CVE-2000-0594

BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters...

ftpd: the advisory version

You might have seen the wuftpd exploit by tf8, he released it in his own lame way. But now I bring you the story behind it. The story begins inside the ftpcmd.y file. Which has the ftp commands in it. The bug is in the siteexecchar cmd function. There is calls lreply200,cmd; In ftpd.c we find voi...

qpopper format string vulnerability

An authenticated user may trigger a format string vulnerability present in qpopper's UIDL code, resulting in arbitrary code execution with group ID mail' privileges...

WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)

// source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Becau...

WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite (1)

WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite 1 // source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a...

ProFTPd 1.2 pre6 - snprintf Remote Root

ProFTPd 1.2 pre6 - snprintf Remote Root source: https://www.securityfocus.com/bid/650/info Lack of user input validation in ProFTPD can lead to a remote root vulnerability. On systems that support it ProFTPD will attempt to modify the name of the program being executed argv0 to display the comman...

CVE-1999-1417

Format string vulnerability in AnswerBook2 AB2 web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via encoded % characters in an HTTP request, which is improperly logged...

GNOME's Eye Of Gnome incorrect file name handling

Advisory ID Internal CORE-2003-0304-03 Bugtraq ID: 7121 CVE Name: CAN-2003-0165 CERT: VU363001 Title: GNOME's Eye Of Gnome incorrect file name handling Class: Input validation error Remotely Exploitable: No Locally Exploitable: Yes Vendors contacted: Eye Of Gnome . CORE Notification: 2003-03-14...

PT-2010-5656 · Linux +1 · Iscsitarget +1

Name of the Vulnerable Software and Affected Versions: iscsitarget versions prior to 1.4.19 iscsitarget versions 0.4.16 and earlier Linux SCSI target framework versions 1.0.3, 0.9.5, and earlier Description: The issue involves multiple vulnerabilities in the iscsitarget package that can lead to a...

PT-2011-5241 · Opensuse +4 · Systemtap-Client-Debuginfo +16

Name of the Vulnerable Software and Affected Versions: openSUSE systemtap-runtime-debuginfo affected versions not specified openSUSE systemtap affected versions not specified openSUSE systemtap-sdt-devel affected versions not specified openSUSE libvmtools0 affected versions not specified openSUSE...