8515 matches found
GNU Mailutils imap4d <= 0.6 Remote Format String Exploit
Exploit for linux platform in category remote exploits ======================================================== GNU Mailutils imap4d Original Reference: http://www.idefense.com/application/poi/display?id=246&type=vulnerabilities email protected:/home/coki/audit$ ./mu-imap4dfsexp GNU Mailutils...
GNU Mailutils imap4d 0.6 - Remote Format String
/ mu-imap4dfsexp.c GNU Mailutils imap4d v0.6 remote format string exploit by CoKi Original Reference: http://www.idefense.com/application/poi/display?id=246&type=vulnerabilities coki@nosystem:/home/coki/audit$ ./mu-imap4dfsexp GNU Mailutils imap4d v0.6 remote format string exploit by CoKi use:...
FreeBSD : ethereal -- multiple protocol dissectors vulnerabilities (5d51d245-00ca-11da-bc08-0001020eed82)
An Ethreal Security Advisories reports : Our testing program has turned up several more security issues : - The LDAP dissector could free static memory and crash. - The AgentX dissector could crash. - The 802.3 dissector could go into an infinite loop. - The PER dissector could abort. - The DHCP...
FreeBSD : nbsmtp -- format string vulnerability (debbb39c-fdb3-11d9-a30d-00b0d09acbfc)
When nbsmtp is executed in debug mode, server messages will be printed to stdout and logged via syslog. Syslog is used insecurely and user-supplied format characters are directly fed to the syslog function, which results in a format string vulnerability. Under some circumstances, an SMTP server m...
Fedora Core 4 : NetworkManager-0.4-20.FC4.1 (2005-680)
Network Manager passes logging messages straight to syslog as the format string. This causes it to crash when connecting to access points that contain format string characters. This was reported initially by Ian Jackson : http://mail.gnome.org/archives/networkmanager-list/2005-July/msg00196. html...
GLSA-200507-27 : Ethereal: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200507-27 Ethereal: Multiple vulnerabilities There are numerous vulnerabilities in versions of Ethereal prior to 0.10.12, including: The SMB dissector could overflow a buffer or exhaust memory CAN-2005-2365. iDEFENSE discovered th...
CVE-2005-2390
Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via 1 certain inputs to the shutdown message from ftpshut, or 2 the SQLShowInfo modsql directive...
CVE-2005-2390
Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via 1 certain inputs to the shutdown message from ftpshut, or 2 the SQLShowInfo modsql directive...
CVE-2005-2390
CVE-2005-2390 affects ProFTPD prior to 1.3.0rc2, where two format string vulnerabilities exist: one in the shutdown message generated by ftpshut and another in the mod_sql directive SQLShowInfo. The vulnerabilities can lead to information disclosure and a denial of service, with potential for arb...
CVE-2005-2390
Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via 1 certain inputs to the shutdown message from ftpshut, or 2 the SQLShowInfo modsql directive...
ProFTPD < 1.3.0rc2 Multiple Remote Format Strings
The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host suffers from multiple format string vulnerabilities, one involving the 'ftpshut' utility and the other in modsql's 'SQLShowInfo' directive...
CVE-2005-2375
Format string vulnerability in Race Driver 1.20 and earlier allows remote attackers to cause a denial of service application crash via format string specifiers in a 1 nickname or 2 chat message...
CVE-2005-2375
Format string vulnerability in Race Driver 1.20 and earlier allows remote attackers to cause a denial of service application crash via format string specifiers in a 1 nickname or 2 chat message...
CVE-2005-2375
CVE-2005-2375 affects Race Driver (1.20 and earlier). The vulnerability is a format string issue in the nickname or chat input that can be exploited remotely to cause an application crash (DoS). The connected sources collectively confirm the affected software, the vulnerable components (format st...
ProFTPD format string vulnerabilities
Format string in directory name on shutdown message...
[SA16181] ProFTPD Two Format String Vulnerabilities
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
proftpd -- format string vulnerabilities
The ProFTPD release notes states: sean found two format string vulnerabilities, one in modsql's SQLShowInfo directive, and one involving the 'ftpshut' utility. Both can be considered low risk, as they require active involvement on the part of the site administrator in order to be exploited. These...
ethereal -- multiple protocol dissectors vulnerabilities
An Ethreal Security Advisories reports: Our testing program has turned up several more security issues: The LDAP dissector could free static memory and crash. The AgentX dissector could crash. The 802.3 dissector could go into an infinite loop. The PER dissector could abort. The DHCP dissector...
nbsmtp -- format string vulnerability
When nbsmtp is executed in debug mode, server messages will be printed to stdout and logged via syslog. Syslog is used insecurely and user-supplied format characters are directly fed to the syslog function, which results in a format string vulnerability. Under some circumstances, an SMTP server m...
gxine format string vulnerability
New gxine packages are available for Slackware 10.0, 10.1, and -current to fix a format string security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1692 Here are the details from...