8496 matches found
numerous format string attacks in Nap ( Napster for linux )
hi to everyone here, nap ver 1.4.4 is a little and good term based napster client for linux tested on my linux 2.2.17 and others nix like. to simplify the pb just consider two parts, one for outgoing tasks, the other for incomings ones. there are plenty of possible string format attacks and even...
Security Advisory: FreeBSD-SA-00:62.top
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:62 Security Advisory FreeBSD, Inc. Topic: top allows reading of kernel memory Category: core Module: top Announced: 2000-11-01 Credits: [email protected] via OpenBSD...
FreeBSD 3.54.x - usrbintop Format String
FreeBSD 3.54.x - usrbintop Format String / source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is install...
FreeBSD-SA-00:62.top
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:62 Security Advisory FreeBSD, Inc. Topic: top allows reading of kernel memory REISSUED Category: core Module: top Announced: 2000-11-01 Reissued: 2000-11-06 Credits:...
FreeBSD 3.5/4.x - '/usr/bin/top' Format String
/ source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is installed setgid kmem so that it may read proces...
Security Advisory: FreeBSD-SA-00:58.chpass
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:58 Security Advisory FreeBSD, Inc. Topic: chpass family contains local root vulnerability Category: core Module: chfn/chpass/chsh/ypchfn/ypchpass/ypchsh/passwd Announced:...
Серьезная дырка воо всех утилитах семейства chpass
Утилиты chfn/chpass/chsh/ypchfn/ypchpass/ypchsh/passwd содержат уязвимость форматной строки...
rpc.statd vulnerable to remote root compromise via format string stack overwrite
Overview The CERT/CC has begun receiving reports of an input validation vulnerability in the rpc.statd program being exploited. This program is included, and often installed by default, in several popular Linux distributions. Please see the vendors section of this document for specific informatio...
hl-advisory.asc
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TAMANDUA SEKURE LABS http://tamandua.sekure.org Sao Paulo / Porto Alegre - Brazil Issue: Multiples vulnerabilities in Half-life Dedicated Server for Linux Advisory : sekure-2000-01 Version: 3.1.3.x Patch Availability: Soon Severity: High - Remote acce...
Solsoft NSM Format Strings RCE
The Solsoft NSM application running on the remote host is affected by multiple flaws in ulm logging related to format string processing. An unauthenticated, remote attacker can exploit these to execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; if description...
Дырка в FWTK (x-gw format bug)
Ошибка форматной строки может привести к выполнению кода...
Security Advisory 2000-015
-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-015 ================================= Topic: format-string bugs in passwd/libutil Version: all releases up to and including 1.4.2 Severity: local root compromise possible Fixed: 2000/10/03 in -current and netbsd-1-5 branches...
Дырка в libutil (passwd format-string bugs)
Ошибка форматной строки в функции pwerror...
Tamandua Sekure Labs Security Advisory 2000-01
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TAMANDUA SEKURE LABS http://tamandua.sekure.org Sao Paulo / Porto Alegre - Brazil Issue: Multiple vulnerabilities in Half-life Dedicated Server for Linux Advisory : sekure-2000-01 Version: 3.1.3.x Patch Availability: Soon Severity: High - Remote acces...
David Bagley xlock 4.16 - User Supplied Format String (2)
// source: https://www.securityfocus.com/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley. It is believed to affect all versions of xlock derived from xlockmore. This includes the xlock shipped with a number of popular operating systems...
CVE-2000-0763
xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option...
CVE-2000-0733
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPTENVIRON request...
CVE-2000-0741
Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension...
ntop 1.x - i Local Format String
source: https://www.securityfocus.com/bid/1840/info ntop network top is a unix program used for displaying network usage statistics. It is often installed setuid root because it uses privileged ports. ntop is vulnerable to a format string vulnerability that can compromise root access locally. If...
ntop 1.x - i Local Format String
ntop 1.x - i Local Format String source: https://www.securityfocus.com/bid/1840/info ntop network top is a unix program used for displaying network usage statistics. It is often installed setuid root because it uses privileged ports. ntop is vulnerable to a format string vulnerability that can...