CVE-2002-0979

CVE-2002-0979 concerns the Java logging feature of the JVM in Internet Explorer. The vulnerability arises when the JVM’s logging outputs (e.g., System.out.println) are written to a known pathname, which can be leveraged to execute arbitrary code. The available connected documents confirm the affe...

CVE-2002-0979

The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code...

CVE-2002-0501

Format string vulnerability in logprint function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages...

CVE-2002-0796

Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges...

LabVIEW Web Server HTTP Get Newline DoS

It was possible to kill the web server by sending a request that ends with two LF characters instead of the normal sequence CR LF CR LF CR = carriage return, LF = line feed. An attacker can exploit this vulnerability to make this server and all LabView applications crash. C Tenable Network...

Inso DynaWeb HTTPd 3.14.0.24.1 - Format String

Inso DynaWeb HTTPd 3.14.0.24.1 - Format String // source: https://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to ...

CVE-2002-0796

Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges...

Format string bugs in mmmail/mmftpd

Format string bugs in logging...

XMB Forum 1.6 - Magic Lantern Log File

XMB Forum 1.6 - Magic Lantern Log File source: https://www.securityfocus.com/bid/4722/info XMB Forum 1.6 Magic Lantern allows remote users to conduct activities in the forum while bypassing normal logging functions. This is accomplished by submitting an arbitrary string as the "analized" variable...

XMB Forum 1.6 - Magic Lantern Log File

source: https://www.securityfocus.com/bid/4722/info XMB Forum 1.6 Magic Lantern allows remote users to conduct activities in the forum while bypassing normal logging functions. This is accomplished by submitting an arbitrary string as the "analized" variable to index.php. Log information is writt...

Format string bug in ISC dhcpd

Format string on syslog call in NSUPDATE functionality...

CVE-2002-1592

The aplogrerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information...

CVE-2002-1592

The aplogrerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information...

CVE-2002-0260

CVE-2002-0260 concerns a buffer overflow in InstantServers MiniPortal 1.1.5 and earlier. The overflow occurs when a long login name is processed by the logging utility, allowing remote attackers to potentially execute arbitrary code. Affected software/version: MiniPortal

Format string and buffer overflow bugs in Posadis DNS Server

Format string bug on logging without syslog facility...

Format String Bug in Posadis DNS Server

Date: Mar 27 02 Me: kkr [email protected] Software: Posadis DNS Server http://sourceforge.net/projects/posadis/ Ver: m5pre1 Bug: bad fmt string usage in log function, may lead to remote access Word Life: the warez dude Overview: Posadis dns server is a small dns server without cache or resolving...

CVE-2002-0113

EMC NetWorker formerly Legato NetWorker before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platfo...

CVE-2000-0615

CVE-2000-0615 : LPRng 3.6.x improperly installs lpd as setuid root, allowing local users to append lpd trace and logging messages to files. The connected documents confirm the vulnerability is a local privilege issue tied to the lpd binary running with root privileges. No explicit exploit details...

CVE-1999-1047

When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities...

CVE-1999-1047

Gauntlet 5.0 BSDI: When patches are installed in a particular order, the system allows remote attackers to bypass firewall access restrictions and prevents logging of those activities. Affected component: Gauntlet firewall on BSDI with specific patch ordering. Root cause described as the patch se...