8515 matches found
CVE-2009-0601
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service application crash via format string specifiers in the HOME environment variable...
CVE-2009-0601
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service application crash via format string specifiers in the HOME environment variable...
Format string
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service application crash via format string specifiers in the HOME environment variable...
CVE-2009-0601
Wireshark vulnerability CVE-2009-0601 affects non‑Windows builds of Wireshark 0.99.8–1.0.5, where a format string specifier in HOME can crash the application (local denial of service). Affected products/versions are supported by multiple advisories (e.g., GLSA 200906-05, MDVSA-2009:058). Remediat...
CVE-2009-0601
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service application crash via format string specifiers in the HOME environment variable...
CVE-2009-0601
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service application crash via format string specifiers in the HOME environment variable...
PT-2009-3242 · Wireshark · Wireshark
Name of the Vulnerable Software and Affected Versions: Wireshark versions 0.99.8 through 1.0.5 Description: The issue allows local users to cause a denial of service, resulting in an application crash, by utilizing format string specifiers in the HOME environment variable. This is a format string...
Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
Hello, Just found out a problem with proftpd's sql authentication. The problem is easily reproducible if you login with username like: USER ' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- and a password of "1" without quotes. which leads to a successful login. Different account...
Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
Maybe this is related to http://bugs.proftpd.org/showbug.cgi?id=3173 ? That bug only applies to 1.3.1, so 1.3.0 is not affected. 1.3.2 is supposed to fix this bug. Sergio Aguayo ----- Original Message ----- From: [email protected] To: [email protected] Sent: Tuesday, February 10, 2009...
ProFTP With MySQL Authentication Bypass
Hello, Just found out a problem with proftpd's sql authentication. The problem is easily reproducible if you login with username like: USER %' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- and a password of "1" without quotes. which leads to a successful login. Different account...
Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC)
!/usr/bin/perl -w Hex Workshop v6 "ColorMap files .cmap" Invalid Memory Reference Crash POC Discovred by : DATASNIPER for more information vist my blog:http://datasniper.arab4services.net/ the Exploit it's very hard to implemented,if we can make the "reference" point to valid memory location...
SuSE Update for qt3 SUSE-SA:2007:048
Check for the Version of qt3 OpenVAS Vulnerability Test $Id: gbsuse2007048.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for qt3 SUSE-SA:2007:048 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you c...
SuSE Update for xine-ui,xine-lib,xine-extra,xine-devel SUSE-SA:2007:013
Check for the Version of xine-ui,xine-lib,xine-extra,xine-devel OpenVAS Vulnerability Test $Id: gbsuse2007013.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for xine-ui,xine-lib,xine-extra,xine-devel SUSE-SA:2007:013 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networ...
SuSE Update for php4,php5 SUSE-SA:2007:020
Check for the Version of php4,php5 OpenVAS Vulnerability Test $Id: gbsuse2007020.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for php4,php5 SUSE-SA:2007:020 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
Format string
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message...
CVE-2008-5982
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message...
CVE-2008-5982
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message...
CVE-2008-5982
Affects: BMC PATROL Agent prior to 3.7.30. Vulnerability type: format string handling in logging. Root cause: format string specifiers in an invalid version number are not properly handled when writing log messages, enabling remote code execution. Attack surface: remote attacker to TCP port 3181 ...
Oracle TimesTen Remote Format String
Oracle TimesTen Remote Format String ==================================== Product Description =================== Oracle TimesTen provides a family of real-time infrastructure software products designed for low latency, high-volume data, event and transaction management. Summary ======= The Oracl...
ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability
ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-004 January 14, 2009 -- Affected Vendors: Oracle -- Affected Products: Oracle TimesTen -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have been protecte...