[SECURITY] [DSA 258-1] New ethereal packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 258-1 [email protected] http://www.debian.org/security/ Martin Schulze March 10th, 2003 http://www.debian.org/security/faq -...

DSA-258 ethereal - format string vulnerability

Bulletin has no description...

WU-FTPD Debug Mode Client Hostname Remote Format String

The remote WU-FTPd server, according to its version number, is vulnerable to a format string attack when running in debug mode. C Tenable Network Security, Inc. Affected: wu-ftpd up to 2.6.1 include"compat.inc"; if description scriptid11331; scriptversion"1.25";...

CVE-2003-0103

Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service crash, lockup, or restart via a Multi-Part vCard with fields containing a large number of format string specifiers...

CVE-2002-0842

Format string vulnerability in certain third party modifications to moddav for logging bad gateway messages e.g. Oracle9i Application Server 9.0.2 allows remote attackers to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, which causes the format string...

amx_mod format string bug

Format string bug in amxsay...

[VSA0308] Half-Life AMX-Mod remote (root) hole

void.at Security Advisory VSA0308 - mailto:crew at void dot at AMX1 is a plugin for the "Half-Life Server", hosting the most popular online game today, "Counter-Strike", among others. Overview ======== Due to a format string bug in AMX, it is possible for a remote attacker who knows the...

AMX Mod 0.9.2 - Remote amx_say Format String

AMX Mod 0.9.2 - Remote amxsay Format String // source: https://www.securityfocus.com/bid/6968/info A format string vulnerability has been discovered AMX Mod 0.9.2 and earlier which may be exploitable to execute arbitrary code on a target Half-Life server. The problem occurs when calling the...

AMX Mod 0.9.2 - Remote 'amx_say' Format String

// source: https://www.securityfocus.com/bid/6968/info A format string vulnerability has been discovered AMX Mod 0.9.2 and earlier which may be exploitable to execute arbitrary code on a target Half-Life server. The problem occurs when calling the 'amxsay' command. By passing specially constructe...

CVE-2003-0060

Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center KDC before 1.2.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in Kerberos principal names...

CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

DEBIAN-CVE-2003-0060

Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center KDC before 1.2.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in Kerberos principal names...

CVE-2003-0060

Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center KDC before 1.2.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in Kerberos principal names...

DEBIAN-CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

Apache mod_dav format string bug

aplogrerror format string bug...

Re: CSSA-2003-007.0 Advisory withdrawn.

-----BEGIN PGP SIGNED MESSAGE----- Just to clarify this a bit further, the moddav module for Apache is not vulnerable to the format string vulnerability as outlined in the original advisory from SCO, CAN-2002-0842 moddav contains code that logs various errors and uses aplogrerror to do so. In...

Security Update: [CSSA-2003-007.0] Linux: Apache mod_dav module format string vulnerability

To: [email protected] [email protected] [email protected] [email protected] SCO Security Advisory Subject: Linux: Apache moddav module format string vulnerability Advisory number: CSSA-2003-007.0 Issue date: 2003 February 17 Cross reference: 1...

Oracle9i Application Server Format String Vulnerability (#NISR16022003d)

NGSSoftware Insight Security Research Advisory Name: Oracle9i Application Server Format String Vulnerability Systems Affected: All platforms; Oracle9i Application Server Release 9.0.2 Severity: Critical Risk Category: Format String Vulnerability Vendor URL: http://www.oracle.com Author: David...

Some implementations of mod_dav contain a format string vulnerability in "ap_log_rerror()" function

Overview A vulnerability in some implementations of moddav may permit a remote attacker to gain unauthorized access to a web server running moddav. Description moddav is a module designed to provide DAV capabilities for a web server. A format string vulnerability in some implementations may permi...

CVE-2003-0074

CVE-2003-0074 describes a format-string vulnerability in mpmain.c for the plpnfsd component of the plptools package. The flaw allows remote attackers to execute arbitrary code through (1) debuglog, (2) errorlog, and (3) infolog, as stated in the public records. The connected documents confirm the...