2678 matches found
SunSolve CD CGI user input validation
Sunsolve CD CGI scripts does not validate user input. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2005-2967
Format string vulnerability in inputcdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD...
USN-196-1: Xine library vulnerability
Ulf Harnhammar discovered a format string vulnerability in the CDDB module's cache file handling in the Xine library, which is used by packages such as xine-ui, totem-xine, and gxine. By tricking an user into playing a particular audio CD which has a specially-crafted CDDB entry, a remote attacke...
xine-lib <= 1.1 (media player library) Remote Format String Exploit
Exploit for linux platform in category remote exploits =================================================================== xine-lib = 1.1 media player library Remote Format String Exploit =================================================================== !/usr/bin/perl -- When playing an Audio C...
Xine-Lib 1.1 - 'Media Player Library' Remote Format String
!/usr/bin/perl -- When playing an Audio CD, using xine-lib based media application, the library contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which is located in memory on the stack, is passed to the fprin...
libxine -- format string vulnerability
Gentoo Linux Security Advisory reports: Ulf Harnhammar discovered a format string bug in the routines handling CDDB server response contents. An attacker could submit malicious information about an audio CD to a public CDDB server or impersonate a public CDDB server. When the victim plays this CD...
Important: Red Hat Security Advisory: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 6
Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the sixth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles t...
CVE-2005-1856
The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack...
CVE-2005-1856
The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack...
DEBIAN-CVE-2005-1856
The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack...
CVE-2005-1856
CVE-2005-1856 affects backup-manager
CVE-2005-1856
The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack...
[SECURITY] [DSA 787-1] New backup-manager package fixes several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 787-1 [email protected] http://www.debian.org/security/ Martin Schulze August 26th, 2005 http://www.debian.org/security/faq -...
USN-169-1: Linux kernel vulnerabilities
David Howells discovered a local Denial of Service vulnerability in the key session joining function. Under certain user-triggerable conditions, a semaphore was not released properly, which caused processes which also attempted to join a key session to hang forever. This only affects Ubuntu 5.04...
CVE-2005-1772
Buffer overflow in the client cd-key hash in Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of service application crash via a long client cd-key hash value, a different vulnerability than CVE-2005-1556...
CVE-2004-2081
S CVE-2004-2081 affects Sami FTP Server 1.1.3. Local users can trigger a denial of service (pmsystem.exe crash) by issuing FTP commands: (1) CD with a tilde (~) or /../, or (2) GET for an unavailable file. This is the vulnerability described in the CVE entry; exploitation details are not provided...
CVE-2004-2081
The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service pmsystem.exe crash by issuing 1 a CD command with a tilde character or dot dot /../ or 2 a GET command for an unavailable file...
CVE-2005-1556
Gamespy cd-key validation system allows remote attackers to cause a denial of service cd-key already in use by capturing and replaying a cd-key authorization session...
CVE-2005-1556
Gamespy cd-key validation system allows remote attackers to cause a denial of service cd-key already in use by capturing and replaying a cd-key authorization session...
CVE-2005-1556
CVE-2005-1556 affects the Gamespy cd-key validation system. The vulnerability allows remote attackers to cause a denial of service (cd-key already in use) by capturing and replaying a cd-key authorization session. The provided documents describe the issue but do not include exploit code, affected...