Lucene search
K

471 matches found

securityvulns
securityvulns
added 2002/08/15 12:0 a.m.29 views

Oracle Listener Control Format String Vulnerabilities (#NISR14082002)

NGSSoftware Insight Security Research Advisory Name: Oracle Listener Control Format Strings Systems Affected: Oracle 9i, 8i on all platforms Severity: Medium Category: Format String Vulnerabilities Vendor URL: http://www.oracle.com/ Authors: David Litchfield [email protected] Advisory URL:...

0.2AI score
Exploits0
Debian
Debian
added 2002/08/12 7:53 a.m.29 views

[SECURITY] [DSA 148-1] New hylafax packages fix security related problems

-------------------------------------------------------------------------- Debian Security Advisory DSA 148-1 [email protected] http://www.debian.org/security/ Martin Schulze August 12th, 2002 - -------------------------------------------------------------------------- Package : hylafax...

7.2CVSS0.6AI score0.0047EPSS
Exploits0
NVD
NVD
added 2002/08/12 4:0 a.m.18 views

CVE-2002-0525

Format string vulnerabilities in 1 inews or 2 rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses...

10CVSS7AI score0.04121EPSS
Exploits1References3
Cvelist
Cvelist
added 2002/07/31 4:0 a.m.31 views

CVE-2000-1207

userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LCALL environment variables CVE-2000-0844...

6.6AI score0.00445EPSS
Exploits0References4
securityvulns
securityvulns
added 2002/07/31 12:0 a.m.34 views

HylaFAX - Various Vulnerabilities Fixed

HylaFAX.org Security Advisory 17 June 2002 Subject: Various Vulnerabilities Fixed Introduction: HylaFAX is a mature est. 1991 enterprise-class open-source software package for sending and receiving facsimiles as well as for sending alpha-numeric pages. It runs on a wide variety of UNIX-like...

7.2CVSS0.4AI score0.0047EPSS
Exploits0
NVD
NVD
added 2002/07/26 4:0 a.m.27 views

CVE-2002-0702

Format string vulnerabilities in the logging routines for dynamic DNS code print.c of ISC DHCP daemon DHCPD 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response...

10CVSS7.5AI score0.31139EPSS
Exploits0References10
Cvelist
Cvelist
added 2002/07/23 4:0 a.m.29 views

CVE-2002-0702

Format string vulnerabilities in the logging routines for dynamic DNS code print.c of ISC DHCP daemon DHCPD 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response...

7.5AI score0.31139EPSS
Exploits0References10
CVE
CVE
added 2002/06/25 4:0 a.m.52 views

CVE-2002-0175

The CVE-2002-0175 issue concerns libsafe 2.0-11 and earlier, where format-string protection can be bypassed by using certain characters ("'" and "I") that are implemented in glibc but not in libsafe. The connected Mandrake advisory (MDKSA-2002:026) states that this bypass arises from how printf w...

4.6CVSS6.8AI score0.00467EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2002/06/11 4:0 a.m.20 views

CVE-2002-0525

Format string vulnerabilities in 1 inews or 2 rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses...

7AI score0.04121EPSS
Exploits1References3
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.24 views

CVE-2001-1308

Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier LDAP allow remote attackers to cause a denial of service crash and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite...

7.6AI score0.04584EPSS
Exploits0References8
securityvulns
securityvulns
added 2002/05/03 12:0 a.m.43 views

Multiple buffer overflows in Progress

Multiple buffer overflows, format string bugs, etc...

2.8AI score
Exploits0References5Affected Software1
Exploit DB
Exploit DB
added 2002/04/11 12:0 a.m.23 views

ISC INN 2.0/2.1/2.2.x - Multiple Local Format String Vulnerabilities

source: https://www.securityfocus.com/bid/4501/info The Internet Software Consortium ISC Internet News INN project is a powerful, mature implementation of a usenet system, including a NNTP server and a newsreading server. It is available for a wide range of Unix based systems, including Linux...

7AI score
Exploits0
Cvelist
Cvelist
added 2002/03/15 5:0 a.m.23 views

CVE-2001-1129

Format string vulnerabilities in 1 probuild, 2 dbutil, 3 mprosrv, 4 mprshut, 5 proapsv, 6 progres, 7 proutil, 8 rfutil and 9 prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable...

7.4AI score0.00425EPSS
Exploits0References3
CVE
CVE
added 2002/03/15 5:0 a.m.44 views

CVE-2001-1129

The CVE-2001-1129 entry covers multiple components of Progress database 9.1C (probuild, dbutil, mprosrv, mprshut, proapsv, progres, proutil, rfutil, and prolib). The vulnerability is a local format-string flaw in the PROMSGS environment file that allows a local user to execute arbitrary code. The...

7.2CVSS7.8AI score0.00425EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.18 views

CVE-2001-0974

Format string vulnerabilities in Oracle Internet Directory Server LDAP 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite...

7.2AI score0.0631EPSS
Exploits0References5
securityvulns
securityvulns
added 2001/12/21 12:0 a.m.49 views

@stake advisory: Multiple overflow and format string vulnerabilities in in Microsoft SQL Server

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Multiple overflow and format string vulnerabilities in Microsoft SQL Server Release Date: 12/20/2001 Application: Microsoft SQL Server 7.0 and 2000 Platform: Microsoft Windows NT 4.0, 2000,...

7.5CVSS1AI score0.13621EPSS
Exploits0
securityvulns
securityvulns
added 2001/09/25 12:0 a.m.27 views

hylafax

There are some format strings vulnerbilities in the lastest hylafax package try faxrm -h x 1 or faxalter -h x -D 1 for "proof of concept". Both faxrm and faxalter are installed setuid uucp on FreeBSD installed from port collection. uid uucp is not that exciting but with some luck you'll find uucp...

Exploits0
NVD
NVD
added 2001/07/17 4:0 a.m.19 views

CVE-2001-0974

Format string vulnerabilities in Oracle Internet Directory Server LDAP 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite...

7.5CVSS7.2AI score0.0631EPSS
Exploits0References5
securityvulns
securityvulns
added 2001/07/17 12:0 a.m.31 views

Non-preformatted document test

The Oracle 8i Enterprise Edition server contains multiple vulnerabilities in the code used to process LDAP requests. In the encoding section of the test suite, this product failed an indeterminate number of test cases in the group that tests a server's response to invalid encodings of BER...

1.5AI score
Exploits0
NVD
NVD
added 2001/07/16 4:0 a.m.23 views

CVE-2001-1312

Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service crash and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite...

7.5CVSS7.6AI score0.0448EPSS
Exploits0References7
Rows per page
Query Builder