224 matches found
Ipswitch Collaboration Suite / IMail SMTPD Multiple Commands Format String
The remote host is running Ipswitch Collaboration Suite or IMail Server, commercial messaging and collaboration suites for Windows. The version of Ipswitch Collaboration Suite / IMail server installed on the remote host contains an SMTP server that suffers from a format string flaw. By supplying ...
DEBIAN-CVE-2005-3486
Multiple format string vulnerabilities in Scorched 3D 39.1 bf and earlier allow remote attackers to execute arbitrary code via various 1 GLConsole::addLine, 2 ServerCommon::sendString, 3 ServerCommon::serverLog functions, and possibly other unspecified vectors...
security flaw
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab...
security flaw
Format string vulnerability in the protoitemsettext function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet...
DEBIAN-CVE-2005-1523
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands...
GLSA-200505-02 : Oops!: Remote code execution
The remote host is affected by the vulnerability described in GLSA-200505-02 Oops!: Remote code execution A format string flaw has been detected in the myxlog function of the Oops! proxy, which is called by the passwdmysql and passwdpgsql module's auth functions. Impact : A remote attacker could...
security flaw
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...
Hashcash: Format string vulnerability
Background Hashcash is a utility for generating Hashcash tokens, a proof-of-work system to reduce the impact of spam. Description Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the Hashcash utility that an attacker could expose by specifying a malformed reply address...
security flaw
Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...
security flaw
Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...
DEBIAN-CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...
DEBIAN-CVE-2005-0100
Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...
DEBIAN-CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a wrapper line...
DEBIAN-CVE-2004-2386
Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function...
GLSA-200405-08 : Pound format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200405-08 Pound format string vulnerability A format string flaw in the processing of syslog messages was discovered and corrected in Pound. Impact : This flaw may allow remote execution of arbitrary code with the rights of the...
[Full-Disclosure] iDEFENSE Security Advisory 08.18.04: Courier-IMAP Remote Format String Vulnerability
Courier-IMAP Remote Format String Vulnerability iDEFENSE Security Advisory 08.18.04 www.idefense.com/application/poi/display?id=131&type=vulnerabilities August 18, 2004 I. BACKGROUND Courier-IMAP is an IMAP/POP3 mail server popular on sites utilizing Qmail/Exim/Postfix. More information is...
DEBIAN-CVE-2004-0156
Format string vulnerabilities in the 1 die or 2 logevent functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code...
GnuPG: ElGamal signing keys compromised and format string vulnerability
Background GnuPG is a popular open source signing and encryption tool. Description Two flaws have been found in GnuPG 1.2.3. First, ElGamal signing keys can be compromised. These keys are not commonly used, but this is "a significant security failure which can lead to a compromise of almost all...
[Full-Disclosure] extremail (latest) fmt strings
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote Vulnerabilities in eXtremail Server. =========================================== Date: 02.07.2003 Email: B-r00t [email protected] Reference: http://www.extremail.com/ Versions: Linux eXtremail-1.5-8 = VULNERABLE Linux eXtremail-1.5-5 =...
PT-2003-1354 · Ethereal · Ethereal
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.8.7 through 0.9.9 Description: A format string issue in the SOCKS dissector of Ethereal allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. Recommendations: For Ethereal...