openSUSE Security Update : perl-DBD-Pg (openSUSE-SU-2012:0422-1)

perl-DBD-Pg was prone to format string errors which could crash applications %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-180. The text description of this plugin is C SUSE LL...

openSUSE Security Update : iscsitarget (openSUSE-SU-2010:0604-1)

This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...

openSUSE Security Update : tgt (openSUSE-SU-2010:0608-1)

This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...

openSUSE Security Update : libthunarx-2-0 (openSUSE-SU-2011:0518-1)

Due to a format string error thunar could crash when copy&pasting a file name with format characters CVE-2011-1588. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libthunarx-2-0-4590. The tex...

openSUSE Security Update : pidgin-otr (openSUSE-SU-2012:0717-1)

pidgin-otr was prone to a format string flaw in logmessagecb %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-314. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : perl-YAML-LibYAML (openSUSE-SU-2012:1000-1)

This update of perl-YAML-LibYAML fixed multiple format string flaws that could cause a crash or potentially allow the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...

openSUSE Security Update : sudo (openSUSE-2012-73)

sudo was prone to a format string vulnerability %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-73. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : kernel (openSUSE-SU-2013:1971-1)

The Linux Kernel was updated to fix various security issues and bugs. - sctp: Use correct sideffect command in duplicate cookie handling bnc826102, CVE-2013-2206. - Drivers: hv: util: Fix a bug in util version negotiation code bnc838346. - vmxnet3: prevent div-by-zero panic when ring resizing...

CVE-2013-7386

Format string vulnerability in the PROJECT::writeaccountfile function in client/csaccount.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the guiurls item in an account file...

DEBIAN-CVE-2013-7386

Format string vulnerability in the PROJECT::writeaccountfile function in client/csaccount.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the guiurls item in an account file...

CVE-2013-7386

Format string vulnerability in the PROJECT::writeaccountfile function in client/csaccount.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the guiurls item in an account file...

CVE-2013-7386

Format string vulnerability in the PROJECT::writeaccountfile function in client/csaccount.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the guiurls item in an account file...

Format string

Format string vulnerability in the PROJECT::writeaccountfile function in client/csaccount.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the guiurls item in an account file...

CVE-2013-7386

The CVE-2013-7386 entry concerns BOINC’s PROJECT::write_account_file in client/cs_account.cpp. A format-string vulnerability in the gui_urls item of an account file could allow a remote attacker to crash the service or potentially execute arbitrary code. Affected software is BOINC client (around ...

CVE-2013-7386

Format string vulnerability in the PROJECT::writeaccountfile function in client/csaccount.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the guiurls item in an account file...

CVE-2013-7386

Format string vulnerability in the PROJECT::writeaccountfile function in client/csaccount.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the guiurls item in an account file...

GLSA-201405-12 : Ettercap: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201405-12 Ettercap: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Ettercap: Ettercap does not handle temporary files securely CVE-2010-3843. A format string flaw in Ettercap could cause a buffer overflo...

GLSA-201405-19 : MCrypt: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201405-19 MCrypt: User-assisted execution of arbitrary code Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple form...

MCrypt: User-assisted execution of arbitrary code

Background MCrypt is a replacement of the old unix crypt1 utility. Description Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple format string errors CVE-2012-4426. MCrypt does not...

CVE-2014-1315

Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a URL...