Multiple MetaMail bugs

Multiple format string bugs and buffer overflow...

[Full-Disclosure] [ GLSA 200405-17 ] Multiple vulnerabilities in metamail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200405-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

Multiple vulnerabilities in metamail

Background Metamail is a program that decodes MIME encoded mail. It is therefore often automatically called when an email is received or read. Description Ulf Harnhammar found two format string bugs and two buffer overflow bugs in Metamail. Impact A remote attacker could send a malicious email...

Important: Red Hat Security Advisory: mc security update

Updated mc packages that resolve several buffer overflow vulnerabilities, one format string vulnerability and several temporary file creation vulnerabilities are now available. Midnight Commander mc is a visual shell much like a file manager. Several buffer overflows, several temporary file...

neon format string bugs and heap overflow

Format string bugs in few functions...

Pound format string vulnerability

Background Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly. Description A format string flaw in the processing of syslog messages was discovered and...

mc

New mc packages are available for Slackware 9.0, 9.1, and -current to fix security issues that These could lead to a denial of service or the execution of arbitrary code as the user running mc. Sites that use mc should upgrade to the new mc package. More details about this issue may be found in t...

[EXPL] Pound Format String Exploit

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Pound format string bug

Format string bug during request processing...

OpenOffice.org vulnerability when using DAV servers

Background OpenOffice.org is an office productivity suite, including word processing, spreadsheets, presentations, drawings, data charting, formula editing, and file conversion facilities. Description OpenOffice.org includes code from the Neon library in functions related to publication on WebDAV...

Multiple format string vulnerabilities in neon 0.24.4 and earlier

Background neon provides an HTTP and WebDAV client library. Description There are multiple format string vulnerabilities in libneon which may allow a malicious WebDAV server to execute arbitrary code under the context of the process using libneon. Impact An attacker may be able to execute arbitra...

CVE-2004-0232

Multiple format string vulnerabilities in Midnight Commander mc before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code...

CVE-2004-0232

Midnight Commander (mc) is affected by CVE-2004-0232: multiple format string vulnerabilities in versions before 4.6.0 that can cause a denial of service or arbitrary code execution. Exploitation details are not provided in the documents; remediation per description is to upgrade to 4.6.0 or newer.

CVE-2004-0232

Multiple format string vulnerabilities in Midnight Commander mc before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code...

APSIS Pound 1.5 - Remote Format String

APSIS Pound 1.5 - Remote Format String // source: https://www.securityfocus.com/bid/10267/info APSIS Pound has been found to be prone to a remote format string vulnerability. The problem presents itself when Pound handles certain requests containing embedded format string specifiers. Ultimately...

APSIS Pound 1.5 - Remote Format String

// source: https://www.securityfocus.com/bid/10267/info APSIS Pound has been found to be prone to a remote format string vulnerability. The problem presents itself when Pound handles certain requests containing embedded format string specifiers. Ultimately this vulnerability could allow for...

Important: Red Hat Security Advisory: : Updated mc packages resolve several vulnerabilities

Updated mc packages that resolve several buffer overflow vulnerabilities, one format string vulnerability and several temporary file creation vulnerabilities are now available. Midnight Commander mc is a visual shell much like a file manager. Several buffer overflows, several temporary file...

Multiple midnight commander bugs

Buffer overflows, format string bugs, symlink problem on temporary files...

Solaris 10.x ESRI Arcgis Local Root Format String Exploit

Exploit for solaris platform in category local exploits ========================================================= Solaris 10.x ESRI Arcgis Local Root Format String Exploit ========================================================= / ESRI 9.x Arcgis local root format string exploit Copyright Kevin...

[Full-Disclosure] MDKSA-2004:039 - Updated mc packages fix vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: mc Advisory ID: MDKSA-2004:039 Date: April 29th, 2004 Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1 Problem Description: Several vulnerabilities in Midnight Commander were found by Jacub...