8453 matches found
CVE-2001-0387
CVE-2001-0387 is a format-string vulnerability in HylaFAX’s hfaxd that allows local users to gain privileges via the -q command-line argument in versions prior to 4.1.b2_2. The issue is documented across multiple sources (NVD, CVE list, Debian/DSA and Mandrake advisory). Exploitation would enable...
CVE-2001-0489
The CVE-2001-0489 entry concerns gftp before version 2.0.8, where a printf/format string vulnerability in the logging of network data allows a remote FTP server to cause arbitrary commands to be executed. Affected component is the gftp client; root cause is unsafe handling of data received from t...
CVE-2001-0155
Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers...
CVE-2001-0473
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands...
CVE-2001-0387
Format string vulnerability in hfaxd in HylaFAX before 4.1.b22 allows local users to gain privileges via the -q command line argument...
CVE-1999-1417
The CVE-1999-1417 entry documents a format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3.1a4. The issue arises in the web server’s handling of HTTP requests containing encoded percent characters, which are logged improperly. This can lead to a denial of service and, in some cases...
Ошибки форматной строки в screen (format string)
Ошибка форматной строки при работе с TERMCAP И другие проблемы...
Переполнение буфера в vpopmail (format string)
Ошибка "форматной строки" при проверки имени пользователя/пароля позволяет вызвать переполнение буфера...
Security Update: [CSSA-2001-031.0] Linux -security issues in ucd-snmp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Caldera International, Inc. Security Advisory Subject: Linux - security issues in ucd-snmp Advisory number: CSSA-2001-031.0 Issue date: 2001, August 16 Cross reference: 1. Problem Description In a routine security audit of the ucd-snmp package we have...
CVE-2001-0570
minicom 1.83.1 and earlier allows a local attacker to gain additional privileges via numerous format string attacks...
CVE-2001-0522
Format string vulnerability in Gnu Privacy Guard aka GnuPG or gpg 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file...
CVE-2001-0609
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function...
CVE-2001-0609
CVE-2001-0609 affects Infodrom cfingerd 1.4.3 and earlier. A format string vulnerability in the ident reply that is passed to the syslog function enables a remote attacker to gain additional privileges. Several connected sources corroborate that cfingerd’s logging/ident handling allows privilege ...
CVE-2001-0570
CVE-2001-0570 affects minicom 1.83.1 and earlier. The root cause is format-string handling allowing a local attacker to gain additional privileges (local, low complexity, no authentication). The impact is privilege escalation with complete confidentiality, integrity, and availability concerns as ...
CVE-2001-0609
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function...
CVE-2001-0570
minicom 1.83.1 and earlier allows a local attacker to gain additional privileges via numerous format string attacks...
Multiple vendors' RADIUS implementations do not adequately validate user input thereby permitting DoS and arbitrary command execution via 'radiusd' daemon
Overview Vulnerabilities in various implementations of the Remote Authentication Dial-In User Server RADIUS 'radiusd' daemon can allow an attacker to disrupt services or obtain unauthorized access. Description Various implementations of the Remote Authentication Dial-In User Server RADIUS 'radius...
Ошибка форматной строки в groff (format string)
Ошибка форматной строки в /usr/bin/pic используемой LPD...
ADV/EXP:pic/lpd remote exploit - RH 7.0
Vendor security list has been notified and as of last contact, on Mon July 9 2001, a patch which seemed to work had been worked out. This patch is attached. groff-1.16.1.diff Official patches are sure to follow. ---- begin pic-lpr-remote.c ---- includestdio.h...
PT-2001-1807 · Infodrom · Cfingerd
Name of the Vulnerable Software and Affected Versions: Infodrom cfingerd versions 1.4.3 and earlier Description: A format string issue allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function. This can be exploited by sending a...