CVE-2000-0993

The CVE-2000-0993 entry describes a format-string vulnerability in the OpenBSD/libutil pw_error(3) function that, when invoked by setuid programs such as chpass, could let a local user gain superuser access. Public details indicate OpenBSD fixed the issue in 2000 within the affected libutil code,...

CVE-2000-1000

Summary: CVE-2000-1000 is a format-string vulnerability in AOL Instant Messenger (AIM) 4.1 and earlier. The issue arises when transferring a file whose name contains format specifiers, which can cause a denial of service and may allow arbitrary command execution. Root cause: format-string handlin...

CVE-2000-1040

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service...

CVE-2000-1010

The CVE is a format-string vulnerability in talkd reported across multiple UNIX-like systems. Affected: IRIX (talkd in /usr/etc/talkd), UnixWare 7.1.1 and Open UNIX 8.0.0 (in.talkd); OpenBSD and possibly other BSDs per the CVE description. Root cause: untrusted user-supplied fields in talkd allow...

CVE-2000-1014

Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter...

CVE-2000-0994

Format string vulnerability in OpenBSD fstat program and possibly other BSD-based operating systems allows local users to gain root privileges via the PWD environmental variable...

CVE-2000-0969

Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon...

CVE-2000-1043

Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog function...

CVE-2000-0947

The CVE-2000-0947 issue is a format-string vulnerability in CFEngine’s cfd (CFEngine daemon) that can be triggered via the CAUTH command, allowing an attacker to cause the vulnerable host to run arbitrary commands. OpenVAS/Nessus entries describe that the flaw arises in cfd’s syslog handling and ...

CVE-2000-1004

CVE-2000-1004 documents a format string vulnerability in OpenBSD photurisd. The issue allows local users to execute arbitrary commands via a configuration-file directory name that contains formatting characters. Affected component: photurisd in OpenBSD (specific version details not provided in th...

CVE-2000-1040

CVE-2000-1040 concerns a format string vulnerability in the logging function of ypbind 3.3 when run in debug mode. The flaw can leak file descriptors and allow a denial of service. Some sources (Mandrake MDKSA-2000:064) also mention a related buffer overflow in ypserv if the build system lacks vs...

CVE-2000-1004

Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters...

CVE-2000-0917

Format string vulnerability in usesyslog function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands...

CVE-2000-0996

CVE-2000-0996: A format-string vulnerability in the OpenBSD su utility (and possibly other BSD-based OSes) allows a local attacker to gain root privileges via a malformed shell. The issue is described in the NVD entry with a CVSS v2 base score of 7.2 (HIGH) and LOCAL, LOW–complexity conditions, e...

CVE-2000-0995

CVE-2000-0995 describes a format-string vulnerability in the OpenBSD yp_passwd utility (and possibly other BSD-based OSes) that can allow an attacker to gain root privileges via a malformed name. The initial description states the vulnerability and impact; a patch is referenced (028_format_string...

CVE-2000-1010

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters...

CVE-2000-1043

CVE-2000-1043 describes a format-string vulnerability in the ypserv component (and related ypbind behavior) affecting Mandrake Linux 7.1 and earlier, with potential impact on other Linux systems. The underlying issue is a format-string bug that can allow an attacker to gain root privileges when y...

CVE-2000-1044

CVE-2000-1044 concerns a format-string vulnerability in ypbind-mt on SuSE Linux (notably SuSE-6.2) that could allow an attacker to gain root privileges. The vulnerability arises in the handling of format strings in the affected component; no exploitation details are provided in the available docu...

CVE-2000-1000

Format string vulnerability in AOL Instant Messenger AIM 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters...

CVE-2000-1014

The CVE-2000-1014 entry concerns a format string vulnerability in the search97.cgi CGI script of the SCO help HTTP server for Unixware 7 . The flaw allows remote attackers to execute arbitrary commands through format string characters supplied in the queryText parameter, enabling potential remote...