8516 matches found
CVE-2006-0925
Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows remote attackers to cause a denial of service CPU consumption by creating and then listing folders whose names contain format string specifiers...
MDaemon IMAP Server Mail Folder Name Format String
The remote host is running Alt-N MDaemon, an SMTP/IMAP server for the Windows operating system family. The IMAP server component of MDaemon is affected by a format string vulnerability involving folders with format string specifiers in their names . An authenticated attacker can leverage this iss...
Alt-N MDaemon 8.1.1 IMAP Server - Remote Format String
Alt-N MDaemon 8.1.1 IMAP Server - Remote Format String source: https://www.securityfocus.com/bid/16854/info Alt-N MDaemon IMAP Server is affected by a remote format-string vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input before using it in the...
GLSA-200602-13 : GraphicsMagick: Format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200602-13 GraphicsMagick: Format string vulnerability The SetImageInfo function was found vulnerable to a format string mishandling. Daniel Kobras discovered that the handling of '%'-escaped sequences in filenames passed to the...
Alt-N MDaemon 8.1.1 IMAP Server - Remote Format String
source: https://www.securityfocus.com/bid/16854/info Alt-N MDaemon IMAP Server is affected by a remote format-string vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input before using it in the format-specifier argument to a formatted printing...
GraphicsMagick: Format string vulnerability
Background GraphicsMagick is a collection of tools to read, write and manipulate images in many formats. Description The SetImageInfo function was found vulnerable to a format string mishandling. Daniel Kobras discovered that the handling of "%"-escaped sequences in filenames passed to the functi...
Sof-PunkBuster.txt
Luigi Auriemma Application: Soldier of Fortune II with PunkBuster enabled http://www.ravensoft.com/soldier2.html http://www.PunkBuster.com Versions: PB for server = 1.180 Platforms: Windows, Linux and Mac Bug: format string Exploitation: remote, versus server in-game Date: 16 Feb 2006 Author: Lui...
Format string
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly...
CVE-2006-0771
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly...
CVE-2006-0771
CVE-2006-0771 affects PunkBuster 1.180 and earlier (as used by Soldier of Fortune II and possibly other games). The issue is a format-string vulnerability in handling invalid cvar values when the server kicks a player and records the reason, allowing remote attackers to cause a denial of service ...
CVE-2006-0771
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly...
Format string
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...
CVE-2006-0738
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...
CVE-2006-0738
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...
CVE-2006-0738
CVE-2006-0738 concerns the eStara SIP softphone. The vulnerability arises from multiple format string vulnerabilities in how the SDP session description is processed during SIP INVITE handling, allowing remote attackers to cause a denial of service (hang). Affected component details state that fo...
[Full-disclosure] Soldier of Fortune II format string through PunkBuster 1.180
Luigi Auriemma Application: Soldier of Fortune II with PunkBuster enabled http://www.ravensoft.com/soldier2.html http://www.PunkBuster.com Versions: PB for server = 1.180 Platforms: Windows, Linux and Mac Bug: format string Exploitation: remote, versus server in-game Date: 16 Feb 2006 Author: Lui...
PunkBuster anti-cheat server format string vulnerability
Format string bug with "reason" parameter if used with Soldier of Fortune II game...
ImageMagick security update
CentOS Errata and Security Advisory CESA-2006:178-2 Updated ImageMagick packages that fix two security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagickTM is an image display and manipulation tool for the X...
SSH SFTP client / server format string vulnerability
Format string bug on filename logging...
[SA18843] WRQ Reflection Secure IT SFTP Format String Vulnerability
TITLE: WRQ Reflection Secure IT SFTP Format String Vulnerability SECUNIA ADVISORY ID: SA18843 VERIFY ADVISORY: http://secunia.com/advisories/18843/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: WRQ Reflection for Secure IT UNIX Server 6.x...