UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities (2)

source: https://www.securityfocus.com/bid/17378/info UltraVNC is susceptible to multiple error-logging remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. A...

Ubuntu 4.10 / 5.04 / 5.10 : libapache2-mod-auth-pgsql vulnerability (USN-239-1)

Several format string vulnerabilities were discovered in the error logging handling. By sending specially crafted user names, an unauthenticated remote attacker could exploit this to crash the Apache server or possibly even execute arbitrary code with the privileges of Apache user 'www-data'. Not...

GLSA-200601-05 : mod_auth_pgsql: Multiple format string vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200601-05 modauthpgsql: Multiple format string vulnerabilities The error logging functions of modauthpgsql fail to validate certain strings before passing them to syslog, resulting in format string vulnerabilities. Impact : An...

Apache mod-auth-pgsql authorization module format string vulnerabilities

Several format string bugs in error logging...

Apache auth_ldap authentication module format string vulnerabilities

Format string vulnerability on error logging...

USN-239-1: libapache2-mod-auth-pgsql vulnerability

Several format string vulnerabilities were discovered in the error logging handling. By sending specially crafted user names, an unauthenticated remote attacker could exploit this to crash the Apache server or possibly even execute arbitrary code with the privileges of Apache user 'www-data'...

Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service

Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service source: https://www.securityfocus.com/bid/10163/info A denial of service vulnerability has been reported in Macromedia ColdFusion MX that is reported to occur when the software attempts to write oversized error messages. The...

Libopt.a 3.1x - Error Logging Buffer Overflow (2)

Libopt.a 3.1x - Error Logging Buffer Overflow 2 source: https://www.securityfocus.com/bid/7433/info Libopt library has been reported prone to a buffer overflow vulnerability. It has been reported that several Libopt.a error logging functions, may be prone to buffer overflow vulnerabilities when...

Libopt.a 3.1x - Error Logging Buffer Overflow (1)

Libopt.a 3.1x - Error Logging Buffer Overflow 1 / source: https://www.securityfocus.com/bid/7433/info Libopt library has been reported prone to a buffer overflow vulnerability. It has been reported that several Libopt.a error logging functions, may be prone to buffer overflow vulnerabilities when...

Libopt.a 3.1x - Error Logging Buffer Overflow (2)

source: https://www.securityfocus.com/bid/7433/info Libopt library has been reported prone to a buffer overflow vulnerability. It has been reported that several Libopt.a error logging functions, may be prone to buffer overflow vulnerabilities when handling excessive data. The data may be supplied...

Libopt.a 3.1x - Error Logging Buffer Overflow (1)

/ source: https://www.securityfocus.com/bid/7433/info Libopt library has been reported prone to a buffer overflow vulnerability. It has been reported that several Libopt.a error logging functions, may be prone to buffer overflow vulnerabilities when handling excessive data. The data may be suppli...

Security fix for the ALT Linux 10 package apache2 version 2.0.40-21

Feb. 24, 2003 Joe Orton &[email protected] 2.0.40-21 - add security fix for CAN-2003-0020; replace non-printable characters with '!' when printing to error log. - disable debuginfo on IA64...

CVE-2002-1592

The aplogrerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information...

CVE-2002-1592

The aplogrerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information...

CVE-2001-0181

The CVE-2001-0181 entry concerns a format-string vulnerability in the error-logging path of the DHCP server and client in Caldera Linux. The underlying flaw is in how logging is performed, allowing a remote attacker to execute arbitrary commands. The available documents confirm the affected compo...

FreeBSD-SA-00:75.php

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:75 Security Advisory FreeBSD, Inc. Topic: modphp3/modphp4 allows remote code execution Category: ports Module: modphp3/modphp4 Announced: 2000-11-20 Credits: Jouko...

[SECURITY] New version of curl fixes buffer overflow

Package : curl and curl-ssl Problem type : remote exploit Debian-specific: no The version of curl as distributed with Debian GNU/Linux 2.2 had a bug in the error logging code: when it created an error message it failed to check the size of the buffer allocated for storing the message. This could ...

cURL 6.1 7.4 - Remote Buffer Overflow (2)

cURL 6.1 7.4 - Remote Buffer Overflow 2 source: https://www.securityfocus.com/bid/1804/info Curl is an open-source utility for sending or receiving files using URL syntax. A vulnerability exists in the version of curl included with Debian GNU/Linux 2.2 and FreeBSD prior to 4.2 release. Note that...

cURL 6.1 7.4 - Remote Buffer Overflow (1)

cURL 6.1 7.4 - Remote Buffer Overflow 1 source: https://www.securityfocus.com/bid/1804/info Curl is an open-source utility for sending or receiving files using URL syntax. A vulnerability exists in the version of curl included with Debian GNU/Linux 2.2 and FreeBSD prior to 4.2 release. Note that...

[SECURITY] New version of curl fixes buffer overflow

------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman October 13, 2000 - ------------------------------------------------------------------------ Package : curl and curl-ssl Problem...