8517 matches found
WarFTP Daemon 1.82 RC 11 - Remote Format String
Exploit Title: War FTP Daemon Remote Format String Vulnerability crash: http://img826.imageshack.us/img826/6222/69004160.png Date: 2012-08-30 Author: coolkaveh [email protected] https://twitter.com/coolkaveh Vendor Homepage: http://www.warftp.org Version: War FTP Daemon 1.82 RC 11 Tested o...
War FTP Daemon Format String
Exploit Title: War FTP Daemon Remote Format String Vulnerability crash: http://img826.imageshack.us/img826/6222/69004160.png Date: 2012-08-30 Author: coolkaveh [email protected] https://twitter.com/coolkaveh Vendor Homepage: http://www.warftp.org Version: War FTP Daemon 1.82 RC 11 Tested o...
glibc: incorrect size calculation in formatted printing can lead to FORTIFY_SOURCE format string protection bypass
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service stack...
glibc: printf() unbound alloca() usage in case of positional parameters + many format specs
The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...
CVE-2012-1851
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted response, aka "Print Spoole...
CVE-2012-1851
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted response, aka "Print Spoole...
CVE-2012-1851
CVE-2012-1851 is a format string vulnerability in the Windows Print Spooler service that allows remote code execution. Affected: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 SP1. Root cause: Print Spooler mishandles crafted response...
Microsoft Windows Print Spooler Format String Code Execution (MS12-054; CVE-2012-1851)
A remote code execution vulnerability has been reported in the Windows Print Spooler service...
Gentoo Security Advisory GLSA 201207-04 (xorg-server)
The remote host is missing updates announced in advisory GLSA 201207-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 201207-05 (pidgin-otr)
The remote host is missing updates announced in advisory GLSA 201207-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 201207-05 (pidgin-otr)
The remote host is missing updates announced in advisory GLSA 201207-05. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
Medium: perl-DBD-Pg
Issue Overview: Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. CVE-2012-11...
Scientific Linux Security Update : mysql on SL4.x i386/x86_64
CVE-2008-4098 mysql: incomplete upstream fix for CVE-2008-2079 CVE-2008-4456 mysql: mysql command line client XSS flaw CVE-2009-2446 MySQL: Format string vulnerability by manipulation with database instances crash CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098 Multiple flaw...
Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20120718)
The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFYSOURCE protection...
Scientific Linux Security Update : qt on SL5.x, SL4.x, SL3.x i386/x86_64
Several format string flaws were found in Qt error message handling. If an application linked against Qt created an error message from user-supplied data in a certain way, it could lead to a denial of service or possibly allow the execution of arbitrary code. CVE-2007-3388 %NASLMINLEVEL 70300 C...
Scientific Linux Security Update : evolution on SL4.x, SL5.x i386/x86_64
A format string flaw was found in the way Evolution displayed encrypted mail content. If a user opened a carefully crafted mail message, arbitrary code could be executed as the user running Evolution. CVE-2008-0072 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C...
Scientific Linux Security Update : mysql on SL5.x i386/x86_64
CVE-2008-2079 mysql: privilege escalation via DATA/INDEX DIRECTORY directives CVE-2008-3963 MySQL: Using an empty binary value leads to server crash CVE-2008-4456 mysql: mysql command line client XSS flaw CVE-2008-3963 MySQL: Using an empty binary value leads to server crash CVE-2009-2446 MySQL:...
Scientific Linux Security Update : glibc on SL5.x i386/x86_64 (20120718)
The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. It was discovered that the formatted printing functionality in glibc did not properly restrict the use of alloca. This...
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. CVE-2007-5907, Important - Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects vDSO implementation. This...
Scientific Linux Security Update : perl-DBD-Pg on SL5.x, SL6.x i386/x86_64 (20120725)
Perl DBI is a database access Application Programming Interface API for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially crafted database warning or error message from a server could cause...