Lucene search
K

8517 matches found

Cvelist
Cvelist
added 2006/12/27 11:0 p.m.29 views

CVE-2006-6772

Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...

7.3AI score0.04665EPSS
Exploits0References22
CVE
CVE
added 2006/12/27 11:0 p.m.67 views

CVE-2006-6772

CVE-2006-6772 is a format-string vulnerability in w3m’s inputAnswer function (file.c) that affects modes -dump/-backend; an attacker could craft a certificate CN in an HTTPS URL to execute arbitrary code. The issue is fixed in later w3m builds (e.g., w3m-0.5.3+git20180125-1.14 and related openSUS...

9.3CVSS7.3AI score0.04665EPSS
Exploits0References22Affected Software1
Debian CVE
Debian CVE
added 2006/12/27 11:0 p.m.19 views

CVE-2006-6772

Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name CN field of an SSL certificate associated with an https URL...

9.3CVSS7.4AI score0.04665EPSS
Exploits0
Debian
Debian
added 2006/12/27 10:33 p.m.36 views

[SECURITY] [DSA 1242-1] New elog packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1242-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 27th, 2006 http://www.debian.org/security/faq -...

7.5CVSS6.6AI score0.03177EPSS
Exploits1
NVD
NVD
added 2006/12/27 12:28 a.m.17 views

CVE-2006-6751

Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause a denial of service application crash via format string specifiers in the USER command or certain other available or nonexistent commands. NOTE: It was later reported that 5.3.0 is also vulnerable...

5CVSS6.8AI score0.03237EPSS
Exploits1References6
Cvelist
Cvelist
added 2006/12/27 12:0 a.m.19 views

CVE-2006-6751

Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause a denial of service application crash via format string specifiers in the USER command or certain other available or nonexistent commands. NOTE: It was later reported that 5.3.0 is also vulnerable...

6.8AI score0.03237EPSS
Exploits1References6
CVE
CVE
added 2006/12/27 12:0 a.m.41 views

CVE-2006-6751

CVE-2006-6751 : Format-string vulnerability in XM Easy Personal FTP Server (versions 5.2.1 and 5.3.0) allows remote attackers to trigger a crash via format specifiers in the USER command or other commands, causing a denial of service and partial availability impact. No remediation details are pro...

5CVSS7.1AI score0.03237EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2006/12/27 12:0 a.m.26 views

DSA-1242-1 elog

Bulletin has no description...

7.5CVSS6AI score0.03177EPSS
Exploits1
CVE
CVE
added 2006/12/27 12:0 a.m.43 views

CVE-2006-6750

XM Easy Personal FTP Server is affected by a format string vulnerability in the PORT handling which can cause a denial of service (crash). The issue is documented for version 5.0.1, with related notes mentioning 5.3.0 in consolidated records. Root cause is improper handling of format specifiers i...

5CVSS6.6AI score0.02057EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2006/12/26 12:0 a.m.42 views

[SA23492] w3m Certificate Handling Format String Vulnerability

TITLE: w3m Certificate Handling Format String Vulnerability SECUNIA ADVISORY ID: SA23492 VERIFY ADVISORY: http://secunia.com/advisories/23492/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: w3m 0.x http://secunia.com/product/12960/ DESCRIPTION: A vulnerability has be...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/26 12:0 a.m.41 views

w3m browser format string vulnerability

Format string culnerability on certificate CN field...

2.6AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2006/12/26 12:0 a.m.22 views

W3M SSL证书格式串处理漏洞

w3m是一款开放源码的文字式网页浏览器。 w3m在处理畸形格式的SSL证书里存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 如果HTTPS URL的SSL证书中CN包含有“%n%n%n%n%n%n”字符的话,则w3m在以-dump或-backend选项打开上述URL时就会导致崩溃。 W3M W3M 0.5.1 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://w3m.sourceforge.net/...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/23 12:0 a.m.50 views

XM Ease Personal FTP Server format string vulnerability

Format string vulnerability in FTP command...

7.5CVSS2.6AI score0.04983EPSS
Exploits2Affected Software1
seebug.org
seebug.org
added 2006/12/23 12:0 a.m.22 views

XM Easy Personal FTP Server 5.2.1 (USER) Format String DoS Exploit

No description provided by source. import sys,os,string import socket import time print "-----------------------------------------------------------------------" print " XM Easy Personal FTP Server 5.2.1 format string Denial of Service" print " url: http://www.dxm2008.com/" print " author: shinna...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/12/22 12:0 a.m.13 views

XM Easy Personal FTP Server 5.2.1 - USER Format String Denial of Service

XM Easy Personal FTP Server 5.2.1 - USER Format String Denial of Service import sys,os,string import socket import time print "-----------------------------------------------------------------------" print " XM Easy Personal FTP Server 5.2.1 format string Denial of Service" print " url:...

0.1AI score
Exploits0
0day.today
0day.today
added 2006/12/22 12:0 a.m.18 views

XM Easy Personal FTP Server 5.2.1 (USER) Format String DoS Exploit

Exploit for unknown platform in category dos / poc ================================================================== XM Easy Personal FTP Server 5.2.1 USER Format String DoS Exploit ================================================================== import sys,os,string import socket import time...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/12/22 12:0 a.m.39 views

XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service

import sys,os,string import socket import time print "-----------------------------------------------------------------------" print " XM Easy Personal FTP Server 5.2.1 format string Denial of Service" print " url: http://www.dxm2008.com/" print " author: shinnai" print " mail:...

7.4AI score
Exploits0
OSV
OSV
added 2006/12/21 9:28 p.m.8 views

CVE-2006-6692

Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using 1 zabbixlog or 2 zabbixsyslog...

8AI score
Exploits0References5
NVD
NVD
added 2006/12/21 9:28 p.m.20 views

CVE-2006-6692

Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using 1 zabbixlog or 2 zabbixsyslog...

7.5CVSS7.8AI score0.07792EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2006/12/21 9:28 p.m.29 views

CVE-2006-6692

Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using 1 zabbixlog or 2 zabbixsyslog...

7.5CVSS6.2AI score0.07792EPSS
Exploits1References1
Rows per page
Query Builder