SHOUTcast 1.9.4 (Windows) - File Request Format String Remote Overflow

/ Object: PoC for Nullsoft SHOUTcast 1.9.4 File Request Format String Vulnerability From the securityfocus bid at https://www.securityfocus.com/bid/12096 : "This issue was reported to exist in version 1.9.4 on Linux. It is likely that versions for other platforms are also affected by the...

[SECURITY] [DSA 687-1] New bidwatcher packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 687-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 687-1] New bidwatcher packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 687-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2005 http://www.debian.org/security/faq -...

CVE-2005-0158

Bidwatcher is affected by a format-string vulnerability (CVE-2005-0158) in versions before 1.3.17. A remote attacker—via a malicious or spoofed eBay web server—can cause a denial of service and potentially execute arbitrary code by sending certain responses. Multiple connected advisories referenc...

GProFTPD: gprostats format string vulnerability

Background GProFTPD is a GTK+ administration tool for the ProFTPD server. GProFTPD is distributed with gprostats, a utility to parse ProFTPD transfer logs. Description Tavis Ormandy of the Gentoo Linux Security Audit Team has identified a format string vulnerability in the gprostats utility. Impa...

Debian DSA-687-1 : bidwatcher - format string

Ulf Harnhammar from the Debian Security Audit Project discovered a format string vulnerability in bidwatcher, a tool for watching and bidding on eBay auctions. This problem can be triggered remotely by a web server of eBay, or someone pretending to be eBay, sending certain data back. As of versio...

GLSA-200502-26 : GProFTPD: gprostats format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200502-26 GProFTPD: gprostats format string vulnerability Tavis Ormandy of the Gentoo Linux Security Audit Team has identified a format string vulnerability in the gprostats utility. Impact : An attacker could exploit the...

GLSA-200502-24 : Midnight Commander: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200502-24 Midnight Commander: Multiple vulnerabilities Midnight Commander contains several format string vulnerabilities CAN-2004-1004, buffer overflows CAN-2004-1005, a memory deallocation error CAN-2004-1092 and a buffer underfl...

DSA-687-1 bidwatcher - format string

Bulletin has no description...

bidwatcher -- format string vulnerability

A Debian Security Advisory reports: Ulf Härnhammer from the Debian Security Audit Project discovered a format string vulnerability in bidwatcher, a tool for watching and bidding on eBay auctions. This problem can be triggered remotely by a web server of eBay, or someone pretending to be eBay,...

[SECURITY] [DSA 685-1] New emacs21 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 685-1 [email protected] http://www.debian.org/security/ Martin Schulze February 17th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 685-1] New emacs21 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 685-1 [email protected] http://www.debian.org/security/ Martin Schulze February 17th, 2005 http://www.debian.org/security/faq -...

Midnight Commander: Multiple vulnerabilities

Background Midnight Commander is a visual console file manager. Description Midnight Commander contains several format string vulnerabilities CAN-2004-1004, buffer overflows CAN-2004-1005, a memory deallocation error CAN-2004-1092 and a buffer underflow CAN-2004-1176. Impact An attacker could...

typespeed keyboard touch-typist trainer format string bug

Format string bug in setgid games application...

DSA-685-1 emacs21 - format string

Bulletin has no description...

Debian DSA-685-1 : emacs21 - format string

Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor. Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Typespeed 0.4.1 - Local Format String

Typespeed 0.4.1 - Local Format String // source: https://www.securityfocus.com/bid/12569/info typespeed is prone to a local format string vulnerability. Successful could allow privilege escalation. / Proof of Concept local exploit for typespeed tool "enva" content: include include int mainint arg...

Typespeed 0.4.1 - Local Format String

// source: https://www.securityfocus.com/bid/12569/info typespeed is prone to a local format string vulnerability. Successful could allow privilege escalation. / Proof of Concept local exploit for typespeed tool "enva" content: include include int mainint argc, char argv char addrptr = NULL;...

GLSA-200502-20 : Emacs, XEmacs: Format string vulnerabilities in movemail

The remote host is affected by the vulnerability described in GLSA-200502-20 Emacs, XEmacs: Format string vulnerabilities in movemail Max Vozeler discovered that the movemail utility contains several format string errors. Impact : An attacker could set up a malicious POP server and entice a user ...

security flaw

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...