Format string bug in EpicGames Unreal engine

Luigi Auriemma Application: Unreal engine http://unreal.epicgames.com Games: - America's Army - DeusEx - Devastation - Magic Battlegrounds - Mobile Forces - Nerf Arena Blast - Postal 2 - Rainbow Six: Raven Shield - Rune - Sephiroth: 3rd episode the Crusade - Star Trek: Klingon Honor Guard -...

Epic Games Unreal Tournament Server 436.0 - Engine Remote Format String

source: https://www.securityfocus.com/bid/9840/info A format string vulnerability has been reported to exists in the Unreal Tournament server engine. This issue is due to a failure of the server application to properly sanitize user supplied network data. Ultimately this vulnerability could allow...

GNU Anubis multiple bugs

Buffer overflows, format string bugs...

GNU Anubis buffer overflows and format string bugs

GNU Anubis buffer overflows and format string bugs PROGRAM: GNU Anubis VENDOR: Free Software Foundation, Inc. HOMEPAGE: http://www.gnu.org/software/anubis/ VULNERABLE VERSIONS: 3.6.2, 3.9.93, 3.9.92, 3.6.0, 3.6.1, possibly others IMMUNE VERSIONS: 3.6.2 with vendor patch, 3.9.93 with vendor patch,...

GNU Anubis buffer overflows and format string vulnerabilities

Ulf Härnhammar discovered several vulnerabilities in GNU Anubis. Unsafe uses of sscanf'. The %s' format specifier is used, which allows a classical buffer overflow. auth.c Format string bugs invoking syslog'. log.c, errs.c, ssl.c Ulf notes that these vulnerabilities can be exploited by a maliciou...

DreamFTP Server username Remote Format String

The remote DreamFTP server is vulnerable to a format string attack when processing the USER command. An attacker may exploit this flaw to gain a shell on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12086; scriptcveid"CVE-2004-2074"; scriptbugtraqid9800;...

CVE-2004-0039

Multiple format string vulnerabilities in HTTP Application Intelligence AI component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause forma...

CVE-2004-0104

Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code...

GNU Anubis 3.6.x3.9.x - auth.c auth_ident() Remote Overflow

GNU Anubis 3.6.x3.9.x - auth.c authident Remote Overflow // source: https://www.securityfocus.com/bid/9772/info GNU Anubis has been reported prone to multiple buffer overflow and format string vulnerabilities. It has been conjectured that a remote attacker may potentially exploit these...

GNU Anubis 3.6.x3.9.x - Multiple Format String Vulnerabilities

GNU Anubis 3.6.x3.9.x - Multiple Format String Vulnerabilities source: https://www.securityfocus.com/bid/9772/info GNU Anubis has been reported prone to multiple buffer overflow and format string vulnerabilities. It has been conjectured that a remote attacker may potentially exploit these...

GNU Anubis 3.6.x/3.9.x - Multiple Format String Vulnerabilities

source: https://www.securityfocus.com/bid/9772/info GNU Anubis has been reported prone to multiple buffer overflow and format string vulnerabilities. It has been conjectured that a remote attacker may potentially exploit these vulnerabilities to have arbitrary code executed in the context of the...

GNU Anubis 3.6.x/3.9.x - 'auth.c auth_ident()' Remote Overflow

// source: https://www.securityfocus.com/bid/9772/info GNU Anubis has been reported prone to multiple buffer overflow and format string vulnerabilities. It has been conjectured that a remote attacker may potentially exploit these vulnerabilities to have arbitrary code executed in the context of t...

Apple Mac OS X Point-to-Point Protocol daemon (pppd) contains format string vulnerability

Overview Apple Mac OS X Point-to-Point Protocol daemon contains a format string vulnerability in the handling of invalid command line arguments. Description The Point-to-Point Protocol PPP provides a method for transmitting datagrams over serial point-to-point links. There is a format string...

[SECURITY] [DSA 449-1] New metamail packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 449-1 [email protected] http://www.debian.org/security/ Martin Schulze February 24th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 449-1] New metamail packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 449-1 [email protected] http://www.debian.org/security/ Martin Schulze February 24th, 2004 http://www.debian.org/security/faq -...

MacOS X ppd format string bug

It's possible to read process memory...

DSA-449 metamail - buffer overflow, format string bugs

Bulletin has no description...

metamail contains multiple format string vulnerabilities

Overview Multiple format string vulnerabilities in the metamail package could allow a remote attacker to execute arbitrary code on the vulnerable system. An attacker may be able to exploit these vulnerabilities via a specially-crafted email message. Description The metamail package is one of the...

[SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 447-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 22nd, 2004 http://www.debian.org/security/faq -...

[Full-Disclosure] [SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 447-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 22nd, 2004 http://www.debian.org/security/faq -...