Lucene search
K

8517 matches found

Exploit DB
Exploit DB
added 2012/08/31 12:0 a.m.27 views

WarFTP Daemon 1.82 RC 11 - Remote Format String

Exploit Title: War FTP Daemon Remote Format String Vulnerability crash: http://img826.imageshack.us/img826/6222/69004160.png Date: 2012-08-30 Author: coolkaveh [email protected] https://twitter.com/coolkaveh Vendor Homepage: http://www.warftp.org Version: War FTP Daemon 1.82 RC 11 Tested o...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/08/31 12:0 a.m.36 views

War FTP Daemon Format String

Exploit Title: War FTP Daemon Remote Format String Vulnerability crash: http://img826.imageshack.us/img826/6222/69004160.png Date: 2012-08-30 Author: coolkaveh [email protected] https://twitter.com/coolkaveh Vendor Homepage: http://www.warftp.org Version: War FTP Daemon 1.82 RC 11 Tested o...

Exploits0
RedHat Linux
RedHat Linux
added 2012/08/23 2:17 p.m.4 views

glibc: incorrect size calculation in formatted printing can lead to FORTIFY_SOURCE format string protection bypass

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service stack...

5CVSS6AI score0.02225EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/08/23 2:17 p.m.2 views

glibc: printf() unbound alloca() usage in case of positional parameters + many format specs

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...

6.8CVSS6.2AI score0.03163EPSS
Exploits0References4
NVD
NVD
added 2012/08/15 1:55 a.m.17 views

CVE-2012-1851

Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted response, aka "Print Spoole...

10CVSS7.3AI score0.65637EPSS
Exploits1References3
Cvelist
Cvelist
added 2012/08/15 1:0 a.m.23 views

CVE-2012-1851

Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted response, aka "Print Spoole...

7.3AI score0.65637EPSS
Exploits1References3
CVE
CVE
added 2012/08/15 1:0 a.m.180 views

CVE-2012-1851

CVE-2012-1851 is a format string vulnerability in the Windows Print Spooler service that allows remote code execution. Affected: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 SP1. Root cause: Print Spooler mishandles crafted response...

10CVSS7.5AI score0.65637EPSS
Exploits1References3Affected Software5
Check Point Advisories
Check Point Advisories
added 2012/08/14 12:0 a.m.4 views

Microsoft Windows Print Spooler Format String Code Execution (MS12-054; CVE-2012-1851)

A remote code execution vulnerability has been reported in the Windows Print Spooler service...

7.3AI score0.65637EPSS
Exploits1
OpenVAS
OpenVAS
added 2012/08/10 12:0 a.m.19 views

Gentoo Security Advisory GLSA 201207-04 (xorg-server)

The remote host is missing updates announced in advisory GLSA 201207-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

10CVSS0.4AI score0.02689EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/08/10 12:0 a.m.21 views

Gentoo Security Advisory GLSA 201207-05 (pidgin-otr)

The remote host is missing updates announced in advisory GLSA 201207-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.5AI score0.03562EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/08/10 12:0 a.m.19 views

Gentoo Security Advisory GLSA 201207-05 (pidgin-otr)

The remote host is missing updates announced in advisory GLSA 201207-05. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

7.5CVSS6.5AI score0.03562EPSS
Exploits0References2
Amazon
Amazon
added 2012/08/03 12:0 a.m.26 views

Medium: perl-DBD-Pg

Issue Overview: Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. CVE-2012-11...

5CVSS7.6AI score0.02744EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.321 views

Scientific Linux Security Update : mysql on SL4.x i386/x86_64

CVE-2008-4098 mysql: incomplete upstream fix for CVE-2008-2079 CVE-2008-4456 mysql: mysql command line client XSS flaw CVE-2009-2446 MySQL: Format string vulnerability by manipulation with database instances crash CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098 Multiple flaw...

8.5CVSS7AI score0.10586EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.51 views

Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20120718)

The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFYSOURCE protection...

6.8CVSS6.8AI score0.03163EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.23 views

Scientific Linux Security Update : qt on SL5.x, SL4.x, SL3.x i386/x86_64

Several format string flaws were found in Qt error message handling. If an application linked against Qt created an error message from user-supplied data in a certain way, it could lead to a denial of service or possibly allow the execution of arbitrary code. CVE-2007-3388 %NASLMINLEVEL 70300 C...

6.8CVSS5.8AI score0.04203EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.20 views

Scientific Linux Security Update : evolution on SL4.x, SL5.x i386/x86_64

A format string flaw was found in the way Evolution displayed encrypted mail content. If a user opened a carefully crafted mail message, arbitrary code could be executed as the user running Evolution. CVE-2008-0072 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C...

6.8CVSS5.6AI score0.04726EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.38 views

Scientific Linux Security Update : mysql on SL5.x i386/x86_64

CVE-2008-2079 mysql: privilege escalation via DATA/INDEX DIRECTORY directives CVE-2008-3963 MySQL: Using an empty binary value leads to server crash CVE-2008-4456 mysql: mysql command line client XSS flaw CVE-2008-3963 MySQL: Using an empty binary value leads to server crash CVE-2009-2446 MySQL:...

8.5CVSS6.9AI score0.10586EPSS
Exploits6References5
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.30 views

Scientific Linux Security Update : glibc on SL5.x i386/x86_64 (20120718)

The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. It was discovered that the formatted printing functionality in glibc did not properly restrict the use of alloca. This...

6.8CVSS7AI score0.03163EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.83 views

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. CVE-2007-5907, Important - Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects vDSO implementation. This...

7.1CVSS5.9AI score0.03209EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.20 views

Scientific Linux Security Update : perl-DBD-Pg on SL5.x, SL6.x i386/x86_64 (20120725)

Perl DBI is a database access Application Programming Interface API for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially crafted database warning or error message from a server could cause...

5CVSS5.5AI score0.02744EPSS
Exploits0References2
Rows per page
Query Builder