CVE-2000-0699

Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command...

[H20020304]: Remotely exploitable format string vulnerability in ntop

h o l o g r a m | s e c u r i t y | a d v i s o r y Advisory ID : H20020304 Software : ntop Synopsis : Remotely exploitable format string vulnerability in ntop. Vendor : Luca Deri www.ntop.org Verified : Version 2.0 Author : hologram [email protected] | Overview...

Многочисленные дырки в ntop (multiple bugs)

при запуске с ключем -w ntop работает как http-сервер, при этом через обратный путь в директориях возможен доступ к любым файлам. Кроме того, при длинном GET-запросе происходит переполнение буфера и есть ошибка форматной строки...

Ошибка форматной строки в функциях Unixware message catalog (format string)

Ошибка форматной строки почти во всех suid-приложениях...

Unixware Message catalog exploit code

Hi, I'm jGgM. I was reported this problem Caldera, a few week ago. And, This exploit is fixed already. Hacker can modify message catalog and, It can possible format string exploit. for example $ gcc -o expshell expshell.c $ gcc -o getret getret.c $ gcc -o fmtexp fmtexp.c $ ./expshell $ ./getret...

Caldera UnixWare 7.1.1 - Message Catalog Environment Variable Format String

Caldera UnixWare 7.1.1 - Message Catalog Environment Variable Format String // source: https://www.securityfocus.com/bid/4060/info UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A format string...

Caldera UnixWare 7.1.1 - Message Catalog Environment Variable Format String

// source: https://www.securityfocus.com/bid/4060/info UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A format string vulnerability in the locale subsystem could lead to a user gaining elevated...

CVE-2001-0913

Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers...

CVE-2001-0974

Format string vulnerabilities in Oracle Internet Directory Server LDAP 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite...

CVE-2001-1078

CVE-2001-1078 affects eXtremail 1.1.9 and earlier. The vulnerability is a format-string issue in the flog function that can be exploited remotely to gain root privileges by supplying format specifiers through SMTP commands (HELO, EHLO, MAIL FROM, RCPT TO) and via POP3 commands after authenticatio...

CVE-2001-0915

CVE-2001-0915 : The Berkeley parallel make (pmake) vulnerability affects pmake 2.1.33 and earlier. A format string vulnerability in the check argument of a shell definition can allow a local user to gain root privileges. The connected documents corroborate the affected software and the root cause...

CVE-2001-0915

Format string vulnerability in Berkeley parallel make pmake 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition...

CVE-2001-1034

Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for 1 faxrm or 2 faxalter...

CVE-2001-1034

Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for 1 faxrm or 2 faxalter...

CVE-2001-1034

CVE-2001-1034 describes format-string vulnerabilities in HylaFAX. HylaFAX components affected include faxrm, faxalter, faxgetty, faxwatch, and hfaxd; the root cause is unchecked input used as a format string, enabling local privilege escalation or denial of service in some configurations. Debian ...

CVE-2001-0913

CVE-2001-0913 : A format-string vulnerability in Network Solutions Rwhoisd ≤ 1.5.7.2 (when using syslog) allows remote attackers to trigger memory corruption and possibly execute arbitrary code via a rwhois request containing format specifiers. The issue is caused by improper handling of format s...

CVE-2001-0927

Format string vulnerability in the permitted function of GNOME libgtopdaemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the 1 syslogmessage and 2 syslogiomessage functions...

Переполнение буфера в sastcpd (buffer overflow)

переполнение буфера, ошибка форматной строки, использование переменных пользователя для запуска внешних приложений...

sastcpd Buffer Overflow and Format String Vulnerabilities

---------------------------------------------------------- sastcpd Buffer Overflow and Format String Vulnerabilities Ministry-of-Peace - www.ministryofpeace.co.uk ---------------------------------------------------------- SYNOPSIS "SAS software provides the foundation, tools, and solutions for da...

Important: Red Hat Security Advisory: : : : New groff packages available to fix security problems

New groff packages have been made available that fix an overflow in groff. If the printing system running this is a security issue, it is recommended to update to the new, fixed packages. Update Jan 22 2003 Added description of CVE-2001-1022 which was also fixed by these erratum packages Groff is...