Format string bug in slurp

Format string bug on processing NNTP server reply...

SRT Security Advisory (SRT2002-06-04-1011): slurp

====================================================================== Strategic Reconnaissance Team Security Advisory SRT2002-06-04-1011 Topic : Slurp news retriever remote format string vulnerability Date : June 04, 2002 Credit : zillionatsafemode.org Site : http://www.snosoft.com...

[DER #11] - Remotey exploitable fmt string bug in squid

------------------------------------------- - DAVID EVLIS REIGN SECURITY ADVISORY 11 - ------------------------------------------- - WHAT - Remotely Exploitable Format string Hole - WHO - MSNT squid auth for NtDomains - DETAILS ON PRODUCT - This is an authentication module for the Squid proxy...

Slurp 1.10 - SysLog Remote Format String

source: https://www.securityfocus.com/bid/4935/info slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp offers functionality that allows the...

Slurp 1.10 - SysLog Remote Format String

Slurp 1.10 - SysLog Remote Format String source: https://www.securityfocus.com/bid/4935/info slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp...

Oracle TNS Listener Control Utility (LSNRCTL) contains format string vulnerability

Overview The Oracle Listener Control Utility LSNRCTL contains a format string vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or commands or cause a denial of service. Description Oracle Transparent Network Substrate TNS Listeners are processes that...

Format string bug in squid

Format string bug in NT domain authorization module...

Oracle Application Server contains format string vulnerability

Overview The CERT/CC is aware of a report about a "remotely exploitable format string vulnerability in Oracle Application Server" that could allow an unauthenticated, remote attacker to execute arbitrary code on a vulnerable system. Description Oracle Application Server uses the Apache HTTP Serve...

CVE-2002-0374

Format string vulnerability in the logging function for the pamldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name...

CVE-2002-0246

Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LCMESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint...

route of #phrack is a funny man!

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note to Moderator: Woops, GOBBLES drink too much boxed wine today... here important advisory ALERT! ALERT! Multiple vendor talkd vulnerability ALERT! ALERT! Forward Certain phrack op have big mouth and do stuff like /topic phrack www.bugtraq.org stuff...

Multiple bugs in Solaris in.rarpd

Buffer overflows, format string bugs...

[DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd

Intro: rarpd is a reverse arp protocol for small to medium sized networks. in the solaris implementation in.rarpd there seems to be 3 remotely exploitable buffer overflows, 2 locally exploitable and 2 cases of format string exploitability. Details: In the functions error and syserr syserr also...

CVE-2002-0218

Format string vulnerability in 1 sastcpd in SAS/Base 8.0 and 8.1 or 2 objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument...

[NGSEC-2002-2] ISC DHCPDv3, remote root compromise

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Next Generation Security Technologies http://www.ngsec.com Security Advisory Title: ISC DHCPDv3, remote root compromise ID: NGSEC-2002-2 Application: ISC DHCPD version 3.0.1rc8 and older http://www.isc.org Date: 05/06/2002 Status: Vendor and CERT...

Format string bug in ISC dhcpd

Format string on syslog call in NSUPDATE functionality...

Advisory CA-2002-12 Format String Vulnerability in ISC DHCPD

CERT Advisory CA-2002-12 Format String Vulnerability in ISC DHCPD Original release date: May 8, 2002 Last revised:-- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected ISC DHCPD 3.0 to 3.0.1rc8 inclusive Overview The Internet Software Consortium ISC...

ISC DHCPD contains format string vulnerability when logging DNS-update requests

Overview The DHCP daemon DHCPD is a server that is used to allocate network addresses and assign configuration parameters to dynamically configured hosts. A format string vulnerability may permit an intruder to execute code with the privileges of the DHCP daemon typically root. Description The...

ISC DHCPD 2.03.0.1 - NSUPDATE Remote Format String

ISC DHCPD 2.03.0.1 - NSUPDATE Remote Format String // source: https://www.securityfocus.com/bid/4701/info The ISC DHCPD Dynamic Host Configuration Protocol is a collection of software implementing the DHCP protocol. It is available for a range of operating systems, including BSD and Solaris. A...

ISC DHCPD 2.0/3.0.1 - NSUPDATE Remote Format String

// source: https://www.securityfocus.com/bid/4701/info The ISC DHCPD Dynamic Host Configuration Protocol is a collection of software implementing the DHCP protocol. It is available for a range of operating systems, including BSD and Solaris. A remote format string vulnerability has been reported ...