Socket termination, format string and XSS in Soldner Secret Wars 30830

Luigi Auriemma Application: SLDNER - Secret Wars http://www.secretwars.net Versions: = 30830 Platforms: Windows Bugs: A silent socket termination B in-game format string C in-game cross site scripting versus admin Exploitation: remote, versus server B and C are in-game bugs Date: 04 Jan 2005...

3Com 3CDaemon multipe bugs

Format string bugs, buffer overflows, DoS...

CVE-2005-0280

Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via format string specifiers in a message...

top formatstring bug

Format string bug allows kmem group privilege escalation...

[UNIX] William LeFebvre "top" Format String Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

dillo -- format string vulnerability

dillo contains a format string vulnerability which could lead to execution of arbitrary code simply by viewing a web page or opening a HTML file...

CVE-2004-0998

Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbitrary code...

CVE-2004-1388

Format string vulnerability in the gpsdreport function for BerliOS GPD daemon gpsd, formerly pygps 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls...

CVE-2004-2515

Format string vulnerability in VMware Workstation 4.5.2 build-8848, if running with elevated privileges, might allow local users to execute arbitrary code via format string specifiers in command line arguments. NOTE: it is not clear if there are any default or typical circumstances under which...

CVE-2004-1805

Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in class names...

CVE-2004-1398

Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via format string specifiers in the extension argument...

CVE-2004-2714

Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability...

CVE-2004-2489

Format string vulnerability in IBM Informix Dynamic Server IDS before 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename...

CVE-2004-2386

Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function...

CVE-2004-2417

Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the 1 client hostname or 2 message-id, which are injected into a syslog message...

CVE-2004-2677

Format string vulnerability in qwik-smtpd.c in QwikMail SMTP qwik-smtpd 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the 1 clientRcptTo array, and the 2 Received and 3 messageID variables, possibly involving HELO and hostname arguments...

CVE-2004-1388

Format string vulnerability in the gpsdreport function for BerliOS GPD daemon gpsd, formerly pygps 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls...

CVE-2004-1484

Format string vulnerability in the msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message...

CVE-2004-1469

Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog...

CVE-2004-1471

Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a wrapper line...