8511 matches found
Exim Internet Mailer 3.35/3.36/4.10 Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6314/info A format string vulnerability has been discovered in Exim. The problem occurs in the daemongo function. By supplying malicious format strings via the command line, it is possible for an attacker to execute...
White_Dune 0.29beta791 Multiple Local Code Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27102/info WhiteDune is affected by a format-string vulnerability and a buffer-overflow vulnerability. Exploiting these issues can allow local attackers to execute arbitrary code in the context of the application. Version...
Georgia SoftWorks Secure Shell Server 7.1.3 Multiple Remote Code Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27103/info Georgia SoftWorks Secure Shell Server is prone to multiple remote code-execution vulnerabilities: - A format-string vulnerability - Two buffer-overflow vulnerabilities. Successfully exploiting these issues allo...
RARLAB WinRar 2.90/3.x UUE/XXE Invalid Filename Error Message Format String
No description provided by source. source: http://www.securityfocus.com/bid/15062/info WinRAR is prone to multiple remote vulnerabilities. These issues include a format string and a buffer overflow vulnerability. Successful exploitation may allow an attacker to execute arbitrary code on a...
rlpr <= 2.04 msg() Remote Format String Exploit
No description provided by source. by jaguar !/usr/bin/python import os, sys, socket, struct, time, telnetlib class rlprd: fd = None pad = 2 00000000 31DB xor ebx,ebx 00000002 F7E3 mul ebx 00000004 B003 mov al,0x3 00000006 80C304 add bl,0x4 00000009 89E1 mov ecx,esp 0000000B 4A dec edx 0000000C C...
Ollydbg <= 1.10 Format String Bug
No description provided by source. // Exploit opens a new cmd.exe.Tested on win2ken+sp4en+ollydbg v1.09d // Open exploit with ollydebug and run the exploit from ollydebugF9 key. // Coded by Ahmet Cihana.k.a. hurby // Thanx to r3db4r0n, Murat Erdo??ana.k.a. Stormwr, Onur Cihana.k.a.eurnie and...
Asterisk PBX 0.7.x Multiple Logging Format String Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10569/info It is reported that Asterisk is susceptible to format string vulnerabilities in its logging functions. An attacker may use these vulnerabilities to corrupt memory, and read or write arbitrary memory. Remote cod...
Easy Address Book Web Server 1.2 - Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19842/info Easy Address Book Web Server is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied data before including it in the format-specifier argument to a...
Unixware 7.0 SCOhelp HTTP Server Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1717/info SCO Unixware 7 default installation includes scohelp, an http server that listens on port 457/tcp and allows access to manual pages and other documentation files. The search CGI script provided for that purpose...
SonicWALL Aventail epi.dll AuthCredential Format String Exploit
No description provided by source. $Id: aventailepiactivex.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
ZABBIX 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/20416/info ZABBIX is prone to multiple unspecified remote code-execution vulnerabilities. Reports indicate that these issues facilitate format-string and buffer-overflow attacks. A remote attacker may leverage these...
QNX 6.2/6.3 - Multiple Local Privilege Escalation and Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16539/info QNX is susceptible to multiple local vulnerabilities. These issues include multiple buffer-overflow vulnerabilities, a format-string vulnerability, an insecure library-path vulnerability, insecure...
Epic Games Unreal Engine 436 - Multiple Format String Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/31141/info Unreal Engine is prone to multiple remote format-string vulnerabilities. Attackers can exploit the issues to execute arbitrary code within the context of a client application that uses the vulnerable engine...
Icecast 1.3.7/1.3.8 print_client() Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2264/info Versions of icecast up to and including 1.3.8 beta2 exhibit a format string vulnerability in the printclientfunction of utility.c. A malicious user can cause the printf function to overwrite memory at possibly...
Magic Winmail Server 2.3 USER POP3 Command Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7667/info A format string vulnerability has been reported for Magic Winmail Server when processing the USER POP3 command. An attacker may exploit this vulnerability by connecting to the vulnerable mail server and issuing...
DropTeam 1.3.3 - Multiple Remote Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/25943/info DropTeam is prone to multiple remote vulnerabilities including multiple format-string issues, a stack-based buffer-overflow issue, multiple heap-based buffer-overflow issues, and an information-disclosure...
GNU Anubis 3.6.x/3.9.x Multiple Format String
No description provided by source. source: http://www.securityfocus.com/bid/9772/info GNU Anubis has been reported prone to multiple buffer overflow and format string vulnerabilities. It has been conjectured that a remote attacker may potentially exploit these vulnerabilities to have arbitrary co...
cfingerd 1.4 Format String Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/2576/info A format string bug in the logging facility of the cfingerd Configurable Finger Daemon allows remote users to attain root privileges and execute arbitrary code. cfingerd queries and logs the remote username of...
Solaris 2.6/7.0 /locale Subsystem Format String
No description provided by source. / source: http://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...
Hylafax 4.1.x HFaxD Unspecified Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9005/info Hylafax hfaxd daemon has been reported prone to an unspecified format string vulnerability that may be exploited under non-standard configurations to execute arbitrary instructions remotely as the root user. /...