3Com 3CServer/3CDaemon FTP Server Multiple Vulnerabilities (OF, FS, PD, DoS)

The remote host is running the 3Com 3CServer or 3CDaemon FTP server. According to its banner, the version of the 3CServer / 3CDaemon FTP server on the remote host is reportedly affected by multiple buffer overflow and format string vulnerabilities as well as an information leak issue. An attacker...

DSA-670-1 emacs20 - format string

Bulletin has no description...

DSA-671-1 xemacs21 - format string

Bulletin has no description...

CVE-2005-0240

CVE-2005-0240: Format string vulnerability in chdev on IBM AIX 5.2 permits local users to execute arbitrary code via format string specifiers in a command-line argument during error message printing. Affected component: chdev on AIX 5.2. Root cause: improper handling of format strings when printi...

CVE-2005-0100

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

CVE-2005-0100

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

DEBIAN-CVE-2005-0100

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

CVE-2005-0240

Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message...

CVE-2005-0100

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

CVE-2005-0188

Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log...

CVE-2004-1388

Format string vulnerability in the gpsdreport function for BerliOS GPD daemon gpsd, formerly pygps 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls...

CVE-2005-0188

CVE-2005-0188 concerns a format-string vulnerability in the SetBaseURL function of the AtHoc toolbar. The issue allows remote attackers to execute arbitrary code by supplying an invalid URL that is recorded in the debug log, leveraging format specifiers. Public references in NVD/CVE records indic...

CVE-2005-0226

ngIRCd is affected by a format-string vulnerability in Log_Resolver() (log.c) for versions 0.8.2 and earlier when IDENT is enabled, SYSLOG logging is used, and DEBUG is on. This can allow a remote attacker to execute arbitrary code with ngIRCd’s privileges (typically root). Several advisories and...

CVE-2004-1388

CVE-2004-1388 describes a format-string vulnerability in BerliOS GPSD (gpsd, formerly pygps) within the gpsd_report function, affecting versions 1.9.0 through 2.7. An attacker could remotely trigger arbitrary code execution via GPS requests with format specifiers unhandled by syslog calls. Public...

CVE-2004-1388

Format string vulnerability in the gpsdreport function for BerliOS GPD daemon gpsd, formerly pygps 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls...

ngIRCd Internet Relay Chat daemon format string bug

Format string bug in logging feature...

ngIRCd < 0.8.3 Log_Resolver() Remote Format String Overflow

Binary data 2591.prm...

ngIRCd &lt;= v0.8.2 Format String Vulnerability

------------------------------------------------- No System Group - Advisory 11 - 03/02/05 ------------------------------------------------- Program: ngIRCd Homepage: http://arthur.ath.cx/alex/ngircd/ Operating System: Linux and Unix-Compatible Vulnerable Versions: ngIRCd v0.8.2 and prior Risk:...

ngIRCd &lt;= 0.8.2 Remote Format String Exploit

No description provided by source. / ngircdfsexp.c ngIRCd = 0.8.2 remote format string exploit Note: To obtain a successful exploitation, we need that ngIRCd has been compiled with IDENT, logging to SYSLOG and DEBUG enabled. Original Reference: http://www.nosystem.com.ar/advisories/advisory-11.tx...

ngIRCd < 0.8.3 Log_Resolver() Format String

According to its banner, the version of the ngIRCd chat service running on the remote host contains a format string vulnerability. If it was compiled with IDENT, DEBUG is enabled, and it's logging to SYSLOG, a remote attacker can leverage this issue to execute arbitrary code on the remote host...