Lucene search
K

1662 matches found

securityvulns
securityvulns
added 2002/10/30 12:0 a.m.25 views

[ESA-20021029-028] syslog-ng: buffer overflow in macro handling code (UPDATED)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------+ | EnGarde Secure Linux Security Advisory October 29, 2002 | | http://www.engardelinux.org/ ESA-20021029-028 | | | | Package: syslog-ng | | Summary: buffer overflow in macro...

1.4AI score
Exploits0
OSV
OSV
added 2002/10/28 5:0 a.m.5 views

CVE-2002-1200

Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute...

7.6AI score
Exploits0References12
OSV
OSV
added 2002/10/28 5:0 a.m.2 views

DEBIAN-CVE-2002-1200

Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute...

7.5CVSS7.5AI score0.05578EPSS
Exploits1References1
NVD
NVD
added 2002/10/28 5:0 a.m.18 views

CVE-2002-1200

Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute...

7.5CVSS7.6AI score0.05578EPSS
Exploits1References8
Debian
Debian
added 2002/10/15 1:36 p.m.14 views

[SECURITY] [DSA 175-1] New syslog-ng packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 175-1 [email protected] http://www.debian.org/security/ Martin Schulze October 15th, 2002 http://www.debian.org/security/faq -...

0.2AI score
Exploits0
Debian
Debian
added 2002/10/15 1:36 p.m.14 views

[SECURITY] [DSA 175-1] New syslog-ng packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 175-1 [email protected] http://www.debian.org/security/ Martin Schulze October 15th, 2002 http://www.debian.org/security/faq -...

7AI score
Exploits0
OSV
OSV
added 2002/10/15 12:0 a.m.23 views

DSA-175 syslog-ng - buffer overflow

Bulletin has no description...

7.5CVSS6.4AI score0.05578EPSS
Exploits1
securityvulns
securityvulns
added 2002/10/10 12:0 a.m.66 views

syslog-ng buffer overflow

---------------------------------------------------------------------------- PACKAGE : syslog-ng VERSION : -1.4.15 stable and -1.5.20 development SUMMARY : buffer overflow TYPE : remote exploit VULNERABLE: : exploitable not in default configuration ZORP-OS SPECIFIC : No ZSA-AUTHOR : Balazs...

7.5AI score
Exploits0
OSV
OSV
added 2002/10/04 4:0 a.m.2 views

DEBIAN-CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

7.5CVSS8.1AI score0.02943EPSS
Exploits0References1
NVD
NVD
added 2002/08/12 4:0 a.m.21 views

CVE-2000-1208

Format string vulnerability in startprinting function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote call...

7.2CVSS6.5AI score0.00368EPSS
Exploits0References5
exploitpack
exploitpack
added 2002/08/10 12:0 a.m.23 views

ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (1)

ISDN4Linux 3.1 - IPPPD Device String SysLog Format String 1 // source: https://www.securityfocus.com/bid/5437/info isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems. isdn4linux contains a format string vulnerability in t...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/10 12:0 a.m.36 views

ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (1)

// source: https://www.securityfocus.com/bid/5437/info isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems. isdn4linux contains a format string vulnerability in the ipppd utility. In some installations, this utility is...

7AI score
Exploits0
Cvelist
Cvelist
added 2002/08/01 4:0 a.m.24 views

CVE-2000-1208

Format string vulnerability in startprinting function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote call...

6.4AI score0.00368EPSS
Exploits0References5
exploitpack
exploitpack
added 2002/07/31 12:0 a.m.42 views

William Deich Super 3.x - SysLog Format String

William Deich Super 3.x - SysLog Format String // source: https://www.securityfocus.com/bid/5367/info super is prone to a format string vulnerability. This problem is due to incorrect use of the syslog function to log error messages. It is possible to corrupt memory by passing format strings...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/31 12:0 a.m.56 views

William Deich Super 3.x - SysLog Format String

// source: https://www.securityfocus.com/bid/5367/info super is prone to a format string vulnerability. This problem is due to incorrect use of the syslog function to log error messages. It is possible to corrupt memory by passing format strings through the vulnerable logging function. This may...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/06/27 12:0 a.m.35 views

Format string bug in decfingerd

Ошибка форматной строки при вызове syslog...

1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/06/27 12:0 a.m.29 views

Formatstring Vulnerability in decfingerd 0.7

Hello all, I have no idea if this is the most current version of this application, I found it while browsing packetstormsecurity earlier. For all I know it may not even be kept current anymore. Anyhow... bad call to syslog is the culprit. I'm to lazy to code an exploit for this at the moment but ...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2002/06/04 12:0 a.m.24 views

Slurp 1.10 - SysLog Remote Format String

Slurp 1.10 - SysLog Remote Format String source: https://www.securityfocus.com/bid/4935/info slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2002/06/04 12:0 a.m.31 views

Slurp 1.10 - SysLog Remote Format String

source: https://www.securityfocus.com/bid/4935/info slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp offers functionality that allows the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/05/06 12:0 a.m.39 views

Format string bug in pam_ldap/squid_auth_ldap

Format string bug on syslog call...

1.5AI score
Exploits0References1Affected Software2
Rows per page
Query Builder