[SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 497-1 [email protected] http://www.debian.org/security/ Martin Schulze April 29th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 497-1 [email protected] http://www.debian.org/security/ Martin Schulze April 29th, 2004 http://www.debian.org/security/faq -...

Midnight Commander buffer overflows, format string bugs, and insecure temporary file handling

Jakub Jelinek reports several security related bugs in Midnight Commander, including: Multiple buffer overflows CVE-2004-0226 Insecure temporary file handling CVE-2004-0231 Format string bug CVE-2004-0232...

DSA-497 mc - several vulnerabilities

Bulletin has no description...

Buffer overflows and format string vulnerabilities in LCDproc

Background LCDproc is a program that displays various bits of real-time system information on an LCD. It makes use of a local server LCDd to collect information to display on the LCD. Description Due to insufficient checking of client-supplied data, the LCDd server is susceptible to two buffer...

eXtermail format string bug

Format string bug in POP3/SMTP commands...

eXtremail format string bugs

Format string bug in IMAP LOGIN command...

Multiple Vulnerabilities in ssmtp

Background SSMTP is a very simple mail transfer agent MTA that relays mail from the local machine to another SMTP host. It is not designed to function as a full mail server; its sole purpose is to relay mail. Description There are two format string vulnerabilities inside the logevent and die...

Veritas NetBackup 3.54.55.0 - Multiple Local Memory Corruption Vulnerabilities (3)

Veritas NetBackup 3.54.55.0 - Multiple Local Memory Corruption Vulnerabilities 3 source: https://www.securityfocus.com/bid/10226/info Multiple unspecified local buffer overrun and format string vulnerabilities have been reported to exist in various setuid Veritas NetBackup binaries. These issues...

Veritas NetBackup 3.54.55.0 - Multiple Local Memory Corruption Vulnerabilities (2)

Veritas NetBackup 3.54.55.0 - Multiple Local Memory Corruption Vulnerabilities 2 source: https://www.securityfocus.com/bid/10226/info Multiple unspecified local buffer overrun and format string vulnerabilities have been reported to exist in various setuid Veritas NetBackup binaries. These issues...

Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2)

source: https://www.securityfocus.com/bid/10226/info Multiple unspecified local buffer overrun and format string vulnerabilities have been reported to exist in various setuid Veritas NetBackup binaries. These issues may be exploited to execute arbitrary code with root privileges. It should be not...

Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3)

source: https://www.securityfocus.com/bid/10226/info Multiple unspecified local buffer overrun and format string vulnerabilities have been reported to exist in various setuid Veritas NetBackup binaries. These issues may be exploited to execute arbitrary code with root privileges. It should be not...

Format String in Cherokee

------------------------------------------------- No System Group - Advisory 3 - 17/04/04 ------------------------------------------------- Program: Cherokee Web Server Homepage: http://www.0x50.org Vulnerable Versions: Cherokee 0.4.16 and prior Risk: Low / Medium Impact: Local Format String...

CVE-2004-1946

Format string vulnerability in the PRINTERROR function in common.c for Cherokee Web Server 0.4.16 and earlier allows local users to execute arbitrary code via format string specifiers in the -C command line argument. NOTE: it is not clear whether this issue could be exploited remotely, or if...

Multiple format string vulnerabilities in cadaver

Background According to http://www.webdav.org/cadaver, cadaver is a command-line WebDAV client for Unix. It supports file upload, download, on-screen display, namespace operations move/copy, collection creation and deletion, and locking operations. Description Cadaver code includes the neon...

CVE-2004-0156

Format string vulnerabilities in the 1 die or 2 logevent functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code...

CVE-2004-0156

ssmtp is affected by format string vulnerabilities in the die() and log_event() functions, enabling a remote mail relay to trigger denial of service or potentially execute code. The issue affects ssmtp prior to version 2.50.6. Public references (Debian DSA-485, Gentoo GLSA-200404-18, OSV and NVD ...

CVE-2004-0156

Format string vulnerabilities in the 1 die or 2 logevent functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code...

[SECURITY] [DSA 487-1] New neon packages fix format string vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 487-1 [email protected] http://www.debian.org/security/ Matt Zimmerman April 16th, 2004 http://www.debian.org/security/faq -...

void.at - neon format string bugs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSA0401 - neon - void.at security notice Overview ======== We have discovered a format string vulnerability in neon http://www.webdav.org/neon. neon is a webdav client library, used by Subversion and others. CVE has assigned the name CAN-2004-0179 to...