CVE-2000-0918

The CVE-2000-0918 entry describes a format string vulnerability in KDE's kvt component (version 1.1.2) that may allow local users to execute arbitrary commands via a DISPLAY environment variable containing formatting characters. The affected software is KDE 1.1.2; root cause is unsafe format-stri...

CVE-2000-0997

Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges...

CVE-2000-0950

Format string vulnerability in x-gw in TIS Firewall Toolkit FWTK allows local users to execute arbitrary commands via a malformed display name...

CVE-2000-0998

CVE-2000-0998 describes a format-string vulnerability in the top program that allows local attackers to gain root privileges via the kill or renice functions. The connected documents confirm the vulnerability description but do not provide concrete exploitation details, affected product versions,...

BFTPd vsprintf() Format Strings Exploit

Exploit for linux platform in category remote exploits ======================================= BFTPd vsprintf Format Strings Exploit ======================================= Copyright c 2000 - Security.is The following material may be freely redistributed, provided that the code or the disclaimer...

BFTPd - 'vsprintf()' Format Strings

/ Copyright c 2000 - Security.is The following material may be freely redistributed, provided that the code or the disclaimer have not been partly removed, altered or modified in any way. The material is the property of security.is. You are allowed to adopt the represented code in your programs,...

hybrid-ircd

format string problems in hybrid-ircd. some fixed need valid domain, and in-addr.arpa. bind8, configure check-names warn; make host nnnn.host.com in a 1.2.3.4 4.3.2.1.in-addr.arpa in ptr nnnn.host.com connect to comstud CS server because allows connect 2nd client to hybrid server, join channel...

Solaris/SPARC 2.7 / 7 locale Format String Exploit

Exploit for solaris platform in category local exploits ================================================== Solaris/SPARC 2.7 / 7 locale Format String Exploit ================================================== / Exploit for the locale format string vulnerability in Solaris/SPARC 2.7 / 7 Based on t...

SolarisSPARC 2.7 7 locale - Format String

SolarisSPARC 2.7 7 locale - Format String / Exploit for the locale format string vulnerability in Solaris/SPARC 2.7 / 7 Based on the exploit by Warning3 For additional information see http://www.phreedom.org/solar/localesol.txt By Solar Eclipse Assistant Editor, Phreedom Magazine...

Solaris/SPARC 2.7 / 7 locale - Format String

/ Exploit for the locale format string vulnerability in Solaris/SPARC 2.7 / 7 Based on the exploit by Warning3 For additional information see http://www.phreedom.org/solar/localesol.txt By Solar Eclipse Assistant Editor, Phreedom Magazine http://www.phreedom.org 10 Oct 2000 / include include defi...

Half Life - 'rcon' Remote Buffer Overflow

/ SDI HalfLife rcon remote exploit for linux x86 portuguese exploit remoto para o buffer overflow do rcon no halflife Tamandua Sekure Labs Sao Paulo - Porto Alegre, Brazil by Thiago Zaninotti c0nd0r Gustavo Scotti csh Proof of concept - There is a remote exploitable buffer overflow in Half Life...

Linux Multiple statd Packages Remote Format String

The remote statd service could be brought down with a format string attack - it now needs to be restarted manually. This means that an attacker may execute arbitrary code thanks to a bug in this daemon. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10544;...

Solaris 2.6/7.0 /locale - Subsystem Format String

/ source: https://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide internationalization support according to the...

Solaris 2.67.0 locale - Subsystem Format String

Solaris 2.67.0 locale - Subsystem Format String / source: https://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provi...

numerous format string attacks in Nap ( Napster for linux )

hi to everyone here, nap ver 1.4.4 is a little and good term based napster client for linux tested on my linux 2.2.17 and others nix like. to simplify the pb just consider two parts, one for outgoing tasks, the other for incomings ones. there are plenty of possible string format attacks and even...

Security Advisory: FreeBSD-SA-00:62.top

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:62 Security Advisory FreeBSD, Inc. Topic: top allows reading of kernel memory Category: core Module: top Announced: 2000-11-01 Credits: [email protected] via OpenBSD...

FreeBSD 3.54.x - usrbintop Format String

FreeBSD 3.54.x - usrbintop Format String / source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is install...

FreeBSD-SA-00:62.top

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:62 Security Advisory FreeBSD, Inc. Topic: top allows reading of kernel memory REISSUED Category: core Module: top Announced: 2000-11-01 Reissued: 2000-11-06 Credits:...

FreeBSD 3.5/4.x - '/usr/bin/top' Format String

/ source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is installed setgid kmem so that it may read proces...

Security Advisory: FreeBSD-SA-00:58.chpass

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:58 Security Advisory FreeBSD, Inc. Topic: chpass family contains local root vulnerability Category: core Module: chfn/chpass/chsh/ypchfn/ypchpass/ypchsh/passwd Announced:...