CVE-2002-0218

Format string vulnerability in 1 sastcpd in SAS/Base 8.0 and 8.1 or 2 objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument...

CVE-2001-1312

The CVE-2001-1312 issue affects Lotus Domino R5 prior to version 5.0.7a, where LDAP handling code contains format string vulnerabilities. Exploitation could cause remote denial of service and, potentially, arbitrary code execution, as demonstrated by the PROTOS LDAPv3 test suite. The CERT advisor...

CVE-2002-0218

CVE-2002-0218 describes a format-string vulnerability in SAS software (SAS/Base 8.0/8.1: sastcpd; SAS/Integration Technologies 8.0/8.1: objspawn) that allows a local user to trigger arbitrary code execution via format specifiers supplied in a command-line argument. The root cause is a format-stri...

CVE-2001-1308

Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier LDAP allow remote attackers to cause a denial of service crash and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite...

Multiple buffer overflows in Progress

Multiple buffer overflows, format string bugs, etc...

Advisory CA-2002-10 Format String Vulnerability in rpc.rwalld

CERT Advisory CA-2002-10 Format String Vulnerability in rpc.rwalld Original release date: May 1, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Sun Solaris 2.5.1, 2.6, 7, and 8 Overview The rwall daemon rpc.rwalld is a...

Format string bug in rwalld

Formaqt string bug on syslog call...

Solaris rpc.rwalld Remote Format String Arbitrary Code Execution

The rpc.walld RPC service is running. Some versions of this server allow an attacker to gain root access remotely, by consuming the resources of the remote host then sending a specially formed packet with format strings to this host. Solaris 2.5.1, 2.6, 7, 8 and 9 are vulnerable to this issue...

rpc.rwalld contains remotely exploitable format string vulnerability

Overview rpc.rwalld is a utility that is used to send a message to all terminals of a time sharing system. A format string vulnerability may permit a remote user to execute code with the privileges of the rwall daemon. Description rpc.rwalld is a utility that listens for remote wall requests. Wal...

Format string bugs in INN

No description provided...

CVE-2002-0175

libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe...

Format string bug in Foundstone Fscan

Format string bug during server banner analisys...

KPMG-2002014: Foundstone Fscan Format String Bug

-------------------------------------------------------------------- Title: Foundstone Fscan Format String Bug BUG-ID: 2002014 Released: 19th Apr 2002 -------------------------------------------------------------------- Problem: ======== A flaw in Foundstone Fscan could result in a malicious...

Format string and buffer overflow bugs in Posadis DNS Server

Format string bug on logging without syslog facility...

Format string bug in AOLServer DB API

Format string bug in NsPdLog API call...

ISC INN 2.0/2.1/2.2.x - Multiple Local Format String Vulnerabilities

source: https://www.securityfocus.com/bid/4501/info The Internet Software Consortium ISC Internet News INN project is a powerful, mature implementation of a usenet system, including a NNTP server and a newsreading server. It is available for a wide range of Unix based systems, including Linux...

AOL Instant Messenger vulnerable to denial of service via crafted file name

Overview AOL Instant Messenger AIM 4.1 and prior are vulnerable to a denial of service vulnerability. A denial of service occurs when filenames that contain a "%s" are sent to a victim. Description AOL Instant Messenger AIM is a program for communicating with other users over the Internet. AIM...

iXsecurity.20020314.csadmin_fmt.a

iXsecurity Security Vulnerability Report No: iXsecurity.20020314.csadminfmt.a ======================================== Vulnerability Summary --------------------- Problem: Cisco Secure ACS webserver has a format string vulnerability. Threat: An attacker could send an "invalid" URL to the webserve...

Directory traversal and format string bug in Cisco Secure ACS

Any html, htm, class, jpg, jpeg or gif files can be remotely accessed. Format string bug can lead to remote server compromise...

GnuPG contains format-string vulnerability in handling of encrypted data filename

Overview Some versions of Gnu Privacy Guard GPG contain a format-string vulnerability from improper handling of filenames when decrypting files. Description GPG is an OpenPGP-compliant alternative to PGP to protect electronic communications using public-key cryptography. Versions of GPG prior to...