SYMSA-2006-002: McAfee WebShield SMTP Format String Vulnerability

Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-002 Advisory Name: McAfee WebShield SMTP Format String Vulnerability Release Date : 04-03-2005 Application : McAfee WebShield SMTP 4.5 MR1a Platform : Microsoft Windows Severity : System...

[Full-disclosure] Format string in Doomsday 1.8.6

Luigi Auriemma Application: Doomsday engine http://www.doomsdayhq.com http://deng.sourceforge.net Versions: = 1.8.6 and current SVN 1.9.0 Platforms: Windows, nix, BSD, Mac and others Bug: format string bug in ConMessage and ConPrintf Exploitation: remote, versus server and clients Date: 03 Apr 20...

CVE-2006-1403

Format string vulnerability in the PrintString function in cconsole.cpp in client/server Doom csDoom 0.7 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via format string specifiers in strings passed to the console...

Format string

Format string vulnerability in the PrintString function in cconsole.cpp in client/server Doom csDoom 0.7 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via format string specifiers in strings passed to the console...

CVE-2006-1403

Format string vulnerability in the PrintString function in cconsole.cpp in client/server Doom csDoom 0.7 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via format string specifiers in strings passed to the console...

CVE-2006-1403

CVE-2006-1403 affects csDoom (client/server Doom) up to version 0.7. The vulnerability is in PrintString (c_console.cpp) and arises from a format-string issue, allowing remote attackers to cause a denial of service and potentially execute arbitrary commands via strings passed to the console. The ...

Multiple vulnerabilities in csDoom 0.7

Luigi Auriemma Application: client/server Doom csDoom http://voxelsoft.com/csdoom/ current maintainer http://csdoom.sourceforge.net original author, 2000 Versions: = 0.7 Platforms: Windows, nix, BSD and more Bugs: A buffer-overflow in SVBroadcastPrintf B buffer-overflow in SVSetupUserInfo C forma...

Update Protection against SHOUTcast Format String Vulnerability

SHOUTcast is Nullsoft's streaming audio system for Linux and Microsoft Windows platforms. A format string vulnerability was reported in SHOUTcast. A malicious attacker with the ability to send a formatted URL request to the SHOUTcast server may be able to execute arbitrary code on the target syst...

[SECURITY] [DSA 1016-1] New evolution packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1016-1 [email protected] http://www.debian.org/security/ Martin Schulze March 23rd, 2006 http://www.debian.org/security/faq -...

DSA-1016-1 evolution - format string vulnerabilities

Bulletin has no description...

GLSA-200603-22 : PHP: Format string and XSS vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200603-22 PHP: Format string and XSS vulnerabilities Stefan Esser of the Hardened PHP project has reported a few vulnerabilities found in PHP: Input passed to the session ID in the session extension isn't properly sanitised before...

PHP: Format string and XSS vulnerabilities

Background PHP is a general-purpose scripting language widely used to develop web-based applications. It can run on a web server with the modphp module or the CGI version and also stand-alone in a CLI. Description Stefan Esser of the Hardened PHP project has reported a few vulnerabilities found i...

Symantec Security Advisory, SYM06-005

Symantec Security Advisory SYM06-005 17 March 2006 Veritas Backup Exec for Windows Servers: Media Server BENGINE Service Job log Format String Overflow Revision History None Severity Low network/system authorization and specific configuration required Remote Access Yes Local Access No...

Multiple Symantec Veritas Backup Exec backup agent vulnerabilities

DoS, format string vulnerabilities...

Format string

Format string vulnerability in the Job Engine service bengine.exe in the Media Server in Veritas Backup Exec 10d 10.1 for Windows Servers rev. 5629, Backup Exec 10.0 for Windows Servers rev. 5520, Backup Exec 10.0 for Windows Servers rev. 5484, and Backup Exec 9.1 for Windows Servers rev. 4691,...

CVE-2006-1298

Format string vulnerability in the Job Engine service bengine.exe in the Media Server in Veritas Backup Exec 10d 10.1 for Windows Servers rev. 5629, Backup Exec 10.0 for Windows Servers rev. 5520, Backup Exec 10.0 for Windows Servers rev. 5484, and Backup Exec 9.1 for Windows Servers rev. 4691,...

CVE-2006-1298

CVE-2006-1298 is a format string vulnerability in the Job Engine service (bengine.exe) of Veritas Backup Exec Media Server. The flaw affects Backup Exec 10d (10.1) for Windows Servers rev. 5629, Backup Exec 10.0 revs. 5520 and 5484, and Backup Exec 9.1 rev 4691, and is triggered when the job log ...

Ubuntu 4.10 / 5.04 / 5.10 : imagemagick vulnerabilities (USN-246-1)

Florian Weimer discovered that the delegate code did not correctly handle file names which embed shell commands CVE-2005-4601. Daniel Kobras found a format string vulnerability in the SetImageInfo function CVE-2006-0082. By tricking a user into processing an image file with a specially crafted fi...

CVE-2006-1159

Format string vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request...

CVE-2006-1159

Format string vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request...