8517 matches found
Netrek format string vulnerability
Format string vulnerability on blocking player with malformed nickname...
Limited format string in Netrek 2.12.0
Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...
Netrek 2.12.0 - pmessage2() Remote Limited Format String
Netrek 2.12.0 - pmessage2 Remote Limited Format String Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web:...
Netrek 2.12.0 pmessage2() Remote Limited Format String Exploit
Exploit for unknown platform in category dos / poc ============================================================== Netrek 2.12.0 pmessage2 Remote Limited Format String Exploit ============================================================== Luigi Auriemma Application: Netrek http://www.netrek.org...
Netrek 2.12.0 - 'pmessage2()' Remote Limited Format String
Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...
XM Easy Personal FTP Server 5.30 (ABOR) Format String DoS Exploit
No description provided by source. !/usr/bin/perl -w ========================================================================================================= XM Easy Personal FTP Server 5.3.0 Multiple vulnerabilities By Umesh Wanve ...
XM Easy Personal FTP Server 5.30 - ABOR Format String Denial of Service
XM Easy Personal FTP Server 5.30 - ABOR Format String Denial of Service !/usr/bin/perl -w ========================================================================================================= XM Easy Personal FTP Server 5.3.0 Multiple vulnerabilities By Umesh Wanve...
XM Easy Personal FTP Server 5.30 (ABOR) Format String DoS Exploit
Exploit for unknown platform in category dos / poc ================================================================= XM Easy Personal FTP Server 5.30 ABOR Format String DoS Exploit ================================================================= !/usr/bin/perl -w...
XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service
!/usr/bin/perl -w ========================================================================================================= XM Easy Personal FTP Server 5.3.0 Multiple vulnerabilities By Umesh Wanve...
Fedora Core 5 : php-5.1.6-1.4 (2007-287)
This update fixes a number of security issues in PHP. A number of buffer overflow flaws were found in the PHP session extension, the strreplace function, and the imapmailcompose function. If very long strings under the control of an attacker are passed to the strreplace function then an integer...
Important: Red Hat Security Advisory: php security update for Stronghold
Updated PHP packages that fix multiple security issues are now available for Stronghold 4.0 for Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...
security flaw
Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to 1 all of the print functions on 64-bit systems, and 2 the odbcresultall function...
php security update
CentOS Errata and Security Advisory CESA-2007:0081-01 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...
Fedora Core 5 : ekiga-2.0.1-4 (2007-262)
A format string flaw was found in the way Ekiga processes certain messages form remote clients. This flaw could potentially allow a remote attacker to execute arbitrary code as the user running Ekiga. Note that Tenable Network Security has extracted the preceding description block directly from t...
Mandrake Linux Security Advisory : php (MDKSA-2007:048)
A number of vulnerabilities were discovered in PHP language. Many buffer overflow flaws were discovered in the PHP session extension, the strreplace function, and the imapmailcompose function. An attacker able to use a PHP application using any of these functions could trigger these flaws and...
Fedora Core 6 : ekiga-2.0.5-2.fc6 (2007-263)
A format string flaw was found in the way Ekiga processes certain messages. If a user is running Ekiga, a remote attacker who can connect to Ekiga could trigger this flaw and potentially execute arbitrary code with the privileges of the user. Note that Tenable Network Security has extracted the...
Fedora Core 6 : php-5.1.6-3.4.fc6 (2007-261)
This update fixes a number of security issues in PHP. A number of buffer overflow flaws were found in the PHP session extension, the strreplace function, and the imapmailcompose function. If very long strings under the control of an attacker are passed to the strreplace function then an integer...
RHEL 2.1 : php (RHSA-2007:0081)
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server....
CVE-2004-2677
Format string vulnerability in qwik-smtpd.c in QwikMail SMTP qwik-smtpd 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the 1 clientRcptTo array, and the 2 Received and 3 messageID variables, possibly involving HELO and hostname arguments...
CVE-2004-2677
CVE-2004-2677 affects QwikMail SMTP (qwik-smtpd) version 0.3 and earlier. The flaw is a format string vulnerability in qwik-smtpd.c that allows remote attackers to achieve arbitrary code execution via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variable...