8625 matches found
CVE-2006-1615
Multiple format string vulnerabilities in the logging code in Clam AntiVirus ClamAV before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized...
clamav -- Multiple Vulnerabilities
Secunia reports: Some vulnerabilities have been reported in ClamAV, which potentially can be exploited by malicious people to cause a DoS Denial of Service and compromise a vulnerable system. An unspecified integer overflow error exists in the PE header parser in "libclamav/pe.c". Successful...
Ultr@VNC remote administration client / server buffer overflow
Buffer overflow during logging...
UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities (1)
UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities 1 source: https://www.securityfocus.com/bid/17378/info UltraVNC is susceptible to multiple error-logging remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-chec...
Mandrake Linux Security Advisory : MySQL (MDKSA-2006:064)
MySQL allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. Updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...
UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities (2)
source: https://www.securityfocus.com/bid/17378/info UltraVNC is susceptible to multiple error-logging remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. A...
Netcool NeuSecure Security information management platform multiple security vulnerabilities
Weak file permissions, cleartext passwords, passwords logging...
CVE-2006-0903
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. NOTE: this issue was originally reported for the mysqlquery function, but the vendor states that since mysqlquer...
Design/Logic Flaw
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. NOTE: this issue was originally reported for the mysqlquery function, but the vendor states that since mysqlquer...
CVE-2006-0903
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. NOTE: this issue was originally reported for the mysqlquery function, but the vendor states that since mysqlquer...
CVE-2006-0903
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. NOTE: this issue was originally reported for the mysqlquery function, but the vendor states that since mysqlquer...
CVE-2006-0903
CVE-2006-0903 is documented in multiple advisories as a local vulnerability in MySQL up to version 5.0.18 and earlier, where a NULL character in SQL queries could bypass logging via mysql_real_query. The issue is reported across Red Hat, Debian, and Scientific Linux advisories and OpenVAS entries...
MySQL 5.0.18 - Query Logging Bypass
MySQL 5.0.18 - Query Logging Bypass source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issu...
MySQL 5.0.18 - Query Logging Bypass
source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issue allows attackers to bypass the...
SSH SFTP client / server format string vulnerability
Format string bug on filename logging...
Format string
Format string vulnerability in a logging function as used by various SFTP servers, including 1 AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, 2 Reflection for Secure IT Windows Server before 6.0 build 38, 3 F-Secure SSH Server for Windows before 5.3 build 35, 4 F-Secure SSH...
CVE-2006-0705
Format string vulnerability in a logging function as used by various SFTP servers, including 1 AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, 2 Reflection for Secure IT Windows Server before 6.0 build 38, 3 F-Secure SSH Server for Windows before 5.3 build 35, 4 F-Secure SSH...
CVE-2006-0705
Format string vulnerability in a logging function as used by various SFTP servers, including 1 AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, 2 Reflection for Secure IT Windows Server before 6.0 build 38, 3 F-Secure SSH Server for Windows before 5.3 build 35, 4 F-Secure SSH...
CVE-2006-0705
CVE-2006-0705 is a format-string vulnerability in SFTP/SSH logging code across multiple servers (e.g., SSH Secure Shell Server variants, and related SFTP servers). The flaw affects the handling of filenames in logs, enabling a remote authenticated user to potentially execute arbitrary commands vi...
SSH Tectia Server SFTP Filename Logging Format String
Binary data 3432.prm...