8453 matches found
[SECURITY] [DSA-098-1] two libgtop security problems
Package : libgtop Problem type : remote nobody exploit Debian-specific: no Two different problems where found in libgtop-daemon: The laboratory intexxia found a format string problem in the logging code from libgtopdaemon. There were two logging functions which are called when authorizing a clien...
Ошибка форматной строки в libgtop_daemon из gnome (format string)
Ошибка форматной строки при обращении к syslog...
Format string bug in awhttpd (Re: [AP] awhttpd v2.2 local DoS)
Hello methodic, While testing a buffer overflow in you patch tpbuf is only 210 bytes, but you're lucky - getreqsi is only 100 bytes long : I've found classical exploitable syslog format string in this extremely secure product. Patch? - if priority=LOGLEVEL syslogtplev,buf; + if priority=LOGLEVEL...
[CLA-2002:448] Conectiva Linux Security Announcement - libgtop
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : libgtop SUMMARY : libgtop vulnerabilities DATE :...
CVE-2001-1562
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...
CVE-2001-1566
Format string vulnerability in libvanessalogger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the vanessaloggerlog function...
DEBIAN-CVE-2001-1562
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...
CVE-2001-1566
Format string vulnerability in libvanessalogger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the vanessaloggerlog function...
DEBIAN-CVE-2001-1566
Format string vulnerability in libvanessalogger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the vanessaloggerlog function...
CVE-2001-1562
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...
Stunnel: Format String Bug in versions <3.22
Don't know why this didn't get approved when I submitted it last week, but here goes again... Release Date: 2001-Dec-22 Package: stunnel Versions: stunnel-3.3 = stunnel-3.21c Problem type: format string bugs Exploit script: none currently known Severity: high Network-accessible: yes Discovery:...
Lynx format string vulnerability in URL logging.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The vendor has been notified, but since this is a low risk I am releasing early. Vapid Labs Larry W. Cashdollar Bug Report Summary: lynx has a format string vulnerability in LYUtils.c line 7995 due to a bad call to syslog, where the format argument is...
Ошибка форматной строки в lynx при работе с логами (format string)
Ошибка форматной строки при работе с syslog если lynx собран с опцией --enable-syslog...
Stunnel format string bugs
Format string bug on syslog call...
[SECURITY] [DSA-095-1] gpm (gpm-root) format string vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-095-1 [email protected] http://www.debian.org/security/ Robert van der Meulen December 27, 2001 - ------------------------------------------------------------------------ Package : gpm Problem...
CVE-2001-1203
Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges...
Ошибка форматной строки в perdition (format string)
Ошибка форматной строки при обращении к syslog...
CVE-2001-0869
Format string vulnerability in the default logging callback function saslsyslog in common.c in Cyrus SASL library cyrus-sasl may allow remote attackers to execute arbitrary commands...
@stake advisory: Multiple overflow and format string vulnerabilities in in Microsoft SQL Server
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Multiple overflow and format string vulnerabilities in Microsoft SQL Server Release Date: 12/20/2001 Application: Microsoft SQL Server 7.0 and 2000 Platform: Microsoft Windows NT 4.0, 2000,...
Локальные дыры в cfingerd (buffer overflow, format string)
Переполнение буфера и ошибка форматной строки при разборе файла конфигурации пользователя...