Format string

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name...

CVE-2011-0270

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name...

CVE-2011-0270

The CVE-2011-0270 issue affects HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53. A format-string vulnerability in the CGI program nnmRptConfig.exe when processing an HTTP request with a crafted Template name allows remote code execution. Affected platforms include HP-UX, Linux, Solaris, a...

CVE-2010-4013

CVE-2010-4013 covers a format-string vulnerability in Apple Mac OS X 10.6.x before 10.6.6, when PackageKit processes distribution scripts during Software Update. The root cause is a format-string error in PackageKit, allowing an attacker to cause an arbitrary code execution or a denial of service...

pecl-phar -- format string vulnerability

Entry for CVE-2010-2094 says: Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the 1...

PHP 5.3 < 5.3.4 Multiple Vulnerabilities

According to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.4. Such versions may be affected by several security issues : - A crash in the zip extract method. - A stack-based buffer overflow in impagepstext of the GD extension. - An unspecified vulnerability...

PHP 5.3.x < 5.3.4 Multiple Vulnerabilities

Binary data 5732.prm...

PHP 5.3 < 5.3.4 Multiple Vulnerabilities

Binary data 801074.prm...

SuSE 11 Security Update : iSCSI (SAT Patch Number 2878)

This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...

SuSE 11 / 11.1 Security Update : tgt (SAT Patch Numbers 2958 / 2959)

This update of tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability CWE-134...

WU-FTPD - Site EXEC/INDEX Format String (Metasploit)

$Id: wuftpdsiteexecformat.rb 11166 2010-11-30 00:16:53Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

VERITAS NetBackup Java Authentication Service Format String (CVE-2005-2715)

The Symantec VERITAS NetBackup Server product suite is an enterprise backup system solution available for various platforms. It is capable of performing scheduled automatic backups as well as manual backups invoked by a client. A minimal backup environment consists of backup clients and a master...

SuSE 10 Security Update : iscsitarget (ZYPP Patch Number 7109)

This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...

CVE-2010-3757

Format string vulnerability in the Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager TSM FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via format string specifiers located after a | pipe character i...

Format string

Format string vulnerability in the Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager TSM FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via format string specifiers located after a | pipe character i...

CVE-2010-3757

Format string vulnerability in the Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager TSM FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via format string specifiers located after a | pipe character i...

CVE-2010-3757

CVE-2010-3757 describes a format-string vulnerability in the _Eventlog function of FastBackServer.exe (Server) affecting IBM Tivoli Storage Manager (TSM) FastBack v5.5.0.0–5.5.6.0 and v6.1.0.0–6.1.0.1. The flaw allows remote attackers to execute arbitrary code via format string specifiers appeari...

ZDI-10-185: IBM TSM FastBack Server _Eventlog Format String Remote Code Execution Vulnerability

ZDI-10-185: IBM TSM FastBack Server Eventlog Format String Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-185 September 29, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM -- Affected Products: IBM Tivoli Storage Manager --...

PHP 5.3.x < 5.3.4 Multiple Vulnerabilities

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

IBM TSM FastBack Server _Eventlog Format String Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Fastback. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FastBack server process FastBackServer.exe which listens by...