CVE-2005-0012

Format string vulnerability in the aInterfacemsg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page...

CVE-2004-0561

Format string vulnerability in the log routine for gopher daemon gopherd 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code...

CVE-2005-0012

CVE-2005-0012 affects Dillo before 0.8.3-r4, where a format string vulnerability in the a_Interface_msg() function can allow remote code execution via crafted web pages. The issue is documented across multiple feeds (NVD entry and OpenVAS/Gentoo GLSA references) with a base CVSS v2 score of 7.5 (...

CVE-2004-1373

CVE-2004-1373 describes a format-string vulnerability in SHOUTcast 1.9.4 where a specially crafted filename in a URL can cause a crash or remote code execution. Multiple public sources (Metasploit module, Exploit-DB, and vendor/OpenVAS advisories) corroborate remote code execution and denial of s...

[SECURITY] [DSA 639-1] New mc packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 639-1 [email protected] http://www.debian.org/security/ Martin Schulze January 14th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 638-1] New gopher packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 638-1 [email protected] http://www.debian.org/security/ Martin Schulze January 13th, 2005 http://www.debian.org/security/faq -...

Debian DSA-639-1 : mc - several vulnerabilities

Andrew V. Samoilov has noticed that several bugfixes which were applied to the source by upstream developers of mc, the midnight commander, a file browser and manager, were not backported to the current version of mc that Debian ships in their stable release. The Common Vulnerabilities and...

DSA-639-1 mc - several

Bulletin has no description...

[SECURITY] [DSA 638-1] New gopher packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 638-1 [email protected] http://www.debian.org/security/ Martin Schulze January 13th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 638-1] New gopher packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 638-1 [email protected] http://www.debian.org/security/ Martin Schulze January 13th, 2005 http://www.debian.org/security/faq -...

Debian DSA-638-1 : gopher - several vulnerabilities

'jaguar' has discovered two security relevant problems in gopherd, the Gopher server in Debian which is part of the gopher package. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2004-0560 An integer overflow can happen when posting content of a...

DSA-638-1 gopher - several

Bulletin has no description...

Debian Linux Netkit telnetd-ssl contains a format string vulnerability

Overview Debian Linux Netkit telnetd-ssl contains a format string vulnerability that may allow a remote attacker to execute arbitrary code. Description An unspecified format string vulnerability in Debian Linux Netkit telnetd-ssl may allow a remote attacker to execute arbitrary code on a vulnerab...

CVE-2004-1214

Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in 1 a nickname or 2 message text...

CVE-2004-1192

Format string vulnerability in the lprintf function in Citadel/UX 6.27 and earlier allows remote attackers to execute arbitrary code via format string specifiers sent to the server...

CVE-2004-1153

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via an .ETD document containing format string specifiers in 1 title or 2 baseurl fields...

CVE-2004-1097

Format string vulnerability in the cherokeeloggerncsawritestring function in Cherokee 0.4.17 and earlier, when authenticating via authpam, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via format string specifiers in the URL...

Dillo browser format string bug

Format string bug in aInterfacemsg function...

[Full-Disclosure] [gentoo-announce] [ GLSA 200501-11 ] Dillo: Format string vulnerability

Gentoo Linux Security Advisory GLSA 200501-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Dillo: Format string vulnerability

Background Dillo is a small and fast multi-platform web browser based on GTK+. Description Gentoo Linux developer Tavis Ormandy found a format string bug in Dillo's handling of messages in aInterfacemsg. Impact An attacker could craft a malicious web page which, when accessed using Dillo, would...