Function Format String

source: https://www.securityfocus.com/bid/4956/info A format string vulnerability exists in TrACESroute. The problem exists in the terminator -T function of the program. Due to improper use of the fprintf function, an attacker may be able to supply a malicious format string to the program that...

Ehud Gavron TrACESroute 6.1.1 - Terminator Function Format String

Ehud Gavron TrACESroute 6.1.1 - Terminator Function Format String source: https://www.securityfocus.com/bid/4956/info A format string vulnerability exists in TrACESroute. The problem exists in the terminator -T function of the program. Due to improper use of the fprintf function, an attacker may ...

OpenServer crontab format string bug

Format string bug in command line arguments parsing...

SRT Security Advisory (SRT2002-06-04-1711): SCO crontab

====================================================================== Strategic Reconnaissance Team Security Advisory SRT2002-06-04-1611 Topic : SCO OpenServer crontab format string vulnerability Date : June 04, 2002 Credit : KF dotslashatsnosoft.com Site : http://www.snosoft.com...