eXtremail 1.x2.1 - Remote Format String (2)

eXtremail 1.x2.1 - Remote Format String 2 // source: https://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously...

eXtremail 1.x2.1 - Remote Format String (1)

eXtremail 1.x2.1 - Remote Format String 1 // source: https://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously...

SECURITY.NNOV: KAV (AVP) for sendmail format string vulnerability

Hello , Topic: Format string vulnerability in AVP for sendmail Author: 3APA3A [email protected] Affected Software: KAV for sendmail 3.5.135.2 Vendor: Kaspersky Lab Vendor Notified: 30 May 2001 Risk: High/Average Remotely Exploitable: Yes Impact: DoS/Remote root compromise Released: 06 June...

Ошибка форматной строки в KAV (AVP) для sendmail (format string)

Ошибка в avpkeeper при работе с syslog...

Ошибка форматной строки в at из Solaris (NLS format string)

Ошибка форматной строки при работе с NLS...

Ошибка форматной строки в exim

Ошибка форматной строки при включеной опции headerschecksyntax...

Exim 3.x - Format String

Exim 3.x - Format String source: https://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax checking...

Exim 3.x - Format String

source: https://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax checking' mode is turned on, whic...

KAV (AVP) for sendmail format string

Topic: Format string vulnerability in AVP for sendmail Author: 3APA3A Affected Software: KAV for sendmail 3.5.135.2 Vendor: Kaspersky Lab Vendor Notified: 30 May 2001 Risk: High/Average Remotely Exploitable: Yes Impact: DoS/Remote root compromise Released: 06 June 2001 Vendor URL:...

CVE-2001-0155

Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers...

GNU Privacy Guard 1.0.x - Format String

GNU Privacy Guard 1.0.x - Format String source: https://www.securityfocus.com/bid/2797/info GnuPG is a popular open source public/private key encryption system. It is possible for attackers to create an encrypted document that will exploit a format string vulnerability in the GnuPG client when th...

GNU Privacy Guard 1.0.x - Format String

source: https://www.securityfocus.com/bid/2797/info GnuPG is a popular open source public/private key encryption system. It is possible for attackers to create an encrypted document that will exploit a format string vulnerability in the GnuPG client when the document is decrypted. This...

CVE-2001-0359

Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command...

CVE-2000-0573

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command...

CVE-2001-0013

Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges...

CVE-2001-0060

CVE-2001-0060 affects stunnel up to version 3.8 and earlier. The vulnerability is a format-string flaw in handling the ident username, enabling an attacker to execute arbitrary commands. Connected advisories reference Debian DSA 009-1 and indicate the need to update/stabilize stunnel; no exploit ...

CVE-2001-0197

CVE-2001-0197 affects the Icecast server: vulnerable in the print_client function for Icecast versions 1.3.8beta2 and earlier. The issue is a format-string vulnerability that allows remote attackers to execute arbitrary commands. The Debian advisory notes fixes in Icecast 1.3.10-1, indicating a p...

CVE-2001-0060

Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username...

CVE-2001-0013

CVE-2001-0013 describes a format-string vulnerability in the nslookupComplain() routine of ISC BIND 4. This flaw allows remote attackers to execute code with the BIND process’ privileges (typically root) by sending specially crafted DNS input. The CERT/CC note (CA-2001-02) identifies vulnerable v...

CVE-2001-0197

Format string vulnerability in printclient in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands...