8511 matches found
CVE-2001-0387
CVE-2001-0387 is a format-string vulnerability in HylaFAX’s hfaxd that allows local users to gain privileges via the -q command-line argument in versions prior to 4.1.b2_2. The issue is documented across multiple sources (NVD, CVE list, Debian/DSA and Mandrake advisory). Exploitation would enable...
CVE-2001-0387
Format string vulnerability in hfaxd in HylaFAX before 4.1.b22 allows local users to gain privileges via the -q command line argument...
CVE-2001-0473
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands...
CVE-1999-1417
The CVE-1999-1417 entry documents a format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3.1a4. The issue arises in the web server’s handling of HTTP requests containing encoded percent characters, which are logged improperly. This can lead to a denial of service and, in some cases...
Ошибки форматной строки в screen (format string)
Ошибка форматной строки при работе с TERMCAP И другие проблемы...
Переполнение буфера в vpopmail (format string)
Ошибка "форматной строки" при проверки имени пользователя/пароля позволяет вызвать переполнение буфера...
Security Update: [CSSA-2001-031.0] Linux -security issues in ucd-snmp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Caldera International, Inc. Security Advisory Subject: Linux - security issues in ucd-snmp Advisory number: CSSA-2001-031.0 Issue date: 2001, August 16 Cross reference: 1. Problem Description In a routine security audit of the ucd-snmp package we have...
CVE-2001-0522
Format string vulnerability in Gnu Privacy Guard aka GnuPG or gpg 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file...
CVE-2001-0570
minicom 1.83.1 and earlier allows a local attacker to gain additional privileges via numerous format string attacks...
CVE-2001-0609
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function...
CVE-2001-0570
minicom 1.83.1 and earlier allows a local attacker to gain additional privileges via numerous format string attacks...
CVE-2001-0609
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function...
CVE-2001-0609
CVE-2001-0609 affects Infodrom cfingerd 1.4.3 and earlier. A format string vulnerability in the ident reply that is passed to the syslog function enables a remote attacker to gain additional privileges. Several connected sources corroborate that cfingerd’s logging/ident handling allows privilege ...
CVE-2001-0570
CVE-2001-0570 affects minicom 1.83.1 and earlier. The root cause is format-string handling allowing a local attacker to gain additional privileges (local, low complexity, no authentication). The impact is privilege escalation with complete confidentiality, integrity, and availability concerns as ...
Ошибка форматной строки в groff (format string)
Ошибка форматной строки в /usr/bin/pic используемой LPD...
ADV/EXP:pic/lpd remote exploit - RH 7.0
Vendor security list has been notified and as of last contact, on Mon July 9 2001, a patch which seemed to work had been worked out. This patch is attached. groff-1.16.1.diff Official patches are sure to follow. ---- begin pic-lpr-remote.c ---- includestdio.h...
PT-2001-1807 · Infodrom · Cfingerd
Name of the Vulnerable Software and Affected Versions: Infodrom cfingerd versions 1.4.3 and earlier Description: A format string issue allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function. This can be exploited by sending a...
Multiple vendors' RADIUS implementations do not adequately validate user input thereby permitting DoS and arbitrary command execution via 'radiusd' daemon
Overview Vulnerabilities in various implementations of the Remote Authentication Dial-In User Server RADIUS 'radiusd' daemon can allow an attacker to disrupt services or obtain unauthorized access. Description Various implementations of the Remote Authentication Dial-In User Server RADIUS 'radius...
CVE-2001-1022
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command...
top format string bug exploit code (exploitable)
hi. It still seems to be affected under 3.5beta9 including this version someone said it's not the problem of exploitable vulnerability about 8 month ago , but it's possible to exploit though situation is difficult. following code and some procedure comments demonstrate it. possible to get kmem...