1662 matches found
CVE-2004-1388
CVE-2004-1388 describes a format-string vulnerability in BerliOS GPSD (gpsd, formerly pygps) within the gpsd_report function, affecting versions 1.9.0 through 2.7. An attacker could remotely trigger arbitrary code execution via GPS requests with format specifiers unhandled by syslog calls. Public...
CVE-2005-0226
Format string vulnerability in the LogResolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code...
ngIRCd <= 0.8.2 Remote Format String Exploit
No description provided by source. / ngircdfsexp.c ngIRCd = 0.8.2 remote format string exploit Note: To obtain a successful exploitation, we need that ngIRCd has been compiled with IDENT, logging to SYSLOG and DEBUG enabled. Original Reference: http://www.nosystem.com.ar/advisories/advisory-11.tx...
ngIRCd <= 0.8.2 Remote Format String Exploit
Exploit for linux platform in category remote exploits ============================================ ngIRCd Use: ./ngircdfsexp -h options options: -h host or IP -p ircd port by default 6667 -t type of target system -g syslog GOT address -o offset RET addr by default 0x0806b000 -b brutefoce the RET...
ngIRCd 0.8.2 - Remote Format String
/ ngircdfsexp.c ngIRCd Use: ./ngircdfsexp -h options options: -h host or IP -p ircd port by default 6667 -t type of target system -g syslog GOT address -o offset RET addr by default 0x0806b000 -b brutefoce the RET address from 0x0806b000 + offset -l targets list root@servidor:/home/coki/audit...
DEBIAN-CVE-2004-1484
Format string vulnerability in the msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message...
DEBIAN-CVE-2004-1388
Format string vulnerability in the gpsdreport function for BerliOS GPD daemon gpsd, formerly pygps 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls...
CVE-2004-2026
Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages...
CVE-2004-1469
Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog...
CVE-2004-1484
Format string vulnerability in the msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message...
DEBIAN-CVE-2004-2026
Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages...
Citadel/UX format string bug
Formatr stirng bug on syslog call...
CitadelUX 6.27 - Format String
CitadelUX 6.27 - Format String / citadelfsexp.c Citadel/UX v6.27 remote format string exploit Use: ./citadelfsexp -h options options: -h host or IP -t type of target system -l targets list -g syslog GOT address -r RET address coki@nosystem:/audit$ ./citadelfsexp -h localhost -t0 Citadel/UX v6.27...
Citadel/UX 6.27 - Format String
/ citadelfsexp.c Citadel/UX v6.27 remote format string exploit Use: ./citadelfsexp -h options options: -h host or IP -t type of target system -l targets list -g syslog GOT address -r RET address coki@nosystem:/audit$ ./citadelfsexp -h localhost -t0 Citadel/UX v6.27 remote format string exploit by...
CVE-2004-0448
Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages...
CVE-2004-0623
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog...
CVE-2004-0451
Multiple format string vulnerabilities in the 1 logquit, 2 logerr, or 3 loginfo functions in Software Upgrade Protocol SUP allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog...
CVE-2004-0623
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog...
DEBIAN-CVE-2004-0451
Multiple format string vulnerabilities in the 1 logquit, 2 logerr, or 3 loginfo functions in Software Upgrade Protocol SUP allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog...
DEBIAN-CVE-2004-0393
Format string vulnerability in the msg function for rlpr daemon rlprd 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function...