Lucene search
K

7 matches found

RedHat Linux
RedHat Linux
added 2012/08/23 2:17 p.m.6 views

glibc: incorrect use of extend_alloca() in formatted printing can lead to FORTIFY_SOURCE format string protection bypass

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service segmentati...

5CVSS6AI score0.02087EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/03/15 4:30 p.m.7 views

glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

6.8CVSS7.5AI score0.02717EPSS
Exploits5References4
ThreatPost
ThreatPost
added 2011/04/12 7:0 p.m.119 views

Microsoft Pushes Out Two New Security Tools

In parallel with its release of 17 bulletins on Patch Tuesday this month, Microsoft also unveiled two new tools that are meant to help make a couple of common exploitation scenarios more difficult for attackers. The company released a tool called Office File Validation for some older versions of...

9.3CVSS0.8AI score0.99945EPSS
Exploits33References2
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.17 views

Debian Security Advisory DSA 055-1 (gftp)

The remote host is missing an update to gftp announced via advisory DSA 055-1. OpenVAS Vulnerability Test $Id: deb0551.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 055-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

4.6CVSS0.2AI score0.0035EPSS
Exploits0
OSV
OSV
added 2007/04/13 6:19 p.m.1 views

DEBIAN-CVE-2007-2027

Untrusted search path vulnerability in the addfilenametostring function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog .po file in a "../po" directory, which can be leveraged to conduct format string attacks...

4.4CVSS6.5AI score0.00841EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.34 views

Debian DSA-066-1 : cfingerd - remote exploit

Steven van Acker reported on bugtraq that the version of cfingerd a configurable finger daemon as distributed in Debian GNU/Linux 2.2 suffers from two problems : - The code that reads configuration files files in which $ commands are expanded copied its input to a buffer without checking for a...

7.2CVSS6.2AI score0.0164EPSS
Exploits1References2
securityvulns
securityvulns
added 2000/07/06 12:0 a.m.22 views

proftp advisory

http://lamagra.seKure.de: advisory 1 Advisory: misc. bugs Programname: proftpd Versions: 1.2.0 = pre10 Vendor: proftpd.net Severity: high root shell and low Contact: [email protected] Bug1: void setproctitlechar fmt,... in src/main.c snippet memsetstatbuf, 0, sizeofstatbuf; vsnprintfstatbuf,...

7.7AI score
Exploits0
Rows per page
Query Builder