1662 matches found
CVE-2004-0451
Multiple format string vulnerabilities in the 1 logquit, 2 logerr, or 3 loginfo functions in Software Upgrade Protocol SUP allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog...
CVE-2004-0623
GNU GNATS 4.00 is affected by a format string vulnerability in misc.c that can allow a remote attacker to execute arbitrary code via format specifiers in a string logged by syslog. The CVE-2004-0623 entry notes a high severity (base score 10.0, CVSS2: AV:N/AC:L/Au:N/C:C/I:C/A:C) with remote, unau...
CVE-2004-0451
CVE-2004-0451 describes multiple format-string vulnerabilities in the Software Upgrade Protocol (SUP) affecting the internal logging functions logquit, logerr, and loginfo. The underlying issue allows a remote attacker to cause arbitrary code execution via format specifiers contained in syslog me...
CVE-2004-0393
Format string vulnerability in the msg function for rlpr daemon rlprd 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function...
CVE-2004-0393
Format string vulnerability in the msg function for rlpr daemon rlprd 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function...
CVE-2004-0623
Removed by vendor...
GNATS format string bugs
Format string bug in syslog call...
Rlpr Advisory
,'| .-''-.....--'; / '. ..-' , ,--...--''' .--''' /' -';' ; ; ; ...--'' ...--..' .;.' fL ,....----''' ,..--'' felinemenace.org Program: rlprd 2.0.4 Impact: remote root Discovered: jaguar Writeup and exploits: Andrew Griffiths 1 Background It is a package that makes it possible or at the very leas...
Format string bug in super
Format string bug on syslog call...
sup format string bug
Format string bug on syslog call...
smtp.proxy format string bug
syslog sender address format string bug...
jftpgw format string buffer overflow
syslog format string bug...
Arbitrary code execution via a format string vulnerability in jftpgw
The log functions in jftpgw may allow remotely authenticated user to execute arbitrary code via the format string specifiers in certain syslog messages...
Pound format string vulnerability
Background Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly. Description A format string flaw in the processing of syslog messages was discovered and...
CVE-2003-1066
Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service syslogd crash and possibly execute arbitrary code via long syslog UDP packets...
CVE-2003-1236
Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog...
clamav format string bug
Format string bug in e-mail address during syslog call...
WinSyslog Interactive Syslog Server 4.21 - long Message Remote Denial of Service
WinSyslog Interactive Syslog Server 4.21 - long Message Remote Denial of Service source: https://www.securityfocus.com/bid/8821/info WinSyslog is prone to a remotely exploitable denial of service vulnerability. The issue exists in the Interactive Syslog Server specifically. This occurs when the...
Dropbear SSH Server format string bug
Format string bug on syslog call;...
[UNIX] Dropbear SSH Server Format String Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...