4 matches found
CVE-2001-1562
CVE-2001-1562 affects the nvi editor; it is a format string vulnerability in which, before version 1.79, local users could gain privileges via format specifiers embedded in a filename. The Debian advisory DSA-085-1 and OpenVAS entries reiterate that nvi (and nvi-m17n) needed updates to address th...
CVE-2001-1562
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...
Debian DSA-085-1 : nvi - Format string vulnerability
Takeshi Uno found a very stupid format string vulnerability in all versions of nvi in both, the plain and the multilingualized version. When a filename is saved, it ought to get displayed on the screen. The routine handling this didn't escape format strings. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2001-1562
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...