Lucene search
K

8517 matches found

Cent OS
Cent OS
added 2006/08/16 7:29 p.m.68 views

wireshark security update

CentOS Errata and Security Advisory CESA-2006:0602 New Wireshark packages that fix various security vulnerabilities in Ethereal are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ethereal is a program for monitoring network...

10CVSS6AI score0.0733EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2006/08/16 1:41 p.m.4 views

security flaw

Multiple format string vulnerabilities in Wireshark aka Ethereal 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the 1 ANSI MAP, 2 Checkpoint FW-1, 3 MQ, 4 XML, and 5 NTP dissectors...

10CVSS6.2AI score0.05931EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/08/16 1:41 p.m.34 views

Moderate: Red Hat Security Advisory: wireshark security update (was ethereal)

New Wireshark packages that fix various security vulnerabilities in Ethereal are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ethereal is a program for monitoring network traffic. In May 2006, Ethereal changed its name to...

10CVSS6AI score0.0733EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2006/08/16 12:0 a.m.41 views

SOL5794 - Security Advisory: Perl integer sign error in format string processing - CVE-2005-3962

Although F5 Networks products contain versions of Perl that are subject to this vulnerability, this vulnerability can only be exploited by an attacker that has root access. As a result, F5 Networks products are not considered vulnerable. Integer overflow in the format string functionality...

4.6CVSS9.8AI score0.01374EPSS
Exploits2
NVD
NVD
added 2006/08/14 11:4 p.m.16 views

CVE-2006-4127

Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the 1 privmsg or 2 pubmsg functions from a cmd.user.c, b penalties.c, or c cmd.dc.c...

4.6CVSS7.7AI score0.02121EPSS
Exploits1References9
CVE
CVE
added 2006/08/14 11:0 p.m.44 views

CVE-2006-4127

The CVE-2006-4127 entry covers format string vulnerabilities in DConnect Daemon (versions up to 0.7.0). The issue arises when calling privmsg() or pubmsg from the files cmd.user.c, penalties.c, or cmd.dc.c, allowing remote administrators to execute arbitrary code due to improper handling of forma...

4.6CVSS8.1AI score0.02121EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2006/08/14 11:0 p.m.19 views

CVE-2006-4127

Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the 1 privmsg or 2 pubmsg functions from a cmd.user.c, b penalties.c, or c cmd.dc.c...

7.7AI score0.02121EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2006/08/14 12:0 a.m.45 views

FreeBSD : mysql -- format string vulnerability (fcb90eb0-2ace-11db-a6e2-000e0c2e438a)

"Jean-David Maillefer reports a Denial of Service vulnerability within MySQL. The vulnerability is caused by improper checking of the dataformat routine, which cause the MySQL server to crash. The crash is triggered by the following code:'SELECT dateformat'%d%s', 1 %NASLMINLEVEL 70300 C Tenable...

4CVSS5.3AI score0.26815EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/08/14 12:0 a.m.21 views

GLSA-200608-18 : Net::Server: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200608-18 Net::Server: Format string vulnerability The log function of Net::Server does not handle format string specifiers properly before they are sent to syslog. Impact : By sending a specially crafted datastream to an...

5CVSS5.5AI score0.02698EPSS
Exploits0References2
NVD
NVD
added 2006/08/10 12:4 a.m.8 views

CVE-2006-4070

Format string vulnerability in Imendio Planner 0.13 allows user-assisted attackers to execute arbitrary code via format string specifiers in a filename...

5.1CVSS7.5AI score0.01661EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/08/10 12:0 a.m.17 views

CVE-2006-4070

Format string vulnerability in Imendio Planner 0.13 allows user-assisted attackers to execute arbitrary code via format string specifiers in a filename...

7.5AI score0.01661EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2006/08/10 12:0 a.m.30 views

Net::Server: Format string vulnerability

Background Net::Server is an extensible, generic Perl server engine. It is used by several Perl applications like Postgrey. Description The log function of Net::Server does not handle format string specifiers properly before they are sent to syslog. Impact By sending a specially crafted datastrea...

5CVSS6.3AI score0.02698EPSS
Exploits0
CVE
CVE
added 2006/08/10 12:0 a.m.41 views

CVE-2006-4070

CVE-2006-4070 concerns a format-string vulnerability in Imendio Planner 0.13. The flaw allows user-assisted attackers to execute arbitrary code via format specifiers embedded in a filename. According to NVD, the base CVSSv2 score is 5.1 (Medium) with network access required and no authentication....

5.1CVSS7.8AI score0.01661EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2006/08/08 12:0 a.m.47 views

Imendio Planner format string vulnerability

Format string vulnerability in filename...

1.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/08/08 12:0 a.m.46 views

IMENDIO PLANNER REMOTE FILENAME FORMAT STRING VULNERABILITY

By : LoneEagle E-mail : [email protected] http://kandangjamur.net Affected : IMENDIO PLANNER 0.13 PROJECT MANAGEMENT FEDORA 4. Impact : System Acces From : Remote Severity : Moderately Critical Description: ------------ Imendio planner was failed when opening file name format string. Remote...

1AI score
Exploits0
securityvulns
securityvulns
added 2006/08/07 12:0 a.m.49 views

DConnect Daemon chat server multiple security vulnerabilities

DoS conditions, format string vulnerabilities...

1.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/08/07 12:0 a.m.27 views

DConnect Daemon Multiple Vulnerabilities

Luigi Auriemma Application: DConnect Daemon http://www.dc.ds.pg.gda.pl Versions: = 0.7.0 and CVS = 30 Jul 2006 Platforms: Windows, nix, BSD and others Bugs: A listenthreadudp buffer-overflow B dcchat NULL pointer C various format string bugs privileges needed Exploitation: remote Date: 06 Aug 200...

0.5AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/08/06 12:0 a.m.83 views

MySQL: Denial of service

Background MySQL is a popular multi-threaded, multi-user SQL server. Description Jean-David Maillefer discovered a format string vulnerability in time.cc where MySQL fails to properly handle specially formatted user input to the dateformat function. Impact By specifying a format string as the fir...

4CVSS6.6AI score0.26815EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2006/07/31 9:4 p.m.15 views

CVE-2006-3120

Format string vulnerability in Brian Wotring Osiris before 4.2.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unspecified attack vectors related to the logging functions...

7.5CVSS6.2AI score0.03143EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/07/31 9:0 p.m.25 views

CVE-2006-3120

Format string vulnerability in Brian Wotring Osiris before 4.2.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unspecified attack vectors related to the logging functions...

7.7AI score0.03143EPSS
Exploits0References8
Rows per page
Query Builder