CVE-2001-0032

Format string vulnerability in ssldump possibly allows remote attackers to cause a denial of service and possibly gain root privileges via malicious format string specifiers in a URL...

Дырка в man (linux)

Ошиюка форматной строки при разборе агрументов...

SuSe / Debian man package format string vulnerability

Hi, This issue has been discussed in vuln-dev 2001-01-26, see: http://www.securityfocus.com/templates/archive.pike?end=2001-01-27&tid=15872 4&fromthread=0&start=2001-01-21&threads=1&list=82& Posted also on suse security list, and aparently overlooked. The man package that ships with SuSe Linux at...

Debian 2.2 Su.S.E 6.36.47.0 - man -l Format String

Debian 2.2 Su.S.E 6.36.47.0 - man -l Format String source: https://www.securityfocus.com/bid/2327/info man is the manual page viewing program, available with the Linux Operating System in this implementation. It is freely distributed and openly maintained. A problem with the man command may allow...

Большие дыры в bind

В BIND 8 удаленное переполнение буфера в в реализации Transaction Signatures TSIG, в BIND 4 ошибка форматной строки...

ISSalert: Internet Security Systems Security Alert: Remote Vulnerabilities in BIND versions 4 and 8

Internet Security Systems Security Alert January 29, 2001 Remote Vulnerabilities in BIND versions 4 and 8 Synopsis: ISS X-Force is aware of several vulnerabilities in current versions of Internet Software Consortiums Berkeley Internet Name Domain BIND. There is a buffer overflow present in BIND...

format string vulnerability in mars_nwe 0.99pl19

Hello, Marsnwe 0.99.pl19 is vulnerable to remote format string vulnerability, allowing to gain superuser privileges from DOS/Windows workstations attached to mars server. Here is the patch: --- tools.c.orig Fri Jan 26 22:46:34 2001 +++ tools.c Fri Jan 26 22:46:59 2001 @@ -189,7 +189,7 @@...

[SECURITY] [DSA-016-3] Correction: New version of wu-ftpd released

---------------------------------------------------------------------------- Debian Security Advisory DSA-016-3 [email protected] http://www.debian.org/security/ Martin Schulze January 24, 2001 - ---------------------------------------------------------------------------- Package : wu-ftpd...

Icecast utils.c fd_write Function Format String

The remote server claims to be running Icecast 1.3.7 or 1.3.8beta2. These versions are vulnerable to a format string attack that could allow an attacker to execute arbitrary commands on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10600; scriptversion...

[SECURITY] [DSA-016-2] Correction: New version of wu-ftpd released

---------------------------------------------------------------------------- Debian Security Advisory DSA-016-2 [email protected] http://www.debian.org/security/ Martin Schulze January 23, 2001 - ---------------------------------------------------------------------------- Package : wu-ftpd...

[SECURITY] [DSA-014-2] Correction: New version of splitvt released

---------------------------------------------------------------------------- Debian Security Advisory DSA-014-2 [email protected] http://www.debian.org/security/ Martin Schulze January 23, 2001 - ---------------------------------------------------------------------------- Package : splitvt...

[SECURITY] [DSA-016-1] New version of wu-ftpd released

---------------------------------------------------------------------------- Debian Security Advisory DSA-016-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23, 2001 - ---------------------------------------------------------------------------- Package : wu-ftpd...

[SECURITY] [DSA-014-1] New version of splitvt released

---------------------------------------------------------------------------- Debian Security Advisory DSA-014-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23, 2001 - ---------------------------------------------------------------------------- Package : splitvt...

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode,...

WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String

source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode, Wu-ftpd logs user activity to syslog in an insecure manner. An...

CVE-2000-0994

Format string vulnerability in OpenBSD fstat program and possibly other BSD-based operating systems allows local users to gain root privileges via the PWD environmental variable...

CVE-2000-1040

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service...

CVE-2000-1014

Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter...

CVE-2000-0993

The CVE-2000-0993 entry describes a format-string vulnerability in the OpenBSD/libutil pw_error(3) function that, when invoked by setuid programs such as chpass, could let a local user gain superuser access. Public details indicate OpenBSD fixed the issue in 2000 within the affected libutil code,...

CVE-2000-0969

Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon...