CVE-2010-0393

CVE-2010-0393 affects CUPS: the cupsGetlang function in lppasswd historically uses an environment variable to select the localization file, allowing local privilege escalation via crafted localization data with format string specifiers in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1. The vulnerability’s r...

Debian DSA-2007-1 : cups - format string vulnerability

Ronald Volgers discovered that the lppasswd component of the cups suite, the Common UNIX Printing System, is vulnerable to format string attacks due to insecure use of the LOCALEDIR environment variable. An attacker can abuse this behaviour to execute arbitrary code via crafted localization files...

Ubuntu Update for cups, cupsys vulnerabilities USN-906-1

Ubuntu Update for Linux kernel vulnerabilities USN-906-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9061.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for cups, cupsys vulnerabilities USN-906-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

[SECURITY] [DSA 2007-1] New cups packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2007-1 [email protected] http://www.debian.org/security/ Nico Golde March 3rd, 2010 http://www.debian.org/security/faq -...

cups lppasswd format string vulnerability

Format string vulnerability via LOCALEDIR environment variable...

DSA-2007-1 cups - arbitrary code execution

Bulletin has no description...

GLSA-201001-06 : aria2: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201001-06 aria2: Multiple vulnerabilities Tatsuhiro Tsujikawa reported a buffer overflow in DHTRoutingTableDeserializer.cc CVE-2009-3575 and a format string vulnerability in the AbstractCommand::onAbort function in...

Debian DSA-1877-1 : mysql-dfsg-5.0 - denial of service/execution of arbitrary code

In MySQL 4.0.0 through 5.0.83, multiple format string vulnerabilities in the dispatchcommand function in libmysqld/sqlparse.cc in mysqld allow remote authenticated users to cause a denial of service daemon crash and potentially the execution of arbitrary code via format string specifiers in a...

Debian DSA-1979-1 : lintian - multiple vulnerabilities

Multiple vulnerabilities have been discovered in lintian, a Debian package checker. The following Common Vulnerabilities and Exposures project ids have been assigned to identify them : - CVE-2009-4013: missing control files sanitation Control field names and values were not sanitised before using...

Debian DSA-1879-1 : silc-client/silc-toolkit - several vulnerabilities

Several vulnerabilities have been discovered in the software suite for the SILC protocol, a network protocol designed to provide end-to-end security for conferencing services. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-7159 An incorrect format...

McAfee WebShield SMTP Bounce Message Format String (CVE-2006-0559)

McAfee WebShield SMTP is an application designed to scan incoming SMTP messages for viruses before forwarding them to their destinations. Since WebShield may be set up to work independently of any real SMTP servers, it can act as a partially-featured SMTP server on its own, with respect to...

CentOS Update for mysql CESA-2010:0110 centos4 i386

Check for the Version of mysql OpenVAS Vulnerability Test CentOS Update for mysql CESA-2010:0110 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

RedHat Update for mysql RHSA-2010:0110-01

Check for the Version of mysql OpenVAS Vulnerability Test RedHat Update for mysql RHSA-2010:0110-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

CentOS 4 : mysql (CESA-2010:0110)

Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server...

mysql security update

CentOS Errata and Security Advisory CESA-2010:0110 Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded S...

LPRng use_syslog Remote Format String Vulnerability

This module exploits a format string vulnerability in the LPRng print server. This vulnerability was discovered by Chris Evans. There was a publicly circulating worm targeting this vulnerability, which prompted RedHat to pull their 7.0 release. They consequently re-released it as "7.0-respin". Th...

RHEL 4 : mysql (RHSA-2010:0110)

Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server...

LPRng use_syslog Remote Format String Vulnerability

$Id: lprngformatstring.rb 8530 2010-02-17 00:56:28Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MySQL: Format string vulnerability by manipulation with database instances (crash)

Multiple format string vulnerabilities in the dispatchcommand function in libmysqld/sqlparse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in a database...

Moderate: Red Hat Security Advisory: mysql security update

Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server...