8509 matches found
SUSE CVE-2000-0666
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges...
SUSE CVE-2002-1215
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier claimed as buffer overflows in some sources allow remote attackers to execute arbitrary code via certain packets to UDP port 694 incorrectly claimed as TCP in some sources...
SUSE CVE-2003-0289
Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter...
SUSE CVE-2003-0852
Format string vulnerability in sendmessage.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service crash in sylpheed via format strings in an error message...
SUSE CVE-2003-0886
Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code...
SUSE CVE-2003-0978
Format string vulnerability in gpgkeyshkp experimental HKP interface for the GnuPG gpg client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service crash and possibly execute arbitrary code during key retrieval...
SUSE CVE-2004-0104
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code...
SUSE CVE-2004-0153
Multiple format string vulnerabilities in emil 2.1.0 and earlier may allow remote attackers to execute arbitrary code by triggering certain error messages...
SUSE CVE-2004-0179
Multiple format string vulnerabilities in 1 neon 0.24.4 and earlier, and other products that use neon including 2 Cadaver, 3 Subversion, and 4 OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code...
SUSE CVE-2004-0232
Multiple format string vulnerabilities in Midnight Commander mc before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code...
SUSE CVE-2004-0453
Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service emulator crash and possibly execute arbitrary code via format string specifiers in an output string...
SUSE CVE-2004-0536
Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report...
SUSE CVE-2004-0623
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog...
SUSE CVE-2004-0777
Format string vulnerability in the authdebug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging DEBUGLOGIN is enabled, allows remote attackers to execute arbitrary code...
SUSE CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...
SUSE CVE-2004-1004
Multiple format string vulnerabilities in Midnight Commander mc 4.5.55 and earlier allow remote attackers to have an unknown impact...
SUSE CVE-2005-0397
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...
SUSE CVE-2005-0665
Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename...
SUSE CVE-2005-1127
Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...
SUSE CVE-2005-1463
Multiple format string vulnerabilities in the 1 DHCP and 2 ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code...