8515 matches found
CVE-2005-3962
The CVE-2005-3962 issue is a real vulnerability in Perl where an integer overflow in the format-string processor (Perl_sv_vcatpvfn) can cause memory corruption and potentially arbitrary code execution. It affects Perl 5.9.2 and 5.8.6; multiple connected advisories (Debian DSA-943/DSA-943-1, CentO...
CVE-2005-3912
Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service crash or memory consumption and possibly execute arbitrary code via format string specifiers in the usernam...
CVE-2005-3912
Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service crash or memory consumption and possibly execute arbitrary code via format string specifiers in the usernam...
CVE-2005-3912
Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service crash or memory consumption and possibly execute arbitrary code via format string specifiers in the usernam...
CVE-2005-3912
CVE-2005-3912: Webmin/miniserv.pl format-string vulnerability (username in login form) can crash or exhaust resources and potentially allow remote code execution when syslog logging is enabled. Affected: Webmin < 1.250 and Usermin
VERITAS NetBackup Java Administration Console format string vulnerability
Added: 11/30/2005 CVE: CVE-2005-2715 BID: 15079 OSVDB: 19949 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The bpjava-msvc component of the Java Administration Console in Veritas NetBackup 4.5 through 6.0 is affected by a format string vulnerabilit...
VERITAS NetBackup Java Administration Console format string vulnerability
Added: 11/30/2005 CVE: CVE-2005-2715 BID: 15079 OSVDB: 19949 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The bpjava-msvc component of the Java Administration Console in Veritas NetBackup 4.5 through 6.0 is affected by a format string vulnerabilit...
VERITAS NetBackup Java Administration Console format string vulnerability
Added: 11/30/2005 CVE: CVE-2005-2715 BID: 15079 OSVDB: 19949 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The bpjava-msvc component of the Java Administration Console in Veritas NetBackup 4.5 through 6.0 is affected by a format string vulnerabilit...
VERITAS NetBackup Java Administration Console format string vulnerability
Added: 11/30/2005 CVE: CVE-2005-2715 BID: 15079 OSVDB: 19949 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The bpjava-msvc component of the Java Administration Console in Veritas NetBackup 4.5 through 6.0 is affected by a format string vulnerabilit...
[Full-disclosure] Webmin miniserv.pl format string vulnerability
SUMMARY. The webmin miniserv.pl' web server component is vulnerable to a new class of exploitable remote code perl format string vulnerabilities. During the login process it is possible to trigger this vulnerability via a crafted username parameter containing format string data. In the observed...
CVE-2005-3666
Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 IKEv1 have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original...
CVE-2005-3666
Technical details (affected implementations, exact root cause, impact, and fixes for CVE-2005-3666) are not publicly available in the provided documents. Monitor for updates as new information becomes available.
CVE-2002-2153
Format string vulnerability in the administrative pages of the PL/SQL module for Oracle Application Server 4.0.8 and 4.0.8 2 allows remote attackers to execute arbitrary code...
CVE-2002-2155
Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name...
CVE-2002-2153
The vulnerability CVE-2002-2153 is a format string flaw in the PL/SQL module’s administrative pages of Oracle Application Server 4.0.8 (and 4.0.8 2). The underlying issue is a format string vulnerability that allows remote attackers to execute arbitrary code. The affected component is the PL/SQL ...
CVE-2002-2155
CVE-2002-2155 affects Trillian (versions 0.725 and 0.73). The vulnerability is a format string issue in the error handling of IRC invite responses, enabling a remote attacker (IRC server) to cause arbitrary code execution by sending an invite to a channel whose name contains format specifiers. Do...
CVE-2003-1236
CVE-2003-1236 involves multiple format-string vulnerabilities in the logger function of netzio.c for the Tanne 0.6.17 release, allowing remote attackers to execute arbitrary code via format specifiers in syslog. The entry is supported by multiple sources (NVD/CVE records, CVE List, Nessus/NSM fin...
CVE-2003-1236
Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog...
Scorched 3D: Multiple vulnerabilities
Background Scorched 3D is a clone of the classic "Scorched Earth" DOS game, adding features like a 3D island environment and Internet multiplayer capabilities. Description Luigi Auriemma discovered multiple flaws in the Scorched 3D game server, including a format string vulnerability and several...
GLSA-200511-10 : RAR: Format string and buffer overflow vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200511-10 RAR: Format string and buffer overflow vulnerabilities Tan Chew Keong reported about two vulnerabilities found in RAR: A format string error exists when displaying a diagnostic error message that informs the user of an...