8515 matches found
GLSA-200405-08 : Pound format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200405-08 Pound format string vulnerability A format string flaw in the processing of syslog messages was discovered and corrected in Pound. Impact : This flaw may allow remote execution of arbitrary code with the rights of the...
GLSA-200407-18 : mod_ssl: Format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200407-18 modssl: Format string vulnerability A bug in sslengineext.c makes modssl vulnerable to a ssllog related format string vulnerability in the modproxy hook functions. Impact : Given the right server configuration, an attack...
GLSA-200404-12 : Scorched 3D server chat box format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200404-12 Scorched 3D server chat box format string vulnerability Scorched 3D build 36.2 and before does not properly check the text entered in the Chat box T key. Using format string characters, you can generate a heap overflow...
GLSA-200405-21 : Midnight Commander: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200405-21 Midnight Commander: Multiple vulnerabilities Numerous security issues have been discovered in Midnight Commander, including several buffer overflow vulnerabilities, multiple vulnerabilities in the handling of temporary...
GLSA-200404-19 : Buffer overflows and format string vulnerabilities in LCDproc
The remote host is affected by the vulnerability described in GLSA-200404-19 Buffer overflows and format string vulnerabilities in LCDproc Due to insufficient checking of client-supplied data, the LCDd server is susceptible to two buffer overflows and one string buffer vulnerability. If the serve...
GLSA-200406-02 : tripwire: Format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200406-02 tripwire: Format string vulnerability The code that generates email reports contains a format string vulnerability in pipedmailmessage.cpp. Impact : With a carefully crafted filename on a local filesystem an attacker cou...
GLSA-200404-14 : Multiple format string vulnerabilities in cadaver
The remote host is affected by the vulnerability described in GLSA-200404-14 Multiple format string vulnerabilities in cadaver Cadaver code includes the neon library, which in versions 0.24.4 and previous is vulnerable to multiple format string attacks. The latest version of cadaver uses version...
GLSA-200404-18 : Multiple Vulnerabilities in ssmtp
The remote host is affected by the vulnerability described in GLSA-200404-18 Multiple Vulnerabilities in ssmtp There are two format string vulnerabilities inside the logevent and die functions of ssmtp. Strings from outside ssmtp are passed to various printf-like functions from within logevent an...
AIX 5.1 : IY46255
The remote host is missing AIX Critical Security Patch number IY46255 SECURITY: Format string vulnerability in /usr/bin/enq and. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...
AIX 5.2 : IY45329
The remote host is missing AIX Critical Security Patch number IY45329 SECURITY: Format string vulnerability in /usr/bin/enq and. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...
CVE-2004-0800
Format string vulnerability in CDE Mailer dtmail on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv0 value...
CVE-2004-0800
CVE-2004-0800 affects the Solaris CDE Mailer component dtmail (on Solaris 8/9). The vulnerability is a format string issue in argv[0], allowing a local user to execute arbitrary code with the privileges of the vulnerable process (typically the mail group). The CERT/NVD entries describe local code...
Solaris dtmail format string bug
format string bug in argv0 allows privilege escalation to gid group...
[Full-Disclosure] iDEFENSE Security Advisory 08.24.04: CDE Mailer argv[0] Format String Vulnerability
CDE Mailer argv0 Format String Vulnerability iDEFENSE Security Advisory 08.24.04 www.idefense.com/application/poi/display?id=132&type=vulnerabilities August 24, 2004 I. BACKGROUND CDE Mailer dtmail is the mail user agent MUA for CDE, which is installed on Solaris 8 and 9 by default. It provides a...
Sun Solaris dtmail contains a format string vulnerability
Overview A vulnerability in the way dtmail handles command-line arguments could allow an attacker to execute arbitrary code. Description The dtmail program is a mail user agent MUA for the Common Desktop Environment CDE. It provides a graphical user interface for reading, sending, and managing...
FreeBSD : courier-imap -- format string vulnerability in debug mode (26)
The following package needs to be updated: courier-imap %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg616cf823f48b11d89837000c41e2cdad.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...
CVE-2003-1051
CVE-2003-1051 affects IBM DB2 Universal Database 8.1. It describes multiple format-string vulnerabilities that could allow local users to execute arbitrary code via certain command-line arguments to db2start, db2stop, or db2govd. Root cause: format string handling issues in the involved binaries....
ProFTPD cwd Command Format String
Binary data 1818.prm...
tanned < 0.7.2 Remote Format String
Binary data 1889.prm...
BitchX IRC Client "/INVITE" Command Format String DoS
Binary data 1855.prm...