8515 matches found
Debian DSA-014-2 : splitvt - buffer overflow and format string attack
It was reported recently that splitvt is vulnerable to numerous buffer overflow attack and a format string attack. An attacker was able to gain access to the root user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...
Debian DSA-521-1 : sup - format string vulnerability
discovered a format string vulnerability in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the supfilesrv process this process does not run automatically...
Debian DSA-449-1 : metamail - buffer overflow, format string bugs
Ulf Harnhammar discovered two format string bugs CAN-2004-0104 and two buffer overflow bugs CAN-2004-0105 in metamail, an implementation of MIME. An attacker could create a carefully-crafted mail message which will execute arbitrary code as the victim when it is opened and parsed through metamail...
Debian DSA-468-1 : emil - several vulnerabilities
Ulf Harnhammar discovered a number of vulnerabilities in emil, a filter for converting Internet mail messages. The vulnerabilities fall into two categories : - CAN-2004-0152 Buffer overflows in 1 the encodemime function, 2 the encodeuuencode function, 3 the decodeuuencode function. These bugs cou...
Debian DSA-095-1 : gpm - local root vulnerability
The package 'gpm' contains the gpm-root program, which can be used to create mouse-activated menus on the console. Among other problems, the gpm-root program contains a format string vulnerability, which allows an attacker to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security,...
Debian DSA-401-1 : hylafax - format strings
The SuSE Security Team discovered several exploitable formats string vulnerabilities in hylafax, a flexible client/server fax system, which could lead to executing arbitrary code as root on the fax server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...
GNU Sharutils 4.2.1 - Local Format String
GNU Sharutils 4.2.1 - Local Format String / GNU sharutils include include include include include include include include include define GNUSOURCE define DEFAULTDTORS...
GNU Sharutils <= 4.2.1 Local Format String PoC Exploit
No description provided by source. / GNU sharutils = 4.2.1 Local Format String POC Code C0ded by n4rk0tix a.k.a nrktx [email protected] Below is a l4m3 proof of concept code for da recently reported lame bug; These binaryz have not only format bugz, but also buffer overflowz,etc.We also...
GNU Sharutils <= 4.2.1 Local Format String PoC Exploit
Exploit for linux platform in category local exploits ====================================================== GNU Sharutils includ...
GNU Sharutils 4.2.1 - Local Format String
/ GNU sharutils include include include include include include include include include define GNUSOURCE define DEFAULTDTORSSHAR...
FreeBSD : SA-04:14.cvs
The remote host is running a version of FreeBSD which contains a version of the 'cvs' utility containing several issues : - An insufficient input validation while processing 'Entry' lines - A double-free issue - An integer overflow when processing 'Max-dotdot' commands - A format string bug when...
SUS 2.0.2 local root vulnerability
LSS Security Advisories http://security.lss.hr --- Title : SUS 2.0.2 local root vulnerability Advisory ID : LSS2004-09-01 Date : September 14th, 2004 Advisory URL: : http://security.lss.hr/index.php?page=details&ID=LSS-2004-09-01 Impact : Any user can obtain root privileges Risk level : High...
SUS (extended su) format string bug
Format string bug on syslog call...
[RLSA_03-2004] QNX ftp client format string bug
rfdslabs security advisory Title: QNX ftp client format string bug RLSA03-2004 Versions: QNX RTP 6.1 possibly others Vendor: http://www.qnx.com Date: 13 Sep 2004 Author: Julio Cesar Fort julio at rfdslabs com br 1. Introduction "QNX Software Systems has provided OS technology, development tools,...
Multipel QNX utilities bugs
Buffer overflow in Photon, format string in FTP client, race conditions in crrtrap...
RHEL 2.1 : mod_ssl (RHSA-2004:408)
An updated modssl package for Apache that fixes a format string vulnerability is now available. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A format string issue was discovered in modssl for...
Important: Red Hat Security Advisory: mod_ssl security update
An updated modssl package for Apache that fixes a format string vulnerability is now available. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A format string issue was discovered in modssl for...
Courier-IMAP <= 3.0.2-r1 auth_debug() Remote Format String Exploit
No description provided by source. / courier-imap = 3.0.2-r1 Remote Format String Vulnerability exploit Author: ktha at hush dot com Tested on FreeBSD 4.10-RELEASE with courier-imap-3.0.2 Special thanks goes to andrewg for providing the FreeBSD box. Greetings: all the guys from irc pulltheplug co...
Courier-IMAP 3.0.2-r1 - auth_debug() Remote Format String
Courier-IMAP 3.0.2-r1 - authdebug Remote Format String / courier-imap = 3.0.2-r1 Remote Format String Vulnerability exploit Author: ktha at hush dot com Tested on FreeBSD 4.10-RELEASE with courier-imap-3.0.2 Special thanks goes to andrewg for providing the FreeBSD box. Greetings: all the guys fro...
Courier-IMAP <= 3.0.2-r1 auth_debug() Remote Format String Exploit
Exploit for bsd platform in category remote exploits ================================================================== Courier-IMAP = 3.0.2-r1 authdebug Remote Format String Exploit ================================================================== / courier-imap = 3.0.2-r1 Remote Format String...