USN-239-1: libapache2-mod-auth-pgsql vulnerability

Several format string vulnerabilities were discovered in the error logging handling. By sending specially crafted user names, an unauthenticated remote attacker could exploit this to crash the Apache server or possibly even execute arbitrary code with the privileges of Apache user 'www-data'...

[SECURITY] [DSA 930-1] New smstools packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 930-1 [email protected] http://www.debian.org/security/ Steve Kemp Jan 9, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------...

[SECURITY] [DSA 930-1] New smstools packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 930-1 [email protected] http://www.debian.org/security/ Steve Kemp Jan 9, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------...

[Full-disclosure] [SECURITY] [DSA 930-1] New smstools packages fix format string vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 930-1 [email protected] http://www.debian.org/security/ Steve Kemp Jan 9, 2006 http://www.debian.org/security/faq -...

PT-2006-1039 · Apache · Apache Auth Ldap

Name of the Vulnerable Software and Affected Versions: Apache auth ldap versions 1.6.0 and earlier auth ldap version 1.4.8 Description: The issue concerns multiple format string vulnerabilities in the auth ldap log reason function. This allows remote attackers to execute arbitrary code via variou...

SMSTools format string vulnerabilities

Многочисленные ошибки форматной строки...

[Full-disclosure] [USN-239-1] libapache2-mod-auth-pgsql vulnerability

=========================================================== Ubuntu Security Notice USN-239-1 January 09, 2006 libapache2-mod-auth-pgsql vulnerability CVE-2005-3656 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 Warty...

DSA-930-1 smstools - format string error

Bulletin has no description...

CVE-2005-3656

Multiple format string vulnerabilities in logging functions in modauthpgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username...

CVE-2005-3656

CVE-2005-3656 describes a format-string vulnerability in mod_auth_pgsql used for authenticating against PostgreSQL. The flaw in logging functions could enable remote, unauthenticated code execution with the httpd user. Affected modules include libapache2-mod-auth-pgsql; multiple advisories (Red H...

CVE-2005-3656

Removed by vendor...

mod_auth_pgsql security update

CentOS Errata and Security Advisory CESA-2006:0164 Updated modauthpgsql packages that fix format string security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. The modauthpgsql...

security flaw

Multiple format string vulnerabilities in logging functions in modauthpgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username...

Apache < 2.0.3 mod_auth_pgsql Module Server Log Format String

Binary data 3358.prm...

CVE-2006-0082

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...

CVE-2006-0082

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...

DEBIAN-CVE-2006-0082

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...

CVE-2006-0082

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...

CVE-2006-0082

CVE-2006-0082 is a format string vulnerability in ImageMagick (SetImageInfo in image.c) and GraphicsMagick that could crash the process or allow code execution via specially crafted filenames (numeric format specifiers like %d). Public advisories document affected products (ImageMagick/GraphicsMa...

CVE-2006-0082

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...