263 matches found
UBUNTU-CVE-2016-9586
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...
USN-3116-1 dbus vulnerabilities
It was discovered that DBus incorrectly validated the source of ActivationFailure signals. A local attacker could use this issue to cause a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-0245 It was discovered that DBus incorrectly handled certain...
H2O use of externally-controlled format string
Overview H2O is an open source web server software. H2O uses externally-controlled format strings CWE-134 in the code which output error logs. Kazuho Oku reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Kazuho Oku coordinated under the Information...
Ruby: Heap corruption in DateTime.strftime() on 32 bit for certain format strings
originally send by e-mail on 4 Jun 2016 Setting a very high precision in the datestrftimewithtmx function, the following check in the STRFTIME macro in datestrftime.c will not work as expected if 's' = 0x80000000 this is the same type of issue as the other vulnerability I submitted. c 124 if star...
Vulnerability in OpenSSL - Fix memory issues in BIO_*printf functions
The internal |fmtstr| function used in processing a “%s” format string in the BIOprintf functions could overflow while calculating the length of a string and cause an OOB read when printing very long strings. Additionally the internal |doaproutch| function can attempt to write to an OOB memory...
ruby: off-by-one stack-based buffer overflow in the encodes() function
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service segmentation fault via vectors that trigger a stack-based buffer overflow...
Hylafax 4.1.x HFaxD Unspecified Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9005/info Hylafax hfaxd daemon has been reported prone to an unspecified format string vulnerability that may be exploited under non-standard configurations to execute arbitrary instructions remotely as the root user. /...
David Bagley xlock 4.16 User Supplied Format String Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley. It is believed to affect all versions of xlock derived from xlockmore. This includes the xlock shipped with a numb...
Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (OS X)
No description provided by source. !/usr/bin/perl VERITAS-OSX.pl - VERITAS NetBackup Format Strings OSX/ppc Remote Exploit johnhatdigitalmunitiondotcom bug found by kflistsatdigitalmunitiondotcom http://www.digitalmunition.com/ use POSIX; use IO::Socket; use IO::Select; my $shellcode = / OSX...
ssldump 0.9 b1 Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2096/info ssldump is a traffic analyzer for monitoring network traffic in real time. It is written and maintained by Eric Rescorla. A problem exists which could allow the arbitrary execution of code. The problem exists in...
Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (linux)
No description provided by source. !/usr/bin/perl VERITAS-Linux.pl - VERITAS NetBackup Format Strings Linux/x86 Remote Exploit johnhatdigitalmunitiondotcom bug found by kflistsatdigitalmunitiondotcom http://www.digitalmunition.com/ use POSIX; use IO::Socket; use IO::Select; use strict; print STDE...
PT-2014-2181 · Condor · Condor
Name of the Vulnerable Software and Affected Versions: Condor versions 7.2.0 through 7.6.4 Condor versions 7.7.x Description: The issue allows local users to cause a denial of service, affecting the condor schedd daemon and potentially preventing job launches. It may also be possible for attacker...
PT-2013-3973 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.9.4 Description: The issue allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error...
Updated flightgear package fixes security vulnerability
It was reported that FlightGear suffers from improper handling of format strings when FlightGear is started with allowances for remote access via the --props or --telnet commandline arguments. If a remote attacker were able to connect to FlightGear and set special parameters related with clouds, ...
DEBIAN-CVE-2012-2090
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to 1...
Condor: Multiple format string flaws
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service condorschedd daemon and failure to launch jobs and possibly execute arbitrary code via...
Ubuntu: Security Advisory (USN-1130-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple Mac OS X multiple security vulnerabilities
Multiple DoS conditions, format strings vulnerability in AppleScript, memory corruption on different file formats parsing, information leakage, privilege escalation...
SuSE 11 Security Update : CUPS (SAT Patch Number 2108)
lppasswd when running setuid or setgid still honors environment variables that specify the location of message files. Local attackers could exploit that to gather information by using crafted format strings. CVE-2010-0393 The previous fix for a use-after-free vulnerability CVE-2009-3553 was...
openSUSE Security Update : cups (cups-2102)
lppasswd when running setuid or setgid still honors environment variables that specify the location of message files. Local attackers could exploit that to gather information by using crafted format strings CVE-2010-0393. The previous fix for a use-after-free vulnerability CVE-2009-3553 was...