CVE-2008-0097

Format string vulnerability in the log function in Georgia SoftWorks SSH2 Server GSWSSHD 7.01.0003 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username field, as demonstrated by a certain LoginPassword message...

CVE-2008-0101

Format string vulnerability in the swDebugf function in DuneApp.cpp in WhiteDune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a .WRL file...

Georgia SoftWorks SSH2 Server多个远程代码执行漏洞

BUGTRAQ ID: 27103 GSW SSH2 Server是使用在Windows平台下的SSH2/Telnet服务程序。 GSW SSH2 Server在处理畸形用户数据时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制客户端。 ------------------------------------ A 日志函数格式串和缓冲区溢出 ------------------------------------ GSW...

CVE-2007-6625

The Platform Service Process asampsp in Fan-Out Driver Platform Services for Novell Identity Manager IDM 3.5.1 allows remote attackers to cause a denial of service daemon crash via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as...

White_Dune本地缓冲区溢出及格式串处理漏洞

BUGTRAQ ID: 27102 WhiteDune是VRML97文件的开源编辑器和查看器。 WhiteDune的实现上存在多个安全漏洞，远程攻击者可能利用此漏洞控制用户系统。 ----------------------------------- A Scene::errorf缓冲区溢出 ----------------------------------- 用于创建解析WRL文件中所出现问题的错误消息的函数中存在缓冲区溢出漏洞。以下是Scene.cpp文件中的漏洞代码： void Scene::errorfconst char fmt, ... valist ap; char...

Debian DSA-1444-2 : php5 - several vulnerabilities

It was discovered that the patch for CVE-2007-4659 could lead to regressions in some scenarios. The fix has been reverted for now, a revised update will be provided in a future PHP DSA. For reference the original advisory below : Several remote vulnerabilities have been discovered in PHP, a...

Buffer-overflow and format string in White_Dune 0.29beta791

Luigi Auriemma Application: WhiteDune http://vrml.cip.ica.uni-stuttgart.de/dune/ Versions: = 0.29beta791 Platforms: Unix/Linux/MacOSX and Windows Bugs: A buffer-overflow in Scene::errorf B format string in ImportFile Exploitation: local Date: 02 Jan 2008 Author: Luigi Auriemma e-mail:...

Georgia SoftWorks SSH server multiple security vulnerabilities

Format string vulnerabilities and buffer overflows...

White_Dune VRML editor multiple security vulnerabilities

Buffer overflow and format string vulnerability on WRL files parsing...

DSA-1444-1 php5 several issues

Bulletin has no description...

White_Dune 0.29beta791 - Multiple Local Code Execution Vulnerabilities

WhiteDune 0.29beta791 - Multiple Local Code Execution Vulnerabilities source: https://www.securityfocus.com/bid/27102/info WhiteDune is affected by a format-string vulnerability and a buffer-overflow vulnerability. Exploiting these issues can allow local attackers to execute arbitrary code in the...

White_Dune 0.29beta791 - Multiple Local Code Execution Vulnerabilities

source: https://www.securityfocus.com/bid/27102/info WhiteDune is affected by a format-string vulnerability and a buffer-overflow vulnerability. Exploiting these issues can allow local attackers to execute arbitrary code in the context of the application. Versions prior to WhiteDune 0.29beta795 a...

GLSA-200712-18 : Multi-Threaded DAAP Daemon: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200712-18 Multi-Threaded DAAP Daemon: Multiple vulnerabilities nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The wsaddarg function contains a format string vulnerability, as it does not...

Buffer-overflow and format string in VideoLAN VLC 0.8.6d

Luigi Auriemma Application: VideoLAN VLC http://www.videolan.org Versions: = 0.8.6d Platforms: Windows, Mac, BSD, nix and more Bugs: A buffer-overflow in the handling of the subtitles originally found by Michal Luczaj B format string in the web interface Exploitation: A local B remote Date: 24 De...

VideoLAN VLC媒体播放器远程溢出及格式串处理漏洞

BUGTRAQ ID: 27015 VLC Media Player是一款免费的媒体播放器。 VLC Media Player处理用户请求数据时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞通过诱使用户处理恶意数据控制用户系统。 --------------------------------------------------- A 字幕处理缓冲区溢出 ---------------------------------------------------...

DTSA-102-1 ruby-gnome2 - format string vulnerability

Bulletin has no description...

Format string

Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler...

Berlios GPSD Format String Vulnerability

This module exploits a format string vulnerability in the Berlios GPSD server. This vulnerability was discovered by Kevin Finisterre. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Berlios GPS...

Stack overflow

Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service SfCtlCom.exe crash, and allows local users to gain privileges, via...

CVE-2007-6386

Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service SfCtlCom.exe crash, and allows local users to gain privileges, via...