Lucene search
K

8625 matches found

Debian CVE
Debian CVE
added 2006/04/06 10:0 p.m.25 views

CVE-2006-1615

Multiple format string vulnerabilities in the logging code in Clam AntiVirus ClamAV before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized...

10CVSS7.2AI score0.11352EPSS
Exploits0
FreeBSD
FreeBSD
added 2006/04/06 12:0 a.m.29 views

clamav -- Multiple Vulnerabilities

Secunia reports: Some vulnerabilities have been reported in ClamAV, which potentially can be exploited by malicious people to cause a DoS Denial of Service and compromise a vulnerable system. An unspecified integer overflow error exists in the PE header parser in "libclamav/pe.c". Successful...

5.1CVSS7.5AI score0.07635EPSS
Exploits1References2
securityvulns
securityvulns
added 2006/04/05 12:0 a.m.55 views

Ultr@VNC remote administration client / server buffer overflow

Buffer overflow during logging...

4.3AI score
Exploits0References1
exploitpack
exploitpack
added 2006/04/04 12:0 a.m.12 views

UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities (1)

UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities 1 source: https://www.securityfocus.com/bid/17378/info UltraVNC is susceptible to multiple error-logging remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-chec...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/04/04 12:0 a.m.30 views

Mandrake Linux Security Advisory : MySQL (MDKSA-2006:064)

MySQL allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. Updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

4.6CVSS8.1AI score0.01347EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2006/04/04 12:0 a.m.32 views

UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities (2)

source: https://www.securityfocus.com/bid/17378/info UltraVNC is susceptible to multiple error-logging remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. A...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/03/08 12:0 a.m.43 views

Netcool NeuSecure Security information management platform multiple security vulnerabilities

Weak file permissions, cleartext passwords, passwords logging...

1.3AI score
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2006/02/27 11:2 p.m.30 views

CVE-2006-0903

MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. NOTE: this issue was originally reported for the mysqlquery function, but the vendor states that since mysqlquer...

4.6CVSS7.1AI score0.01347EPSS
Exploits0References3
Prion
Prion
added 2006/02/27 11:2 p.m.19 views

Design/Logic Flaw

MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. NOTE: this issue was originally reported for the mysqlquery function, but the vendor states that since mysqlquer...

4.6CVSS6.7AI score0.01347EPSS
Exploits0References25Affected Software1
NVD
NVD
added 2006/02/27 11:2 p.m.18 views

CVE-2006-0903

MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. NOTE: this issue was originally reported for the mysqlquery function, but the vendor states that since mysqlquer...

4.6CVSS6.4AI score0.01347EPSS
Exploits0References25
Cvelist
Cvelist
added 2006/02/27 11:0 p.m.24 views

CVE-2006-0903

MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysqlrealquery function. NOTE: this issue was originally reported for the mysqlquery function, but the vendor states that since mysqlquer...

6.3AI score0.01347EPSS
Exploits0References25
CVE
CVE
added 2006/02/27 11:0 p.m.106 views

CVE-2006-0903

CVE-2006-0903 is documented in multiple advisories as a local vulnerability in MySQL up to version 5.0.18 and earlier, where a NULL character in SQL queries could bypass logging via mysql_real_query. The issue is reported across Red Hat, Debian, and Scientific Linux advisories and OpenVAS entries...

4.6CVSS6.3AI score0.01347EPSS
Exploits0References25Affected Software2
exploitpack
exploitpack
added 2006/02/27 12:0 a.m.12 views

MySQL 5.0.18 - Query Logging Bypass

MySQL 5.0.18 - Query Logging Bypass source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/27 12:0 a.m.32 views

MySQL 5.0.18 - Query Logging Bypass

source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issue allows attackers to bypass the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/02/16 12:0 a.m.47 views

SSH SFTP client / server format string vulnerability

Format string bug on filename logging...

6.5CVSS1.5AI score0.10188EPSS
Exploits0References2Affected Software6
Prion
Prion
added 2006/02/15 11:6 a.m.24 views

Format string

Format string vulnerability in a logging function as used by various SFTP servers, including 1 AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, 2 Reflection for Secure IT Windows Server before 6.0 build 38, 3 F-Secure SSH Server for Windows before 5.3 build 35, 4 F-Secure SSH...

6.5CVSS7.3AI score0.10188EPSS
Exploits0References15Affected Software2
NVD
NVD
added 2006/02/15 11:6 a.m.12 views

CVE-2006-0705

Format string vulnerability in a logging function as used by various SFTP servers, including 1 AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, 2 Reflection for Secure IT Windows Server before 6.0 build 38, 3 F-Secure SSH Server for Windows before 5.3 build 35, 4 F-Secure SSH...

6.5CVSS7.1AI score0.10188EPSS
Exploits0References15
Cvelist
Cvelist
added 2006/02/15 11:0 a.m.34 views

CVE-2006-0705

Format string vulnerability in a logging function as used by various SFTP servers, including 1 AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, 2 Reflection for Secure IT Windows Server before 6.0 build 38, 3 F-Secure SSH Server for Windows before 5.3 build 35, 4 F-Secure SSH...

7AI score0.10188EPSS
Exploits0References15
CVE
CVE
added 2006/02/15 11:0 a.m.68 views

CVE-2006-0705

CVE-2006-0705 is a format-string vulnerability in SFTP/SSH logging code across multiple servers (e.g., SSH Secure Shell Server variants, and related SFTP servers). The flaw affects the handling of filenames in logs, enabling a remote authenticated user to potentially execute arbitrary commands vi...

6.5CVSS7AI score0.10188EPSS
Exploits0References15Affected Software2
Tenable Nessus
Tenable Nessus
added 2006/02/15 12:0 a.m.14 views

SSH Tectia Server SFTP Filename Logging Format String

Binary data 3432.prm...

6.5CVSS7AI score0.10188EPSS
Exploits0References2
Rows per page
Query Builder