Lucene search
K

8517 matches found

Cvelist
Cvelist
added 2006/12/21 9:0 p.m.23 views

CVE-2006-6692

Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using 1 zabbixlog or 2 zabbixsyslog...

7.8AI score0.07792EPSS
Exploits1References5
CVE
CVE
added 2006/12/21 9:0 p.m.50 views

CVE-2006-6692

CVE-2006-6692 affects Zabbix before 20061006, where format string vulnerabilities in logging paths (zabbix_log and zabbix_syslog) can trigger a denial of service (application crash) and potentially allow arbitrary code execution. The root cause is improper handling of format string specifiers in ...

7.5CVSS7.8AI score0.07792EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2006/12/21 9:0 p.m.25 views

CVE-2006-6692

Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using 1 zabbixlog or 2 zabbixsyslog...

7.5CVSS7AI score0.07792EPSS
Exploits1
NVD
NVD
added 2006/12/20 11:28 p.m.12 views

CVE-2006-6664

Format string vulnerability in Marathon Aleph One before 0.17.1 and 2006-12-17 might allow remote attackers to cause a denial of service application crash or execute arbitrary code via format string specifiers in the TopLevelLogger::logMessageV function in Misc/Logging.cpp. NOTE: some details wer...

5CVSS7.8AI score0.0263EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/12/20 11:0 p.m.18 views

CVE-2006-6664

Format string vulnerability in Marathon Aleph One before 0.17.1 and 2006-12-17 might allow remote attackers to cause a denial of service application crash or execute arbitrary code via format string specifiers in the TopLevelLogger::logMessageV function in Misc/Logging.cpp. NOTE: some details wer...

7.8AI score0.0263EPSS
Exploits0References5
CVE
CVE
added 2006/12/20 11:0 p.m.38 views

CVE-2006-6664

The CVE-2006-6664 issue affects Marathon Aleph One prior to 0.17.1 and on 2006-12-17, where a format string vulnerability in TopLevelLogger::logMessageV in Misc/Logging.cpp could allow remote attackers to cause an application crash (DoS) or execute arbitrary code. This risk is supported by the NV...

5CVSS8.1AI score0.0263EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/12/16 12:0 a.m.26 views

GLSA-200612-17 : GNU Radius: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200612-17 GNU Radius: Format string vulnerability A format string vulnerability was found in the sqllog function from the SQL accounting code for radiusd. That function is only used if one or more of the 'postgresql', 'mysql' or...

10CVSS6.3AI score0.04997EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2006/12/15 2:28 a.m.19 views

CVE-2006-6105

Format string vulnerability in the host chooser window gdmchooser in GNOME Foundation Display Manager gdm allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog...

4.3CVSS6AI score0.00397EPSS
Exploits0References2
NVD
NVD
added 2006/12/15 2:28 a.m.26 views

CVE-2006-6105

Format string vulnerability in the host chooser window gdmchooser in GNOME Foundation Display Manager gdm allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog...

4.3CVSS7AI score0.00397EPSS
Exploits0References15
Cvelist
Cvelist
added 2006/12/15 2:0 a.m.32 views

CVE-2006-6105

Format string vulnerability in the host chooser window gdmchooser in GNOME Foundation Display Manager gdm allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog...

6.9AI score0.00397EPSS
Exploits0References15
CVE
CVE
added 2006/12/15 2:0 a.m.67 views

CVE-2006-6105

The CVE-2006-6105 issue affects the GNOME Display Manager (gdm), specifically the host chooser window (gdmchooser). The vulnerability arises from format string handling in a hostname used in an error dialog, allowing a local attacker to execute arbitrary code via crafted input. Reports across mul...

4.3CVSS6.9AI score0.00397EPSS
Exploits0References15Affected Software1
Ubuntu
Ubuntu
added 2006/12/14 11:41 p.m.39 views

USN-396-1: gdm vulnerability

A format string vulnerability was discovered in the gdmchooser component of the GNOME Display Manager. By typing a specially crafted host name, local users could gain gdm user privileges, which could lead to further account information exposure...

4.3CVSS5.3AI score0.00397EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/12/14 12:0 a.m.41 views

GNU Radius: Format string vulnerability

Background GNU Radius is a GNU version of Radius, a server for remote user authentication and accounting. Description A format string vulnerability was found in the sqllog function from the SQL accounting code for radiusd. That function is only used if one or more of the "postgresql", "mysql" or...

10CVSS7.9AI score0.04997EPSS
Exploits0
securityvulns
securityvulns
added 2006/12/14 12:0 a.m.35 views

GNOME gdmchooser format string vulnerability

Format string vulnerability in remote hostname...

1.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/12/14 12:0 a.m.43 views

[Full-disclosure] iDefense Security Advisory 12.14.06: GNOME Foundation Display Manager gdmchooser Format String Vulnerability

GNOME Foundation Display Manager gdmchooser Format String Vulnerability iDefense Security Advisory 12.14.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 14, 2006 I. BACKGROUND The gdmchooser program provides XDMCP X Display Manager Control Protocol functionality to the GNOME Display...

0.2AI score
Exploits0
NVD
NVD
added 2006/12/13 1:28 a.m.18 views

CVE-2006-6495

Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries, except in...

6.6CVSS7.6AI score0.00418EPSS
Exploits0References10
FreeBSD
FreeBSD
added 2006/12/10 12:0 a.m.28 views

w3m -- format string vulnerability

An anonymous person reports: w3m-0.5.1 crashes when using the -dump or -backend options to open a HTTPS URL with a SSL certificate where the CN contains "%n%n%n%n%n%n"...

9.3CVSS6.3AI score0.04665EPSS
Exploits0References2
seebug.org
seebug.org
added 2006/12/06 12:0 a.m.12 views

Songbird Media Player <= 0.2 Format String Denial Of Service PoC

No description provided by source. / ======================================================================== 0-day Songbird Media Player = 0.2 Format String Denial Of Service PoC ======================================================================== Songbird Media Player and lower experiance a...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2006/12/05 11:28 a.m.2 views

CVE-2006-6306

Format string vulnerability in Novell Modular Authentication Services NMAS in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window...

1.2CVSS5.5AI score0.00342EPSS
Exploits0References12
NVD
NVD
added 2006/12/05 11:28 a.m.17 views

CVE-2006-6306

Format string vulnerability in Novell Modular Authentication Services NMAS in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window...

1.2CVSS6.2AI score0.00342EPSS
Exploits0References11
Rows per page
Query Builder