Lucene search
K

8517 matches found

Exploit DB
Exploit DB
added 2007/02/18 12:0 a.m.35 views

Axigen eMail Server 2.0.0b2 - 'pop3' Remote Format String

/ axiagen.c Axigen eMail Server v2.0 beta by fuGich Tue Dec 5 2006 thanks to mu-b - Tested on: Axigen V2 beta logType for the pop3 service must be "system" and the logLevel set to any number with 4th bit set remote shell format string vulnerability in pop3 /bin/sh to bind to port 31337 optimised...

7AI score
Exploits0
CERT
CERT
added 2007/02/16 12:0 a.m.41 views

Apple iChat AIM URI handler format string vulnerability

Overview Apple iChat contains a format string vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitary code. Description The Apple iChat AIM URI handler fails to properly sanitize user-controlled data that is supplied to a formatted output function. This...

7.5CVSS6.6AI score0.22974EPSS
Exploits1References5
Prion
Prion
added 2007/02/13 11:28 p.m.20 views

Format string

Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to 1 all of the print functions on 64-bit systems, and 2 the odbcresultall function...

7.5CVSS7.5AI score0.03252EPSS
Exploits0References40Affected Software2
UbuntuCve
UbuntuCve
added 2007/02/13 11:28 p.m.28 views

CVE-2007-0909

Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to 1 all of the print functions on 64-bit systems, and 2 the odbcresultall function...

7.5CVSS6.3AI score0.03252EPSS
Exploits0References2
NVD
NVD
added 2007/02/13 11:28 p.m.17 views

CVE-2007-0909

Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to 1 all of the print functions on 64-bit systems, and 2 the odbcresultall function...

7.5CVSS7.5AI score0.03252EPSS
Exploits0References40
CVE
CVE
added 2007/02/13 11:0 p.m.115 views

CVE-2007-0909

PHP 5.2.1 and earlier versions are affected by CVE-2007-0909 due to format string vulnerabilities in 64‑bit print functions and odbc_result_all, enabling arbitrary code execution. OpenVAS/Nessus references confirm this is fixed in later PHP releases by backported patches (PHP 5.2.1+). Affected co...

7.5CVSS7.9AI score0.03252EPSS
Exploits0References40Affected Software1
Gentoo Linux
Gentoo Linux
added 2007/02/13 12:0 a.m.33 views

Samba: Multiple vulnerabilities

Background Samba is a suite of SMB and CIFS client/server programs for UNIX. Description A format string vulnerability exists in the VFS module when handling AFS file systems and an infinite loop has been discovered when handling file rename operations. Impact A user with permission to write to a...

7.5CVSS7.2AI score0.06412EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2007/02/09 12:0 a.m.43 views

AXIGEN Mail Server < 2.0.0 Multiple Remote Vulnerabilities

The remote host is running AXIGEN Mail Server, a messaging system for Linux and BSD. The POP3 server component of AXIGEN Mail Server contains a format string vulnerability because it calls syslog when logtypeis set to 'system'. In addition, the IMAP server component is affected by two denial of...

10CVSS6AI score0.10113EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/02/09 12:0 a.m.17 views

GLSA-200701-24 : VLC media player: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200701-24 VLC media player: Format string vulnerability Kevin Finisterre has discovered that when handling media locations, various functions throughout VLC media player make improper use of format strings. Impact : An attacker...

6.8CVSS6AI score0.11975EPSS
Exploits3References2
FreeBSD
FreeBSD
added 2007/02/09 12:0 a.m.39 views

php -- multiple vulnerabilities

Multiple vulnerabilities have been found in PHP, including: buffer overflows, stack overflows, format string, and information disclosure vulnerabilities. The session extension contained safemode and openbasedir bypasses, but the FreeBSD Security Officer does not consider these real security...

10CVSS6.7AI score0.11752EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/02/09 12:0 a.m.33 views

Debian DSA-1252-1 : vlc - format string

Kevin Finisterre discovered several format string problems in vlc, a multimedia player and streamer, that could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

6.8CVSS5.5AI score0.11975EPSS
Exploits3References3
seebug.org
seebug.org
added 2007/02/07 12:0 a.m.68 views

Samba服务器VFS插件afsacl.so远程格式串处理漏洞

Samba是一套实现SMB(Server Messages Block)协议、跨平台进行文件共享和打印共享服务的程序。 Samba的VFS插件afsacl.so库在处理文件名时存在格式串漏洞,攻击者可能利用此漏洞诱使用户处理恶意的VFS分区控制服务器。 Samba在调用snprintf时将磁盘上所储存的文件名用作了格式串,如果用户能够写入的共享使用Samba的afsacl.so库对AFS文件系统上的文件设置Windows NT访问控制列表的话,就可能通过文件名中的格式串标识符导致执行任意代码。 这个漏洞仅影响与CIFS共享了AFS文件系统并在smb.conf中明确要求加载afsacl.s...

7.5CVSS0.1AI score0.06412EPSS
Exploits1
CERT
CERT
added 2007/02/07 12:0 a.m.31 views

Samba AFS ACL mapping VFS plug-in format string vulnerability

Overview Samba AFS ACL mapping VFS plug-in contains a format string vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Samba AFS ACL mapping VFS plug-in fails to properly sanitize user-controlled file names that are used in ...

7.5CVSS6.8AI score0.06412EPSS
Exploits1References9
Ubuntu
Ubuntu
added 2007/02/06 7:12 p.m.81 views

USN-419-1: Samba vulnerabilities

A flaw was discovered in Samba's file opening code, which in certain situations could lead to an endless loop, resulting in a denial of service. CVE-2007-0452 A format string overflow was discovered in Samba's ACL handling on AFS shares. Remote users with access to an AFS share could create craft...

7.5CVSS8.6AI score0.06412EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2007/02/06 2:28 a.m.27 views

CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

7.5CVSS6AI score0.06412EPSS
Exploits1References2
OSV
OSV
added 2007/02/06 2:28 a.m.4 views

CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

7.5CVSS7.2AI score0.06412EPSS
Exploits1References24
NVD
NVD
added 2007/02/06 2:28 a.m.23 views

CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

7.5CVSS7.2AI score0.06412EPSS
Exploits1References24
Prion
Prion
added 2007/02/06 2:28 a.m.21 views

Format string

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

7.5CVSS7.4AI score0.06412EPSS
Exploits1References24Affected Software4
OSV
OSV
added 2007/02/06 2:28 a.m.1 views

DEBIAN-CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

7.5CVSS7.9AI score0.06412EPSS
Exploits1References1
Cvelist
Cvelist
added 2007/02/06 2:0 a.m.40 views

CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

7AI score0.06412EPSS
Exploits1References24
Rows per page
Query Builder