FreeBSD : gnats -- format string vulnerability (59)

The following package needs to be updated: gnats %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgfc99c736349911d998a70090962cff2a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

FreeBSD : socat -- format string vulnerability (180)

The following package needs to be updated: socat %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgf3017ce132a411d9a9e70001020eed82.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

FreeBSD : proxytunnel -- format string vulnerability (157)

The following package needs to be updated: proxytunnel %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg50744596368f11d9a9e70001020eed82.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

nsg-advisory-08.txt

------------------------------------------------- No System Group - Advisory 03 - 15/11/04 ------------------------------------------------- Program: Tom's IPX Tunneling Daemon - TipxD Homepage: http://tipxd.sourceforge.net Vulnerable Versions: TipxD 1.1.1 and prior Risk: Low Impact: Local Format...

CVE-2004-0992

Format string vulnerability in the -a option daemon mode in Proxytunnel before 1.2.3 allows remote attackers to execute arbitrary code via format string specifiers in an invalid proxy answer...

CVE-2004-1006

CVE-2004-1006 affects ISC DHCP’s dhcpd (dhcp 2.x). A format-string vulnerability in the logging code (errwarn/calls in log paths) could allow a remote DNS server to trigger arbitrary code execution with the dhcpd’s privileges. Public references (RHSA-2005:212, Debian DSA-584-1, CERT/US-CERT entri...

CVE-2004-0980

Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...

CVE-2004-0980

The CVE-2004-0980 entry concerns a format string vulnerability in ez-ipupdate.c affecting ez-ipupdate 3.0.10 through 3.0.11b8. When running in daemon mode with certain service types, a remote attacker could cause arbitrary code execution. The provided documents consistently reference vulnerable v...

CVE-2004-1006

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702...

CVE-2004-0980

Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...

CVE-2004-0992

The CVE-2004-0992 issue affects Proxytunnel prior to 1.2.3. In daemon mode (-a), it formats log messages for invalid proxy answers, creating a format string vulnerability that could allow remote code execution on the tunneling host. Affected product: Proxytunnel; root cause: unsafe format string ...

Debian DSA-592-1 : ez-ipupdate - format string

Ulf Harnhammar from the Debian Security Audit Project discovered a format string vulnerability in ez-ipupdate, a client for many dynamic DNS services. This problem can only be exploited if ez-ipupdate is running in daemon mode most likely with many but not all service types. %NASLMINLEVEL 70300 C...

Multiple vulnerabilities in Hired Team: Trial (Shine engine)

Luigi Auriemma Application: Hired Team: Trial http://eng.nmg.ru/rubrs.asp?rubrid=165 and probably also the Shine engine on which it is based http://www.3dengine.ru/index.asp?id=4 Versions: Hired Team = 2.0 / 2.200 since this is the only game based on the Shine engine and I have received no reply...

[Full-Disclosure] Format string bug in Army Men RTS

Luigi Auriemma Application: Army Men RTS http://www.3do.com/armymen/armymen/ Versions: 1.0 Platforms: Windows Bug: format string Exploitation: remote, versus server Date: 14 November 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3...

Mandrake Linux Security Advisory : ez-ipupdate (MDKSA-2004:129)

Ulf Harnhammar discovered a format string vulnerability in ez-ipupdate, a client for many dynamic DNS services. The updated packages are patched to protect against this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

[SECURITY] [DSA 592-1] New ez-ipupdate packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 592-1 [email protected] http://www.debian.org/security/ Martin Schulze November 12th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 592-1] New ez-ipupdate packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 592-1 [email protected] http://www.debian.org/security/ Martin Schulze November 12th, 2004 http://www.debian.org/security/faq -...

DSA-592-1 ez-ipupdate - format string

Bulletin has no description...

[Full-Disclosure] ez-ipupdate format string bug

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: ez-ipupdate Advisory ID: MDKSA-2004:129 Date: November 10th, 2004 Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2 Problem Description: Ulf Harnhammar discovered ...

ez-ipupdate: Format string vulnerability

Background ez-ipupdate is a utility for updating host name information for a large number of dynamic DNS services. Description Ulf Harnhammar from the Debian Security Audit Project discovered a format string vulnerability in ez-ipupdate. Impact An attacker could exploit this to execute arbitrary...